Hi, which operating system (not mobile) provides the best protection against “a malicious webpage can hijack the entire system.”?
Mostly i want to know if Macos or iPados provide any more protections in this case versus Linux (Fedora Workstation or even Ubuntu when using the borwser as a snap package).
I know that probably Chromeos or Qubes will be best in this situation but they have other isssues.
Technically any OS can be good if you use it within a VM on your computer.
But I am not a cybersecurity expert so I can’t answer which other OS will indeed be able to successfully mitigate such an attack if such an attack even exists. Hopefully someone else can answer better.
Ublock Origin (base or with additional blocklists) is pretty damn good at catching malicious webpages.
Or use any browser using SafeBrowsing (although at the cost of some privacy)
This is what I recommend to people that want some extra webbrowser security.
Most mainstream OSs won’t offer robust protection if you yourself knowingly run malware from root. Linux is especially weak in that regard, I would expect your Mac to have the advantage
But I second @JG, youre safe if you run it in a VM (virtualbox or VMware has pretty robust support across OSs) or setup Qubes to achieve out-of-the-box VM compartmentalization across the system
(This is not a tier list)
Do the nature of ChromeOS being built for the Cloud I normally don’t recommend it.
The more important question should be the browser, extensions, adblockers.
If you want to stay secure against wepbage hijacking the first layer you should touch is the browser. Depending on the OS you choose I would use Mullvad Browser, Tor Browser or the LibreWolf Browser with hardened uBlock Origin and Javascript disabled (if it works for you).
In addition, you should use a DNS based ad blocker like Adguard or NextDNS.
When you have the resources you could also build a OPNSense with IDS/IPS that tries to mitigate futher.
If you want to build a malware labor I would recommend you to do this inside a KVM on a dedicated device.
I think the base OS is not very important for this question. The answer you’re looking for is any Chromium-based browser as they have much better sandboxing than Firefox-based browsers. Sandboxing is what keeps a web page from hijacking your entire system and keeps its scope limited to your browser’s tab’s process. The exploit would need to be some crazy day 0 that somehow knows how to escape Chromium’s sandbox which is highly unlikely imo.
Chromium-based browser as they have much better sandboxing than Firefox-based browsers.
I’m not so deep into the topic of browsers.
But I know that chromium has a better isolation than Firefox, however is this even true if you look into things like Tor Browser or Mullvad Browser?
I’m not a browser security expert either but AFAIK, tor and mullvad don’t magically fix Firefox’s internals and make its sandbox as good as Chromium’s. They do force UBO and NoScript, which help mitigate some types of attacks like XSS. Those won’t help if a website suddenly starts serving its own malware directly (not from a third party domain).
ChromeOS isn’t built for Cloud but for Chromebooks? You’re probably thinking of “Container-optimized OS” which can be deployed to Google Cloud Platform, and is apparently is based on ChromeOS.
Regardless, folks at Clan, for the self-hosting community if for no one else, have taken inspiration from projects like ChromeOS and are building some exciting stuff: Towards a secure peer-to-peer app platform for Clan | Clan (mirror).
@JG is right. For that threat model, you’re looking at a VM-level boundary; ie, you want to be running your browser inside a VM / micro VM.
I’ve seen this claim made by some Security folks I consider credible …
That said, Chrome’s sandbox isn’t strong enough (though, it is pretty good!) for the threat model laid out by OP.
ChromeOS isn’t built for Cloud but for Chromebooks? You’re probably thinking of “Container-optimized OS” which can be deployed to Google Cloud Platform, and is apparently is based on ChromeOS.
Google itself labels ChromeOS as an Operating System built “cloud first” (https://chromeos.google).
What I mean with cloud is that everything lives inside a cloud like the Google cloud with Google Drive and Google Docs.
But maybe I’m wrong on this, since I never used ChromeOS and only got this impression from a few articles I read a while ago.
I found this tool that could help you. It’s the easiest way to do VMs if that’s the route you go:
QubesOS’ security is built on the assumption something like this could happen while still keeping the rest of your system secure. While you can sort of get a similar result by using KVM or VirtualBox, Xen (used by QubesOS) is a more secure hypervisor and is worth the trouble if you must assume you’ll be compromised. Choosing a more secure browser (Trivalent, hardened Chromium, or hardened Brave) would likely be beneficial as well.
just to be clear, atomic distros are not inherently more secure, they are not a security boundary, they do not enforce any integrity for the system
If you’ve heard of qubesos then you’ve probaby also heard of tails and whonix. Qubes is to be installed on a disk, Tails is ran off a external storage, and Whonix is used as 2 virtual machines ran at once.