Hi,
you can actually run the browser in virtual machine. No need for complicated setup, liveCD should be fine. If you would like to configure it deeply, install the virtual system and make a clear ready-to-use snapshot.

The network communication can be even obfuscated by proxies/TOR as needed without any knowledge/influence of the hosting system.

sachy


---------- Původní zpráva ----------
Od: timothyhobbs@seznam.cz
Komu: Brmlab: Hackerspace Prague (main discussion) <brmlab@brmlab.cz>
Datum: 14. 3. 2014 9:44:03
Předmět: Re: [Brmlab] most secure web browser for a laptop/desktop computer


Hey!

<snark>

Tell me more about your usecase.  One can get pretty far, by installing chromium on the raspberri pi, setting the "read only" physical switch on your SD card to true, connecting to the PI via VNC, and rebooting the pi on every page refresh.  If you want to do "tabbed browsing" you can have a stack of 5 or six Pi's on your desk, with one Pi per tab.  How secure do you need?

</snark>

Joking aside,  chromium has a security model of putting each tab in it's own user namespace.  This should be pretty secure, though privilege escalation attacks on Linux are far from unheard of.  Firefox, on the other hand, has many more security options in terms of "limiting attack surfaces".  On firefox you can "lock the browser down" by dissabling scripts, images, multimedia, ect.

<snark>
Other good browsers, for the extremely paranoid, are the text based ones.  This comes from the ease with which one can do a practical version of my previous Raspberi pi stacking joke, throw links or elinks(both browsers of Czech heritage) into a VM running something light like busybox, and ssh in to browse the web.  Make sure your VMs are stateless(the same as having that physical read only switch turned on on the raspberry pi) and that you restart them every couple of minutes while web browsing.  These text based browsers have an advantage, for us brmlab members.  If you choose to use, say elinks, then you can personally go and beat the shit out of pasky if you find a security flaw in it.  This should motivate him to ensure high coding standards, and not to waste time doing useless biolab research and other time-wasters like sleeping.

While we're dealing with security, we have yet to discuss such security methods as proxies and tor.  Of course you don't want an attacker to gain access to your system.  One of the greatest threats is physical access.  If the police come to your house, break down your door, and steal your laptop they may be able to access your bank account information.  To limit these risks, of course encrypted memory, and writing nothing to disk can help.  I like to make it an integral part of my houses alarm system, that if the door is opened unexpectedly, my computer restarts, thus ensuring all my data(which is held in an encrypted ram disk, is safely lost).  However, there is still risk.  So in order to escape that risk, we use TOR and other services.  My recommendation is to not use TOR directly but through several layers of proxy.

</snark>

Timothy

---------- Původní zpráva ----------
Od: Mario Lombardo <mario@alienscience.com>
Komu: Brmlab: Hackerspace Prague (main discussion) <brmlab@brmlab.cz>
Datum: 14. 3. 2014 0:14:30
Předmět: [Brmlab] most secure web browser for a laptop/desktop computer


Hi everybody.
I don't want to start a holy war, but what do you consider the most secure web browser for a laptop/desktop OS? Academic replies are also welcome.
zatím
/mario

_______________________________________________
Brmlab mailing list
Brmlab@brmlab.cz
http://brmlab.cz/cgi-bin/mailman/listinfo/brmlab
_______________________________________________
Brmlab mailing list
Brmlab@brmlab.cz
http://brmlab.cz/cgi-bin/mailman/listinfo/brmlab