Write regression test for Unsafe Browser update checks

We should monitor all network connections when starting the Unsafe Browser and make sure no hosts are connected to that are in control of the Tor Project (e.g. check.torproject.org so we don’t reintroduce #8694 (closed)). Reverse DNS of the hosts’ IP addresses might be helpful here. We probably have to wait a few minutes so an update check actually is sent so it should be researched how long we minimally have to wait.

The best would be if the Unsafe Browser doesn’t connect to any hosts at all on normal startup (its start page is a local html file) but who knows what craziness a Firefox-based browser may be up to. As a bonus, this would also be way easier to write an automated test for since we can use the existing “all Internet traffic has only flowed through Tor” step, so this approach should probably be investigated first.

Feature Branch: kytv:test/8702-unsafe-browser-upgrade-checks

Parent Task: #8540 (closed)

Related issues

Related to #8694 (closed)
Blocked by #7821 (closed)

Original created by @anonym on 8702 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information