-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 "Everyone loves the Whonix approach of running Tor Browser and the tor daemon in two separate Qubes VMs, e.g. anon-whonix and sys-whonix.
Let's take it a step further and run Tor Browser (or other Firefox versions) in a DisposableVM connecting through the tor VM (or through any other NetVM/ProxyVM), while storing bookmarks and logins in a persistent VM - with carefully restricted data flow. In this setup, the DisposableVM's browser can send various requests to the persistent VM: - Bookmark the current page - Let the user choose a bookmark to load - Let the user authorize logging into the current page But if the browser gets exploited, it won't be able to read all your bookmarks or login credentials and send them to the attacker. And you can restart the browser DisposableVM frequently (which shouldn't take more than 10-15 seconds) to 'shake off' such an attack." ... continued at https://github.com/rustybird/qubes-split-browser Rusty -----BEGIN PGP SIGNATURE----- iQJ8BAEBCgBmBQJYPwiVXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4NEI1OUJDRkM2MkIxMjlGRTFCMDZEMDQ0 NjlENzhGNDdBQUYyQURGAAoJEEadePR6ryrfz40P/iunQJo+8jsG1XrM+nlB66Bd D7y/fZnx8MhZi28058XvQzlyEqEIZz9T/rzbXuB67ERHkWHoHuYaYufeMG7fCrRz wTpAwX+5F4N50Cfbleq0EDYnGgdey83k7e4QqYV6mgBU/vBNLYIi8gSl0Jld9by2 /q6XP1ywGmD/qg7Quf94tgEGHPsg1CssiX6TjgcUynsC37ouChB5XLwsNJ6c72Xf YktYd+KqXfX7kCt1B1EgMa1udjvybeS4oLCh4UEC+X3bcQaaN3c5PXc3lphdzkbv Xa4qP/6sDt/Vb216zR8xuRa6TORs7YEM3Bz19ydSwcHpL2vQzwAhsajczmkW0F38 n0BSEerpyB9pOhAEL7lETqoYe8fEBJBF/h5oy7dFf5yTp5gAp4EIs4eOsxHOxwjG nJAxlYZ8gBmXg00Ed8o5AlKhBY3X1vY8wE3e54p7jXcdDaaHKOfIpafCfhhaM8CF aiCZWk6lzU3ptyzsXsCv8bESQvoDNRiKPQP4z5d5NiCTxb6kWxwhM/NTn7MfA8oq aqQwC/uuHpnHzzdv9PMSFDdeuKIIodYSzFm9FutDsXg6VyCX/04KurMjDZJF4lTL PnS3S/sP7meIMvs4xPOUXjN7HMhT7spxKAYOfOYgA+UYpvTz/gNFdNY0MZW1HCkv d5Oaet39i+NGXvDLwCo3 =dZiz -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20161130171254.GA6811%40mutt. For more options, visit https://groups.google.com/d/optout.