Passages Isolates the Browser to Prevent Malware and Tracking Cookies

The core of Passages is a secure virtual machine (VM). When Passages launches, it cryptographically verifies the integrity of the ISO image used to create the virtual machine. That image is read only, ensuring that the VM is guaranteed to be clean and safe every time it is run.

The Passages VM runs a hardened and lightweight Linux operating system. Few attacks seen in the wild are able to execute against a Linux system. Additionally, we’ve hardened the system by stripping out all unnecessary components in the VM. This minimizes possible vulnerabilities, creating the smallest possible attack surface.

Once its integrity is assured, the VM boots up and locks itself down before launching the browser. The browser is the only part of the VM visible to the user. From the user's perspective, Passages is just a conventional browser. It runs as an unprivileged user, further reducing the possibility of even temporarily infecting the restricted Passages environment.

The VM is completely destroyed at the end of every session or any time the user desires. This eliminates any malware, trackers, or anything else that may have made contact with the VM. For user convenience, bookmarks, browser history, downloaded files, and other information as allowed by the administrator are persisted to the Passages servers and loaded back onto the VM each time it runs.

The Passages virtual machine is key in preventing web-delivered malware, targeted web attacks, spear phishing links, drive-by downloads, and passive information leakage.