Differences

This shows you the differences between two versions of the page.

--- user:yan:virt_browser [2017/02/08 21:42] – created yan
+++ user:yan:virt_browser [2017/02/21 04:41] (current) – [Amnesia virtual machine for browsing] yan
@@ Line 1: / Line 1: @@
 ====== Amnesia virtual machine for browsing ======
-As javascript features look more and more funny every new time, it looks like it would be wise to cut off browser from reach of internet, or from rest of the system - kernel, libraries, battery state information... On one hand browser in virtual is not safe (see [[user:jenda:linux-insecurity#remote_code_execution]] CVE's at bottom to get some insight), on the other it's probably still much safer than when it has access to the rest of the system. As HTTPS everywhere, ABP and NoScript started to be "must-have" Live-CD virtual variant is not an option, but perstistency means inherently also persistency of unwecomed [[https://en.wikipedia.org/wiki/Remote_administration_tool | RATs]]. Those two antagonistic demands can be resolved, when machine could be run in "amnesic-mode" once (browsing) an than in "perstistive-mode" in another (fiddling noscript, updating) occasion.
+As javascript features look more and [[https://www.vusec.net/projects/anc/|more]] funny every new time, it looks like it would be wise to cut off browser from reach of internet, or from rest of the system - kernel, libraries, battery state information... On one hand browser in virtual is not safe (see [[user:jenda:linux-insecurity#remote_code_execution]] CVE's at bottom to get some insight), on the other it's probably still much safer than when it has access to the rest of the system. As HTTPS everywhere, ABP and NoScript started to be "must-have" Live-CD virtual variant is not an option, but perstistency means inherently also persistency of unwecomed [[https://en.wikipedia.org/wiki/Remote_administration_tool | RATs]]. Those two antagonistic demands can be resolved, when machine could be run in "amnesic-mode" once (browsing) an than in "perstistive-mode" in another (fiddling noscript, updating) occasion.
 ===== Setting up host =====