It appears you're both in agreement, in terms of the ImmunityZone browser.oldnewb wrote:No, that is not the whole thing. That would not be an interesting feature. The main thing is:parityboy wrote:@thread
ImmunityZone basically seems to be an HTTP proxy offering client-side SSL termination, where each proxy runs in its own OpenVZ or LXC container (taking an educated guess). Seems to be limited to browsers, so other applications are excluded.
"Each login creates a virtual machine on our servers. Inside our Operating System a one-time browser is opened that streams the webpage content to your inside browser. Whenever you load a webpage in your inside browser, that page is actually loaded on our servers. We then stream the content to you.
A secure Browser-inside-a-Browser
Immunity Zone is a secure remote browsing environment executed on hardened infrastructure. The Browser on Demand consists of mature technologies like Remote Browsing, Operating System Virtualization, AdBlock Technology and Proxy Servers. As a user you can only see a simple web application displaying a virtual browser window. In there all the magic happens automatically. We created the world’s first secure Remote Browser on Demand. It hides your search and browsing from nosy interceptors around the planet and keeps you private. We hope you enjoy it!"
We've been following them via twitter since they first became visible, and also gently goading them towards releasing source code for the project. Here's some conversational snippets:
In general, it's an excellent architectural model. In fact, we had an in-house effort to do this - codenamed "Pipeline" - back in 2012, but it was too far afield from our core offerings, and required too much staff effort, for us to bring it to a production status.
It's not clear this model is at all translatable beyond browser/web utilities, in terms of network security. That said, one could generalise the "run things remotely on a server-side VM, and simply screen-scrape/VNC/whatever the results to a local machine" model as far as one wants.
We used to call it "client-server computing," in fact. Also "thin clients." Also tons of other things, over the decades.