"KVMSurf" - Surfing safely

  Development

2013 (with updates 2018 and 2023)

A "Debian Live"-based Linux distribution optimized for Internet surfing within a KVM-based virtual machine.

Motivation

With all the malware and exploits floating around in the Internet, I wanted to have a safe environment for Internet access. As nothing was readily available fulfilling my requirements, I needed to create a solution by myself.

Description

A virtual machine that can be completely reset to its initial state after usage seems to be suited well.

These are my requirements:

Implementation

I evaluated Webconverger, a "Debian Live"-based Internet kiosk distribution, first. It seems to be great for the purpose for which it is created: e.g. for central administration or for locking down the machine. However, adaptation to personal needs like mine does not seem to be encouraged by the authors any more.

Thus I decided to create my own little distribition, also based on Debian Live. There are alternatives to that approach, e.g. for Ubuntu there is "vmbuilder" available.

I use KVM and OpenVZ a lot. For my surf station, I chose KVM to host the virtual machine for Internet surfing. With "Spice", there is an efficient remote desktop protocol available for it. I decided to tailor the virtual machine for running within KVM with a qxl graphics adaptor. This resulted in the name "KVMSurf" for the project.

With these decisions taken and while also taking the stated requirements into account, everything else is straight-forward: I created a makefile for configuring Debian Live builder and some simple bash scripts to support my needs. Et voila: KVMSurf was born!

References