User Tools

Site Tools


user:yan:virt_browser

Amnesia virtual machine for browsing

As javascript features look more and more funny every new time, it looks like it would be wise to cut off browser from reach of internet, or from rest of the system - kernel, libraries, battery state information… On one hand browser in virtual is not safe (see remote_code_execution CVE's at bottom to get some insight), on the other it's probably still much safer than when it has access to the rest of the system. As HTTPS everywhere, ABP and NoScript started to be “must-have” Live-CD virtual variant is not an option, but perstistency means inherently also persistency of unwecomed RATs. Those two antagonistic demands can be resolved, when machine could be run in “amnesic-mode” once (browsing) an than in “perstistive-mode” in another (fiddling noscript, updating) occasion.

Setting up host

VirtualBox Approach

I do not use VBox in my native set, but when I searched for solution to this problem I ran into interesting feature. You can have VBox HDD configured to Write-through or immutable mode as it's explained on this wiki page, both options should do the trick.

KVM Approach

As I searched for “immutable mode” in KVM i found out that nothing like this exists. It can be still done by cloning “persistent” and thus creating “amnesic” or by having snapshot of HDD and every time you start to feel that cleaning should be made, revert to that snapshot.

I chose variant with cloning virtual, as I want to limit writes onto HDD. I prepared amnesic clone of persistent virtual machine. Disc of amnesic virtual machine is located on RAM (it's 2,2GB in my setup). Creating copy of perstitent disc-img to ram takes me few seconds on my HDD, on SSD it will be probably even faster. It can be automatized with cp + chown commands routine. Responsivenes in this case is much faster and importantly for users with SSD amount of disk-writes should be much lower compared to snapshot method.

Setting up guest

Size and simplicity of guest is crucial for almost all method mentioned above, those parameters are met by spartan distributions - probably gentoo, Arch-linux, and minimal spins of distros (for example debian server, ubuntu server). By keeping guest simple, attack surface area is reduced and also responsiveness of system is improved.

Straight start

Whole virtual machine is meant just for browsing. Keeping this in mind, three files should be modified to get your browser running as soon as possible.

You don't want to login to tty session, you want to do it automatically.

In /etc/systemd/system/getty.target.wants/getty\@tty1.service

ExecStart=-/sbin/agentty --noclear %I $TERM

change to:

ExecStart=-/sbin/agentty -a *username* %I $TERM

link to original idea

You want to start x automatically

Add few lines to ~/.bash_profile to start X:

if [ -z "$DISPLAY" ] && [ -n "$XDG_VTNR" ] && [ "$XDG_VTNR" -eq 1 ]; then
  exec startx
fi

link to original source

Choose your desktop enviroment wisely

Smallest desktop enviroment is no enviroment. Edit your ~/.xinitrc file based on your preferences.

 exec firefox 
user/yan/virt_browser.txt · Last modified: 2017/02/21 04:41 by yan