Return to Level1Techs.com

Disposable VMs

Hello,

Is there any software that could let me run a disposable VM to open just a chrome window, browse the internet and destroy itself when I’m done with it?

Right now I’m using virt-manager to run ubuntu live cd, but the live cd booting and etc. just takes too long for me, and I also have to keep an eye on the iso image and update it from time to time.

I looked into ubuntu/canonical multipass but I couldn’t get it to work on my desktop (ArchLinux with KDE), I’m also not really sure if its meant for the desktop flavor of ubuntu.

Maybe Tails os is for you?
https://tails.boum.org/install/index.en.html

1 Like

Or check out QubesOS

4 Likes

Curious as to what will be the use of this…

@mixufin
I already know about it, but they are too much about anonymity and etc. All I want is vm with chromium and ublock.

@Trooper_Ish
I would have to run it as my main OS… right?

@Chevy_Monsenhor
Watching porn

3 Likes

Right on mate :rofl:
If you’re serious, i just use DuckDuckGo on my phone for that purpose

“porn”

I’ll never get used to people watching video on their phones.

Even the tablet sized monstrosities they do nowadays

1 Like

Its doable, i’m not gonna delve into the details, but its doable.
I’ve watched whole movies on my phone on certain occasions, like long bus trips.

1 Like

Docker container? Can probably script a ubuntu instance and start chrome.

2 Likes

How about snapshots?

Install a distro, setup chromium to autostart, install unlock. Shutdown the VM, take a snapshot. Then you can use the VM, and when you are done, rollback/revert to the snapshot.

I’m with @exee. Docker sounds perfect for this use case. Stumbled across a decent guide here

@exee @BigBlueHouse
Thanks, I’ll look into it, however the vm still feels a bit more secure since it’s not sharing the same kernel and has no access to the host file system, also the “–privileged” flag for docker flag looks kinda scary : /

@TheCakeIsNaOH
It still requires me to update the system from time to time.


Right now I’m considering scripting some wrapper that would work as a system daemon and would rebuild some custom init ramfs + kernel from time to time and provide some short command to tell virtd to spin up a direct kernel boot VM… however there must be a better solution out there, what I’m thinking about has to be overkill.

Boot up the VM, run sudo apt update && sudo apt upgrade, shut down the VM, make a new snapshot. If you enable ssh in the VM so as to run the update, it should be simple to make a shell script so you can do it in one command.

This is where something like Deep Freeze works wonders.

Even if it’s in a VM, it still can restore from a known good state or image.

Chrome already does a ton of sandboxing and security stuff.

And most of the exploits these days are done by asking the GPU to render something and exploiting a gpu driver bug… which can work even for VMs.

You may want to have a look at a combination of github.com/google/detangle (which automatically opens websites in a correct profile) and uMatrix/uBlock origin for “filthy casual” browsing, and either a separate machine on a separate network or maybe passthrough where you want airgap like security.

Borrow a friends computer.

I don’t have any friends.

1 Like

Ubuntu can be set up to run fully unattended updates.

This is a lot of thought for some pornography though… Surely theres a better way.

for

I dare you…

Isn’t a full blown VM overkill for running one browser?

https://distrowatch.com/weekly.php?issue=20160222#tips

For those opposed to going to Distrowatch:

Typically, when we want to run an application inside a Firejail sandbox, we can simply run the firejail command and pass it the name of the program we want to run. For example, we can launch Firefox using

firejail firefox
1 Like