@bayesian
Thank you for sharing this.
I too have done this some time ago, but I’m not sure what the specific variable is to set ‘my filters’ for Ublock Origin in the policies.json, is it:
I carefully followed the instructions, but in the end my disposable-vm does not exactly do what it should. (e.g. some search engines are not removed).
Here is what I did:
Cloned debian-11 template
Followed the instructions above, and used the cloned debian11 template to insert the user.js into firefox.cfg, placed the policies.json in the right directory and so on. All worked fine.
I created a debian-11-DISPVM on basis of a the debian-11-clone-Template
In the end I created a disposable-vm “Firefox-Disp” with the following settings:
Basic: Template debian-11-clone
Advanced: Disposable Template / Default Disposable Template: debian-11-DISPVM
Now, when I start the disposable Firefox-Disp I get an empty page with Noscript and Ublock installed. Default search engine is startpage, although I have to actively select it in the search field. Amazon and wikipedia search are still there, though the policies.json says to uninstall them. Did anyone succeed in placing bookmarks into the policies.json?
I seems the policies.json works in my case only partially.
Did I miss something vital? Any suggestions are welcome.
My second question:
I use a regular app-vm for surfing on basis of fedora-36. The Firefox in there is hardened and fairly secure (ublock,canvas blocker, multi account and temp. container, jshelter and moderate user.js). I use bookmarks and a 30 digit master-password for my passwords (I know there is a better but less convenient solution with Keepass-XC).
With this configuration I cloned the app-vm and made it disposable:
When I start the cloned app-vm it naturally starts as disposable with all the above mentioned convenient Firefox ingredients: Now this sounds to good to be true: I have a convenient firefox as I want it to be, and the whole thing is self-destructive after shutdown. My question is now, if there would be any security issue in this configuration. If this would be a fairly secure working solution then it would make the whole configuration with arkenfox user.js, Autoconfig and policies.json look obsolete.
You’re still subject to profile fingerprinting, since you keep using the same profile that was created the first time in your original AppVM. From a security standpoint, it’s as secure as when you cloned it. It’s up to you to decide what you care about.
Thanks for help. Regarding fingerprinting I expected something like what you mentioned.
Other issues as bookmarks, search engines and startpage I was able to solve yesterday. In the end I tried to get even better adjusting policies.json an firefox.cfg and messed it up again and now Google is back and addons are gone. A simple bakup of the VM-Template would have been fine. Hope to be able to fix this today.
Make sure you have root permissions since you are editing /usr folder. You can run open a terminal in the desired templateVM as root user with:
qvm-run -u root template-something xterm
in the dom0 terminal.
Additionally, please understand that some files, example the /usr/lib/firefox-esr/firefox.cfg, do not exist in a default “vanilla” firefox/firefox-esr fresh install. And the whole idea behind this tutorial is to create some of those files.
Thanks for that, actually got it all working, except about:debugging gets blocked when using this, so I need to figure that out as I upload local addons from time to time for testing.
If anyone knows what setting activates/disables it please let me know as I’ve been stuck for a few hours and have pretty much exhausted the wiki
Now that I finally have a stable Firefox-DispVM with some bookmarks, it would be fine to have some login credentials for more convenience e.g with KeepassXC installed with some parameters in a similar way as ublock and noscript. I do not know if this is what arkenoi refers to in his “password management how to”, and if so, this would be far beyond my technical (and english) understanding.
Finally, an overall question arises for me: if I have bookmarks, ublock, noscript and maybe Keepass in my DispVM, would that be a fingerprinting issue regarding advanced algorithms? Or would each and every dispxxx still be unique and could not be profiled?
Fingerprinting is somewhat irrelevant of dispXXXX VMs. I mean, a lot of advanced fingerprinting algorithms will use stuff like IP address, screen resolution, timezone, language, openGL version, and other things that it is beyond the scope of a disposable VM.
In my honest opinion, browser dispVMs are not for anonymity (i.e. fingerprinting issues) but for security issues. You can click/visit those nasty sites that you would never do in a personal computer in a dispVM. As long as you don’t put any personal data and you shutdown the dispVM, any malware that would infect the computer is long gone along with the dispVM. This is how I use my browser dispVM. If I want fingerprinting resistance/anonymity I’ll use a Whonix dispVM with Tor Browser.
As I recall, though, using the Arkenfox style of preconfiguring Firefox with firefox.cfg basically stomps on the keyboard shortcuts that Rustybird’s split browser needs. I know in order to get split browser to work I had to start with a plain firefox install, and not install the Arkenfox policies and firefox.cfg. So, is it a case of “never the twain shall meet?”
(I’m calling it “Arkenfox” but I realize that strictly speaking it’s Arkenfox as extended by you (BEBF738VD) in the original post of this thread. A bit of verbal shorthand that I use at the price of possibly being perceived to minimize your contribution, so let me acknowledge it here.)
I’m actually going to try to work on this now–I’ve finally got a bookmark menu (C++/Gtk) that allows for nested lists of bookmarks to integrate with RustyBird’s schema. (I even have code to import an HTML bookmark export file.) But I want the split browser windows to be Arkenfox-style hardened/configured, too. Yes I want it all–bookmarks separated from a window with no “fingerprint” and a bunch of ad-preventions built in. (I think I can see where to plug in the contents of the firefox.cfg file generated in Part 1 into the split-browser setup…will try some evening soon.)