On 11/30/2016 12:12 PM, Rusty Bird wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512"Everyone loves the Whonix approach of running Tor Browser and the tor daemon in two separate Qubes VMs, e.g. anon-whonix and sys-whonix. Let's take it a step further and run Tor Browser (or other Firefox versions) in a DisposableVM connecting through the tor VM (or through any other NetVM/ProxyVM), while storing bookmarks and logins in a persistent VM - with carefully restricted data flow. In this setup, the DisposableVM's browser can send various requests to the persistent VM: - Bookmark the current page - Let the user choose a bookmark to load - Let the user authorize logging into the current page But if the browser gets exploited, it won't be able to read all your bookmarks or login credentials and send them to the attacker. And you can restart the browser DisposableVM frequently (which shouldn't take more than 10-15 seconds) to 'shake off' such an attack." ... continued at https://github.com/rustybird/qubes-split-browser Rusty
This looks very interesting... will be trying it our soon. Thanks! Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d6714e65-091a-5e4f-cd8c-95f10eabe92b%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
