Hi, I am using Qubes daily for a while now. One thing I think is really missing is some sort of identity management. This is most visible when browsing. You shop something on Amazon, then go to check some Facebook updates and look at WhatsApp. Then you browse Hacker News click on this link and that link, end up on Wikileaks by accident then look at which club to visit in the evening... Yes this is shit.
But convenience often wins over security/privacy. Not only do you have to assume that all sites you visit within the same VM knows everything you did in there, but also you have to assume they know all the passwords for all the other sites you visit there and basically have full control over that VM. If you don't assume that, then why are you using Qubes in the first place... I think what would solve this dilemma is a custom dom0 browser layer. The way this can work is as follows: * Each identity consists of white-listed domains and HTTPS certificates (like amazon plus all its garbage), bookmarks, history, it's own password & auto-fill store and basically everything else like it's own cookies and the works. * Trying to visit a non-white-listed website will simply not work without switching identities properly or using a special disposable identity * Two identities are never used on the same VM * You always use a new VM for each tab (there is potential for optimization, like sharing a VM per identity as long as this identity has at least one tab still open) * Each VM is disposable (no home file system sharing) and get's the corresponding identity auto-copied on boot (only the essentials for Firefox) * The browser gets installed after launch, so no kind of tracking can take place here via installation UUIDs etc. So the core feature of this dom0 browser is basically identity management and the usual tab-based browser gui with history, settings, etc. But in contrast to what we have now, this dom0 browser will also manage the VMs that run the actual browsers and blit their page view into its dom0 tab. Is there anything like that under development? Or how would you solve this issue? Cheers -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/22581429-6e04-4444-a8db-e287d122765b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.