Last time, I showed you how to use a proxy to send some (but not all) of your traffic over a VPN that lacks built-in traffic controls. I’ve been running that setup for a few months now, and it’s been especially powerful during this season of working from home.
After writing that guide, I found a new tool that makes my selective VPN recipe even sweeter. Here’s how I use a little app called Choosy to reduce the headaches of a multi-browser lifestyle. I hope it saves you some time too.
Every day, while building my client’s web app, I log into their corporate VPN. It helps defend their organization from hackers, corporate espionage, bots, etc. While most of us don’t often need to use VPNs for personal security, they can be invaluable tools for big companies.
VPNs Are Great
Corporate VPNs are usually built to service the needs of employees, especially those using company-issued devices, so they often funnel all communications through the company’s VPN server. Those devices usually come with formal and informal agreements about what can and cannot be accessed, so overall, it’s a pretty fair strategy. The company bought the device and has a vested interest in protecting everything that happens on it.
But Also Kind of a Pain
Whenever I use a corporate VPN, I isolate it and only use it for traffic related to that client’s project. Why? As a consultant, I work with clients who trust me to keep their data safe. I have a responsibility, not just to my current client, but to everyone that I’ve worked for in the past. Although every bit of my network traffic is wrapped in thick layers of encryption already, sending data from one client over another client’s network isn’t something that I’m comfortable with. Good fences make good neighbors, and good crypto does too.
As a side perk, this strategy (isolating the corporate VPN) usually speeds up my overall computing experience. Skipping the VPN for non-project traffic often makes video calls much less jittery and StackOverflow much snappier.
And Only Because of My Odd Setup
On my current project, my proxy setup only works with Firefox and Chrome, so I want to open any work-related links in one of those two browsers. My default browser is Safari for uninteresting reasons. This setup means that when I click a project link in our Slack channel, it automatically opens in a browser that (since it isn’t connected to my proxy) can’t do anything to help me get my work done.
If I’m being careful, I’ll right-click the link, copy it, open up Firefox, and paste it in, but honestly, who has the time? And even if I did have the time, I don’t want to babysit my computer. It should work for me, not the other way around.
Choosy Devs Choose Choosy
Whenever you click a link in an app like Slack, VS Code, or Mail, Choosy handles the link instead of sending it to a normal browser like Safari. It isn’t actually a web browser. It won’t let you read the New York Times or chill out on YouTube, but it knows about all of the web browsers that you have installed. After you teach it some basic rules using a truly wonderful rule-building UI (reminiscent of the Smart Playlists in Music), it can automatically direct the link you just clicked to open in any of the browsers that you have installed.
That means whenever I click on a Slack message from another dev on the team to do some manual testing, Choosy sees that I’m heading for
staging.my-secretly-secret-project.net and opens that in Firefox. Since I have FoxyProxy set up in Firefox to send all
secretly-secret-project requests through the corporate VPN, I can see all my project-related information, regardless of where I am, without having to run any extra VPN software directly on my main machine.
When I use Alfred to open one of my recipe bookmarks to plan my next trip to the grocery store, Choosy directs me to Safari. This all happens completely in the background. I set up the rules a few weeks ago and haven’t thought about them since.
It’s Just Really Nice
Choosy is one of those great Mac apps written by someone who clearly gets the Mac as a platform. It’s got a dead-simple interface that looks and feels native. It provides one clearly defined utility.
There’s a free trial, and if it makes your life easier, you can pay a one-time fee to keep using it indefinitely (or until Apple changes the API). At $10, it’s not something that I would recommend to everyone, but if you do the sorts of things that I do to protect my client’s traffic, it’s a really easy spend.