Split Browser for Qubes
Everyone loves the Whonix approach of running Tor Browser and the tor daemon in two separate Qubes VMs, e.g. anon-whonix and sys-whonix.
Let's take it a step further and run Tor Browser (or other Firefox versions) in a DisposableVM connecting through the tor VM (or through any other NetVM/ProxyVM), while storing bookmarks and logins in a persistent VM - with carefully restricted data flow.
In this setup, the DisposableVM's browser can send various requests to the persistent VM:
Bookmark the current page
Let the user choose a bookmark to load
Let the user authorize logging into the current page
But if the browser gets exploited, it won't be able to read all your bookmarks or login credentials and send them to the attacker. And you can restart the browser DisposableVM frequently (which shouldn't take more than 10-15 seconds) to "shake off" such an attack.
Seems like a cool idea, but I'd assume it is just as safe to never bookmark anything and just run all Tor Browser instances in a disposable VM as per entr0py's guide below (with a note to self to check the sys-net is set to sys-whonix):
In fact, I think it is worth noting somewhere that hardcore Qubes-Whonix recommendations could arguably include:
all apparmor profiles installed in the WS and GW;
enabling seccomp in the Whonix GW torrc;
running hardened alpha Tor Browsers if adventurous due to near-term (December) sandboxing opportunities;
following Qubes guideline for MAC spoofing (ethernet and/or wi-fi; yes, I'm aware of the wi-fi spoofing problems);
running all instances of Whonix-WS in a disposable VM;
possibly running the minimal Fedora templates for all networking;
purging all unnecessary Whonix files and template applications as per Patrick's latest blog post;
possibly (?) running SE Linux in combination with apparmor via kernel changes in dom0, although I am yet to try that or see any reasonable guides or feedback on its success to date.
We should probably all be doing this to celebrate Rule 41 eve...
Moved hardening discussion part here: