From: "Rich Gauszka" 

Microsoft has a nice feature ( 'undo disks' ) in Virtual PC to facilitate a
browser sandbox. You could probaly do something similar in VMware using a
'linked clone'

http://www.devx.com/vmspecialreport/Article/30377

The single most valuable feature of using a virtual machine for browsing is
the undo capability. Microsoft implements this with its undo disks feature.
The idea is simple: Whatever takes place in the guest machine, such as
inadvertently downloading spyware, is written to another file instead of
the principal virtual hard disk file where the OS and applications are
installed. When the browsing session ends, the guest machine is turned off
without saving any of the changes that occurred while it was running. The
undo disks feature is off by default, so you must enable it.


"Gary Britt"  wrote in message
news:453c4dec$1{at}w3.nls.net...
> What about running the browser in a virtual machine, does that keep the
> insecurities sufficiently boxed in?
>
> Gary
>
> "Geo"  wrote in message
news:453c3bbc$1{at}w3.nls.net...
>> "Mike N."  wrote in message
>> news:ubsnj2t90nffkq3jirupjjrfdmqeds7odd{at}4ax.com...
>>
>>> Take web sites that need to do anything more than serve up static pages
>>> such as webmail, etc.  Turn off activeX and Scripting and POOF, 90% of
>>> those web sites' usability vanishes.
>>
>> And that is the heart of the problem isn't it? You can't be secure if you
>> allow untrusted code to run on your machine and the websites are designed
>> not to work if you don't allow untrusted code to run on your machine.
>>
>> Proof that Microsoft, was stupid and security was an afterthought or
>> perhaps
>> just naive designers?
>>
>> There is no magic fix for this, it's a design flaw and the fix is going
>> to
>> be painful and require a change in the thinking of how the web works.
>> Client
>> side processing is insecure, it has to stop. You can make up all the
>> rules
>> you like for how it should work but what hackers do is break the rules so
>> that's a futile effort. The fix is to not run untrusted code.
>>
>> Oh, and 90% of the sites that use ActiveX, use it for the advertising,
>> not
>> for anything the viewer needs. Trust me on this, I run with it turned off
>> and all that breakes are the dancing ads for most sites. There are very
>> few
>> sites (as an overall percentage) that actually need it for functionality.
>> I
>> have under a dozen websites in my trusted zone and several of them only
>> because breaking the ads breaks the site.
>>
>> Geo. (I turned of autorefresh and redirects as well, who thinks up these
>> stupid features?)
>>
>>
>
>

--- BBBS/NT v4.01 Flag-5