Read-Only and Isolated Windows Browser

[Snorkasaurus]

Greetings Folks,

With XP going EOL I now find myself trying to compensate with some additional software. Essentially what I want is the ability to setup a browser, install a few plugins/addons (such as flash player and adblock), configure some settings, and then "take a snapshot of it" so to speak. I would like to be able to run the application from a single shortcut (like any other typical Windows application), and then when I close it, I would like it to revert back to the snapshot I took. I don't care if the terminology is "snapshot", but I want the application to lose any configuration, toolbars, plugins, viruses, and garbageware every time it is closed. Additionally, some level of isolation from XP would be nice, such as not being able to write to any directory outside of it's own (perhaps similar in design to a chroot jail), not having access to the clipboard, and not having the ability to spawn child processes.

The closest I have found so far is to:

1. setup VirtualBox
2. create & setup a Linux based virtual machine
3. configure autologin and a browser
4. delete the virtual machine but do not delete the files
5. set the virtual hard drive as "immutable" with vboxmanage
6. create a new VM
7. point the new VM at the preconfigured hard drive

This does create the desired effect, and the VM is reset to its previous state each time it is shut down... however I was hoping for something with less overhead (it runs like total crap on a P4 w/ 2G of memory). I am open to the idea of application virtualization (rather than OS virtualization), but not cloud storage. I strongly prefer something that does not require Microsoft .NET, Java, Python, Perl, Visual Basic Run Time files, Visual C++ Run Time files, or any other supporting software that could be considered an external interpreter, but might make an exception if I could find a solution that is otherwise stellar.


Any suggestions greatly appreciated!
S.

[viking60]

Hm is this not what a live CD does?

[Snorkasaurus]

Hm is this not what a live CD does?

Hey v60,

It is... almost. The part that sucks about a live CD is that it requires two reboots (one to start it, and one to get back to the original OS). On a P4 w/ 2G of memory that means more than five minutes of watching it booting up and down just to do some banking. It would really be nice if there was a way to do this without having to leave the original OS.

S.

[Snorkasaurus]

For now the best I can come up with is Cameyo which claims to be "application virtualization"... though I think "application packaging" is a more appropriate term. Anyways, it takes a snapshot before and after an application install and then does a comparison of files and registry entries. I have used similar software in the past and I find Cameyo to be fairly fast and intuitive.

So I did an install of SeaMonkey v2.8 with AdBlock Plus and Flash Player, then setup the menus and preferences, and created a self contained EXE out of it. Then Cameyo has an option to edit the package, where I setup a few options to make it behave the way I like - including not having the ability to modify the host system at all. So when I run it (on another VM) I get about a 5-10 second period where it has to extract out the contents of the package and then start the application. Flash works, all the preferences are retained, and when I close the application it completely cleans out the temp stuff leaving only the original package executable. No cache, no cookies, no history, no registry changes, no files saved to the drive, nothing. I can configure SeaMonkey and even add plugins or toolbars to it, but when I close the application they all disappear... best of all I can't even download files to my desktop with it (a download appears to run but it can't write anything outside of the package directory). I need to figure out exactly how it is blocking access to the local filesystem and registry to determine if this is going to be a reliable way to keep browser induced junkware at bay.

PS: They have a number of pre-packaged applications that you can download but the list includes trialware and other non-free apps which I don't think should be there.

PS2: The downside of this method is that if I decide to change something simple like "adding a bookmark" I have to rerun the whole packaging process all over again because there isn't a clean way to do this once the package has been saved.

S.

[Snorkasaurus]

PS3: This is a really nifty way of creating portable applications out of almost anything.
S.