Virtual: a quick summary

virtual.mdwn

@@ -4,16 +4,67 @@ Can't or don't want to use [Qubes OS](https://www.qubes-os.org/)? Here comes a s
 that, while not offering the same level of security, is practical enough to be implemented in the confort
 of your current FOSS OS!
 
-Desktop
--------
+A picture
+---------
 
-    apt-get install lightdm ratpoison
+Could you spot the difference between the Tor Browser running in the host for the one inside the virtual machine? That's what we want to achieve!
 
-* [plymouth - Debian Wiki](https://wiki.debian.org/plymouth)
-* Additional package: [virtualbox-guest-x11](https://packages.debian.org/stable/virtualbox-guest-x11).
+![Screenshot](screenshot.png)
+
+First things first
+------------------
+
+What you can do:
+
+1. Create a virtual machine image of the operating system of your choice like [this example](https://padrao.sarava.org/boxes/).
+2. Setup basic X11 environment with automatic login and startup programs.
+3. Configure your hypervisor to hide icons and additional decorations around the virtual machine.
+4. Setup key bindings on your window manager to start/resume and stop/suspend the virtual machine.
+
+Debian desktop
+--------------
+
+When using a debian virtual machine as a virtual desktop, consider the following:
+
+    apt-get install lightdm ratpoison plymouth
+
+Make sure to configure `/etc/lightdm/lightdm.conf` with something like
+
+    autologin-user=vagrant
+    autologin-user-timeout=0
+
+If using VirtualBox, you might also want to try [virtualbox-guest-x11](https://packages.debian.org/stable/virtualbox-guest-x11).
+
+Features
+--------
+
+* Good security through isolation.
+* Improved start/stop of your application by using virtual machine suspend/resume.
+* Minor performance penalties while running the virtual machine.
+
+Limitations
+-----------
+
+* Memory and disk consumption.
+* Clipboard might still be available to the virtual environment, see [this discussion](http://theinvisiblethings.blogspot.com.br/2011/04/linux-security-circus-on-gui-isolation.html).
+
+Future
+------
+
+* Automated expendable snapshots for one-time-use virtual machines.
+* Automated recipes (puppet/ansible).
+* Vagrant integration for fast provisioning of golden images.
+* Alternatives to the VirtualBox hypervisor.
 
 References
 ----------
 
+Applications:
+
+* [vbox script](https://git.sarava.org/?p=vbox.git;a=summary).
+* [plymouth - Debian Wiki](https://wiki.debian.org/plymouth).
+
+Other implementations:
+
 * [Marco Carnut: Ambiente "Auto-Limpante" via Virtualização Ultra-Leve Descartável - Tempest Blog](http://blog.tempest.com.br/marco-carnut/ambiente-auto-limpante-via-virtualizacao-ultra-leve-descartavel.html).
 * [Subgraph OS and Mail](https://subgraph.com/sgos/index.en.html).