someone Posted December 18, 2009 Share Posted December 18, 2009 This can be interesting:Information retired from wilderssecurity: Post from SteveTX (from xerobank service):It is a VPN solution. It is the new xB Browser (Chromium edition) inside a secure linux virtual machine. The virtual machine exports the browser to your native desktop so it appears just like a normal browser window on your OS without the linux frame. The linux VM has a VPN connection (like JanusVM) back to your localhost machine via VirtualBox/VMWare/QEMU etc. The VM then creates a SSL tunnel over the VPN connection and tunnels to XeroBank. It then initiates an authenticated SOCKS5 connection inside the encrypted tunnel. This particular implementation is designed to do web surfing, but we can expand it to any programs we want inside the VM such as email, chat, skype, etc.So not only do you get a VPN connection of all the traffic, it comes in a transparent, portable, secure, encrypted OS that is immune to spyware, malware, viruses, etc.Post from goldenone (from xerobank too):I thought I should jump in here and make some minor corrections and elaborate some more as I'm the developer who put this project together. Steve was pleasantly surprised when I showed him what I'm about to explain to you.Let's start from the beginning with a basic run down.You have a Virtual Machine, and inside this VM is CoreLinux (Ubuntu based) which is small and designed for custom solutions.Then you have a web browser called Chromium. The web browser uses a proxy, which is connected to our servers over SSL.I include xPDF to view PDF files. Just click on the download once it's finished.Now this is where things start to get a bit different. Normal VM's are only accessible through the VM's window, which is usually the size of the desktop you've set IN the VM. So I thought it would be neat to "export" the browser window back to the host OS, and break out of the traditional VM window. What this does is create an appearance as though the browser is an application that's running in your host OS, when it is really running INSIDE the VM. It creates a button in your Windows systray like any application, and allows you to resize, minimize, or maximize the window.So the whole time you feel like you're using a regular browser even though it's really running inside the VM. This is done using the X11 protocol, and requires Xming for Windows users. Mac and Linux tests have worked very well since X is the graphic manager of both Linux and Mac OS X.Further more, the VM is packed inside an ISO file. This ISO file is used by the VM as a Bootable CD, or it can be burned to a CD-ROM and used as a bootable CD on bare metal hardware as well (just select the "Local X" boot option). The primary reason for putting the entire OS inside an ISO was to protect it from getting infected by rootkits/viruses/trojans/etc permanently. Every time you boot the Browser VM you know you are running from a known good state (unless your host OS is already infected then all bets are off). If you burn a bootable CD-ROM (and finalize the CD), you can't write data back to that CD because it's treated as READ ONLY. So any changes that are made to the Browser VM while it's running are wiped out with a reboot.I wanted a solution I could use that would allow me to surf anywhere on the Internet and not catch a virtual STD. (Insert clever Trojan joke here...)This has some drawbacks. That means no saving bookmarks, history, or cookies. Correction: Google now allows you to "Sync" your bookmarks with your Google account. Neato. We can save files though. The *temporary* solution to saving downloads was to create a Share on the HOST OS, and mount that Share from inside the VM using Samba. I know, this probably isn't the best way to address the issue, but every solution I've thought of has a down side of adding an extra user to the end-user's system, or requiring the user's real login and password to the Host OS, and I really don't like that idea....I'm sure you don't either. So yeah, NetBIOS and Samba for the win?....ugh. Suggestions welcome. Their's room for improvement, I know, but at least you can save Downloads for now.Next problem, Printing. I get to pass the buck on this one to Chromium. Linux printing support is still being developed for Chromium, and you'll get it shortly after they implement it.Next, not necessary a problem, but something worth noting is Audio/Video playback. This supports HTML5 Audio and Video HTML tags. The browser includes Flash. Youtube, Hulu, etc.. are watchable, just not in full screen. Full screen is very, very choppy video, so try and watch in native resolution or in HD. Facebook and Myspace are sooo over bloated with damn Flash ads, it can cause some delay's in web page renderings and video playback. I don't know exactly why this happens, Flash just sucks that way.Note: There is a boot option to disable plugins (Flash, Audio/Video). I'm sure more bugs will show up, but I've been using this for about 2 months and I absolutely love not having to trust the websites to not have bad things that infect my PC because my damn browser failed at security, again and again and again. When malware authors spend millions of dollars and manage to get their spyware Ads into the major media sites, you know shits gone really bad. FTR, this project started at http://www.janusvm.com/chromium_vm/index.htmlIt has documentation, setup instructions, and is available for Download...for free. Check it out.Originally this was called the Chromium Browser VM. The Chromium Browser VM supports normal (not anonymous) browsing, Tor, but not Xerobank. It has Transmission, a torrent client, built in to support downloading torrents. It also supports torrents over Tor. Tested with TPB and a well shared movie, and it worked over Tor...very, very slow though...as expected with Tor.Xerobank's Browser VM uses Xerobank services, obviously, and has the same guts as the Chromium Browser VM.The different versions of the Browser VM have been referred to as:Xerobank Browser VM (Paid Service)vsXerobank Browser VM (Free Edition) -- No torrent support, transmission removed. Sorry.vsChromium Browser VM -- Supports Torrents, supports Tor, but not Xerobank.The major differences being, one uses the paid for services, and one uses the free services. Pricing and usage policies of paid for or free services is not my responsibility.One last thing. The performance benchmarks on this kick FF and IE in the face. Chromium in a VM is almost as fast as Chrome in the Host OS, both of which run three to six times faster than FF and IE. Sorry Mozilla, but your browser just got smoked on performance. Why people still use IE, I'll never understand.Third-party browser plugins are dangerous to the browser as they expose more attack-surface-area for hackers to exploit, and Adobe alone is reason enough to be scared of that fact. Virtualizing specific applications for specific needs is going to be the future of securing your PC from malicious code on the internet.I surf safer on the Internet now. You should too, whether it's normal browsing, anonymous browsing, paid for or free. I'm sorry if this doesn't fit your every anonymity/privacy/security need, but it's free software with a specific purpose in mind. Updates will be pushed out regularly once the automated build systems are in place.If you like this project then please consider Xerobank services. We're working hard to keep you safe on the Internet.Happy Holidays and safe surfing,Kylehomepage:http://anonymz.com/?https://xerobank.com/ Link to comment Share on other sites More sharing options...
Sl@pSh0ck™ Posted December 18, 2009 Share Posted December 18, 2009 This sounds like a great idea, but I don't want to complicate things so I think I would stick with my current setup - a sandboxed firefox. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.