Changes

NoTouch has several mechanisms in place to prevent permanent changes made by the user or a malicious software loaded by the user. These mechanisms are not unbreakable, but they provide good protection. However, even taking that aside, malicious content downloaded from the web can still operate during session runtime. Now most attacks are about abusing e.g. Flash content to bypass Windows security and finally execute Win32 code, which of course won't work on NoTouch. The risk of being attacked when using NoTouch is practically low and requires physical access to the machine, however using the browser is different than just using VDI connections: With VDI connections, such as RDP, Citrix, VMware etc. almost no interaction happens between applications inside the user desktop and NoTouch. '''Running a local browser is different, it is indeed a local application executing code locally! Firefox allows your users to download Linux applications, configuration files, thus modifying the system, install malware, spyware, keyloggers.''' Yes, typical Windows malware like Win32 code will not work, so most standard attacks fail but you can not rely on that.

Since NoTouch - being In a "thin" client operating system - does not separate different user accounts (because they are no accounts - they are all in the VDI system)nutshell, a malicious user could use Firefox we strongly suggest to prepare a coworkerput '''filtering proxy servers'''s PC with malware. in place or otherwise '''This attack vector is not possible if you use Citrixconfine Firefox to, VMwaresay, RDPa Citrix web portal, or similar... (i.e. no Firefox) sessions directly!'''(see [[#URL-based_lockdown_scenarios]])

To be NoTouch has several mechanisms in place to prevent permanent changes made by the user or a bit safermalicious software loaded by the user. These mechanisms are not unbreakable, we would recommend to implement the following strategybut they provide reasonable protection against common attacks. There are two potential attack scenarios:* Public stationsA local, such as reception-floor info terminals, should be placed in a separate subnet malicious user with filtered Internet or server connectivity but no physical access to the corporate networkmachine may outsmart the Linux security mechanisms since Firefox offers more interaction with the system than a regular VDI client* Corporate stationsA local user could open a prepared website that exploits a Firefox security vulnerability which in turn allows to Both attacks could lead to keyloggers being installed (remember, such as for end users allowed there are no user documents to use be stolen on the InternetThin Client, should be placed behind a filtering proxy server (as should any Windows PCs anyway). If PCs can be accessed by other users (e.g. unlocked cubicles) a certain rest risk can not be eliminated (like on Windows PCs actuallyso the most valuable asset are probably user's keystrokes).

Is To mitigate the risks as much as possible, we suggest:* Use at least NoTouch less secure than Windows? Not really - consider many common attacks2.38.191. Earlier versions did not implement privilege separation thus Firefox, and so its potentially malicious local user, like had a great amount control over the local-system-physical-access one. Even if you lock your PCs case and have a BIOS password - how difficult is it for an intruder (Contrary to replace a Kensington lockother Linux system though, erase even the CMOS to reset root can not modify the BIOS password OS image in NoTouch). * Public stations, such as reception-floor info terminals, should be placed in a separate subnet with physical hardware filtered Internet or server connectivity but no access, to the corporate network and boot from a different mediumreinstalled regularly or even PXE-booted. * Corporate stations, modify such as for end users allowed to use the OSInternet, whatever it is? Would you have to go that far? There are so many browser and Internet Explorer holes that most attacks on should be placed behind a filtering proxy server (as should any Windows PCs anyway). If PCs can be done easily from remote and don't even require physical accessaccessed by other users (e.g.  What we want to make you aware though is that NoTouch in general is unlocked cubicles) a very secure solution but using Firefox opens many attack vectors because people get access to the system in a way they don#t have if you simply stay with the regular VDI connectionscertain rest risk can not be eliminated (like on Windows PCs actually).