site  news  contact

Ultra-secure web browsing

December 11, 2019 — BarryK

EasyOS is designed from the ground-up to use containers. Any app can be run in a container, such as Chromium, Firefox, or whatever is your favourite browser, and there is isolation from the rest of the system.

Containerized apps appear on the desktop as icons with a padlock symbol on them, as you can see here:

img1

You can even have a complete desktop in a container, which is what the "pyro" icon in the above snapshot will run if you click on it.

Icon "www" will run the SeaMonkey web browser, and "console" will run the Sakura terminal emulator in a container.

Containers are easy to create and use, which you will find when you get to use EasyOS. They offer security, however, the very nature of containers is that they must share resources with the main desktop, for example, the screen, network and sound. This sharing, or lack of complete isolation, does mean that security is not perfect.

Everything is relative of course, and the security of containers is certainly a big step in the right direction. However, EasyOS also offers something else, total isolation...

Total isolation, the ultimate security

Firstly, what do you want to be isolated from? The answer is very simple: the drives on your computer.

What you want to do is browse the Internet, access bank account, or whatever, then shutdown. With no record, you were never there, no trace on the hard drives. Nothing, it never happened.

So even if you went to a website that somehow compromised your system. You just shutdown, and the intruder is gone, wiped out. If one of those ransom-ware intruders gets in and then tells you that your files are encrypted and you must pay $5000 to un-encrypt them, you just laugh and turn off your computer.

The means to achieve this protection is to run totally in RAM and totally disable the computer drives...

Boot running totally in RAM

EasyOS has a boot menu item, "Copy session to RAM & disable drives". Here is a snapshot when booting:

img2

You would not choose this the very first time that you run EasyOS, you would do a normal bootup and setup Internet connection, gmail login, or whatever. This pre-configures everything as you want.

The next time that you bootup, choose "Copy session to RAM & disable drives", and the previous session will be copied to RAM, and you will have a desktop, with a major difference, no drives.

There is a usability detail that must be mentioned: EasyOS uses the ReFind boot manager, which remembers your last menu choice, That means for future bootups, you don't have to move the menu selection down to "Copy session to RAM & disable drives" -- it will already be selected. There is a timeout, so you don't have to do anything, just turn on the computer and it will bootup to the last menu selection. Very convenient.

Here is the desktop. Normal looking, but the usual drive partition icons are missing:

img3

...notice, no container icons either. You are already totally isolated, no need for containers.

You are still running as the 'root' user, with administrator rights, except somewhat curtailed, as you cannot access any drives. And if you cannot access any drives, neither can an intruder.

How to share files

You are running in RAM, no access to the computer's drives, but here is the trick: if you plug in a USB stick, it will be usable. Any drive that you physically plug in (or re-plug) is usable.

Say that you downloaded a file from the web, and you want to save it permanently. Just plug in a USB-stick and save it. Or if you have booted from a USB-stick, just re-plug it -- note, you cannot do this from software, it has to be an actual physical plug-in or re-plug.

In this photo, some screen snapshots were taken, so a USB-stick was plugged in, and then files could be copied to it:

img3

...sdb1 and sdb2 are partitions on the USB-stick, and sdb2 was mounted just by clicking the icon.

What if you want to make a change, maybe to the preferences of the web browser? No problem, just do a normal bootup, and make the changes.

This feature of EasyOS is becoming increasingly recognised as something very special, but how is it done?

How it is done

In a nutshell, the initramfs, or initrd, drops certain Linux Capabilities when it performs a switch_root to the main desktop in RAM, which drops all capability of accessing the drives.

For EasyOS versions 2.2 or later in the Buster series, or 1.3 or later in the Pyro series, the 5.4.x Linux kernel has the "lockdown" feature, that is an extra level of security, to prevent any extra-clever method of peeking into the kernel to access the drives. 

The switch_root is onto a layered filesystem (using aufs), with 'easy.sfs' read-only bottom layer and RAM (actually a zram device) as top read-write layer.

These are technical details, which need not concern a user. 

One technical detail that is useful for the user to know, is that "zram" is used, meaning compressed RAM. What this means is that even if your PC has little RAM, say only 4GB, all files are stored compressed, so you will actually have almost twice that space, maybe 6 or 7GB free.

Note, it is recommended that a computer with at least 4GB RAM be used. Anything less, such as 2GB, you might have problems with running out of RAM space. Though, 2GB might be Ok if you are careful -- there is a "storage" icon in the system tray, so you will always know how much RAM space you have left.

How to run extra apps

As mentioned above, 'easy.sfs' is the bottom layer. This is a file that has all of EasyOS, so you have LibreOffice, SeaMonkey, Inkscape, etc., etc. But what if you want another app, such as Firefox?

Very simple, do a normal bootup and install the app. In a normal bootup, the desktop has "petget" and "sfsget" icons.

The former, "petget", is the traditional package manager, and install whatever you want.

"sfsget" installs SFS files, such as Firefox. You will be offered to install the SFS as a container or to the main desktop -- choose the main desktop.

Next time that you boot with "Copy session to RAM & disable drives", whatever you installed with "petget" and "sfsget" will be available. 

Disclaimers

Of course there cannot be an absolute guarantee of security, but it is looking good. If you are a Linux wiz and able to identify any way to access the drives, please communicate with Barry, via the "Contact me" link at the top of this web page.

There have to be the usual disclaimers, that although Barry, the creator and maintainer of EasyOS, has acted in good faith, you use EasyOS entirely at your own risk.  Further legal details are here.

Tags: user