K
K
Kiki552018-06-21 05:46:33
Browsers
Kiki55, 2018-06-21 05:46:33

Is it possible to create an iron Internet browser that will be completely isolated from the OS?

Let's assume that most of the code, including js, will handle it itself, with the exception of the video stream and complex calculations. Passwords will be completely isolated and sent using a newly created protocol. The PC, by and large, will only receive code for rendering.
From itself, it will be a USB stick or pci module.
It will be the safest Internet surfing xD I saw how a guy came up with an endless flash drive (nonsense in my opinion), but this is in my humble opinion.
PS If anything, my idea :P (I'll take a share of promising developers)
PPS Anatoly Chubais - please do not disturb.

Answer the question

In order to leave comments, you need to log in

7 answer(s)
C
CityCat4, 2018-06-21
@CityCat4

Again, the school came running with stupid questions ... It is enough to read the phrase about the "newly created protocol" - and everything is clear. Enough darkness - to create a protocol?

S
Stalker_RED, 2018-06-21
@Stalker_RED

whonix, tails and torbrowser look at this list with bewilderment.
And a tablet passed by, and said that it was generally so autonomous that it even had its own screen and battery.
Could you please be more specific about your requirements.

M
Mercury13, 2018-06-21
@Mercury13

1. The main question: what do you think is "iron"?
If this is a separate processor with an OS and a program, we have come to where we started from: since there is a program for the von Neumann architecture, it can also be hacked and get passwords.
As Adamos noted , only Flash is updated more often than a browser, and browsers are written by high-class specialists. When Techner "left" the Opera, the browser began to stutter.
2. Well, we are making a real iron browser, for example, on an FPGA - only it will cost hundreds or thousands of dollars, it is not clear how to combine the von Neumann architecture and the FPGA, and it is not clear how to update.
3. Then there are the conceptual problems of the web: XSS, XSRF, third-party eavesdropping (let's say a digital print by drawing text on a canvas). As you know, between security and dancing cats, the layman will choose cats - so they began to screw up, and more and more problems are found in these bells and whistles. To be safe, you need to identify the channel, deviate (!) from the specification and make it noisy.
They try to make Chrome (and with it Yandex, and Khropera, and then Ryzhaya connected) not fail-safe, but fail-safe: so that it would be extremely difficult to bring hacking to real mastery of the system. And to do this, they use the black hat mechanism that is available in Windows: sharing memory for processes. (That's why, by the way, they say that the memory is devoured with the sound "chrome-chrome".) In our simple processor, there will probably be a simplified OS without such memory protection.
Finally, the typical browser is very fat, partly due to "defensive" programming, partly due to complex specifications, partly due to "evil" optimizations. Do you really want to solder gigabytes of RAM into the stick?
Where do passwords come from?
1. They eavesdrop on a Trojan. Since we introduce them, it means that we can eavesdrop. Or will we connect the keyboard to our browser too?
2. Pick up. It is extremely rare and usually the owner of the password is an evil Pinocchio himself.
3. They leak in clear text or with insufficient cipher strength. The iron is powerless.
4. The server itself hands over the data to whoever needs it. The iron is powerless.
5. The provider itself re-encrypts the traffic and requires you to install a self-signed certificate. The iron is powerless.
6. Gypsy. The user is an evil pinocchio to himself.
And at the far-near-last place, a browser hack.

G
GavriKos, 2018-06-21
@GavriKos

If the piece of iron is completely isolated from the OS installed on the PC, then the firmware of the piece of iron itself must perform the functions of the OS (communication with peripherals, at least). Which leaves all the same potential holes.

A
Adamos, 2018-06-21
@Adamos

The browser is the most frequently updated program in modern operating systems.
At the same time, behind any browser there is a team of high-class specialists - and all the same, in each update, the discovered holes are patched.
The iron implementation of the program in the first place makes it difficult to update it.
So your idea is "let's walk on all fours, it should also be faster."

F
FeNUMe, 2018-06-21
@FeNUMe

If you want a browser on hardware, take a Chromebook with ChromeOS and no need to reinvent the wheel.

N
notrix, 2018-06-21
@notrix

add to FeNUMe If you
want a browser "on hardware", take a Chromebook with ChromeOS, make a flash drive or pci out of it and you're done.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question