Inspired by Browser Privacy .

Prepare virtual machine

vagrant init archlinux/archlinux
vagrant up --provider=libvirt

Login to VM :

pacman -Syu
pacman -S vim pacman-contrib

# Replace mirrors
mv /etc/pacman.d/mirrorlist.pacnew /etc/pacman.d/mirrorlist.raw
vim /etc/pacman.d/mirrorlist.raw
rankmirrors /etc/pacman.d/mirrorlist.raw > /tmp/m
grep -v "#" /tmp/m > /etc/pacman.d/mirrorlist

# Install Desktop and browsers
pacman -S lxde
pacman -S firefox chromium midori epiphany vivaldi
pacman -S tcpdump tmux bind-tools bash-completion
systemd enable lxdm.service

system version:

[vagrant[email protected] ~]$ uname -a
Linux archlinux 5.9.11-arch2-1 #1 SMP PREEMPT Sat, 28 Nov 2020 02:07:22 +0000 x86_64 GNU/Linux

After completing steps above, shutdown and save a snapshot.


Firefox version:

[[email protected] ~]$ firefox --full-version
Mozilla Firefox 83.0 20201126174332 20201126174332

Shell 1

# Step 1
sudo systemd-run --slice test.slice --scope -S

# Step 3
su - vagrant
export DISPLAY=:0.0
mkdir /tmp/firefox_profile

firefox --profile /tmp/firefox_profile      # Step 5
firefox --profile /tmp/firefox_profile      # Step 7
firefox --profile /tmp/firefox_profile      # Step 9

Shell 2

# Step 2
iptables -A OUTPUT -m cgroup --path 'test.slice' -j NFLOG --nflog-group 30

tcpdump -i nflog:30 -w /tmp/firefox.pcap        # Step 4
tcpdump -i nflog:30 -w /tmp/firefox2.pcap       # Step 6
tcpdump -i nflog:30 -w /tmp/firefox3.pcap       # Step 8

# Step 10
scp /tmp/firefox*.pcap [email protected]:/tmp

Start virtual machine and log in to desktop enviornment and run commands step by step.


Opeging firefox


Open firefox for the first time


After closing firefox


Open firefox for the second time

Before opening firefox, Run tcpdump command.

Before closing firefox, you need to wait until everything has been loaded.

After closing firefox completely, you can close tcpdump.

Complete all steps, shutdown and reset VM to before step.




Roughly same as firefox.

Chromium version.

[[email protected] ~]$ chromium --version
Chromium 87.0.4280.88 Arch Linux

Shell 1

sudo systemd-run --slice test.slice --scope -S

su - vagrant
export DISPLAY=:0.0

chromium --user-data-dir=/tmp/chromium
chromium --user-data-dir=/tmp/chromium
chromium --user-data-dir=/tmp/chromium

Shell 2

iptables -A OUTPUT -m cgroup --path 'test.slice' -j NFLOG --nflog-group 30

tcpdump -i nflog:30 -w /tmp/chromium.pcap
tcpdump -i nflog:30 -w /tmp/chromium2.pcap
tcpdump -i nflog:30 -w /tmp/chromium3.pcap

scp /tmp/chromium*.pcap [email protected]:/tmp



Wireshark analysis


tls.handshake.type == 1