Installing Ice SSB (Site Specific Browser) subsystem

Forum Forums New users New Users and General Questions Installing Ice SSB (Site Specific Browser) subsystem

This topic contains 14 replies, has 5 voices, and was last updated by olsztyn Nov 8-6:14 pm.

Viewing 15 posts - 1 through 15 (of 15 total)
  • Author
    Posts
  • #12964
    Member

    olsztyn

    It seems I am not successful in installing SSB. After downloading Ice SSB attempted to use dpkg -i. However it appears some dependencies are not there. I could not find a way to use Package Installer for Ice SSB. Any ideas please?

    #12972
    Member
    caprea
    caprea

    Where did you download ? This one from peppermint the depencies should be fulfilled.
    https://github.com/peppermintos/ice

    #12977
    Member

    olsztyn

    This one was the first I downloaded but could not find a way to install. After reading some I was under (probably misguided) impression that I need this in .deb format, which I found somewhere release 5.3.0. To install this downloaded .deb I had to dpkg -i, which resulted in install incomplete/unsuccessful.
    If you direct me how to install the one you suggest I would greatly appreciate…

    #12990
    Member
    caprea
    caprea

    There’s a ice_5.3.4-0mx17_all.deb in the test-repos of Mx-Linux
    http://mxrepo.com/mx/testrepo/pool/test/i/ice/
    You maybe want to try.

    #13041
    Member

    olsztyn

    Thank you. Unfortunately this one had the same issues of some dependencies missing. I am using command line ‘sudo dpkg -i…’to install .deb. There might be ways to install using package manager using downloaded file but I have not found yet a way. This could be that I may not know all the intricacies of package installers.
    On the other hand I got around SSB from user perspective by using Chrome shortcut, which creates an SSB link. Not optimal, such as these will not create menu items but creates at least icons on Space Fluxbox.

    #13068
    Member
    caprea
    caprea

    Yes, there is a depency for python3-bs4 , but you can install python3-bs4 without any problems.
    Just tried it on a live-usb

    demo@antix1:~/Downloads
    $ sudo dpkg -i ice_5.3.4-0mx17_all.deb
    Selecting previously unselected package ice.
    (Reading database ... 129479 files and directories currently installed.)
    Preparing to unpack ice_5.3.4-0mx17_all.deb ...
    Unpacking ice (5.3.4-0mx17) ...
    dpkg: dependency problems prevent configuration of ice:
     ice depends on python3-bs4; however:
      Package python3-bs4 is not installed.
    
    dpkg: error processing package ice (--install):
     dependency problems - leaving unconfigured
    Processing triggers for desktop-file-utils (0.23-1) ...
    Processing triggers for mime-support (3.60) ...
    Errors were encountered while processing:
     ice
    $ sudo apt-get install python3-bs4
    Reading package lists... Done
    Building dependency tree       
    Reading state information... Done
    The following package was automatically installed and is no longer required:
      livestreamer
    Use 'sudo apt autoremove' to remove it.
    Recommended packages:
      python3-lxml
    The following NEW packages will be installed:
      python3-bs4
    0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
    1 not fully installed or removed.
    Need to get 0 B/86.6 kB of archives.
    After this operation, 368 kB of additional disk space will be used.
    Selecting previously unselected package python3-bs4.
    (Reading database ... 129524 files and directories currently installed.)
    Preparing to unpack .../python3-bs4_4.5.3-1_all.deb ...
    Unpacking python3-bs4 (4.5.3-1) ...
    Setting up python3-bs4 (4.5.3-1) ...
    Setting up ice (5.3.4-0mx17) ...
    demo@antix1:~/Downloads
    $ sudo dpkg -i ice_5.3.4-0mx17_all.deb
    (Reading database ... 129554 files and directories currently installed.)
    Preparing to unpack ice_5.3.4-0mx17_all.deb ...
    Unpacking ice (5.3.4-0mx17) over (5.3.4-0mx17) ...
    Setting up ice (5.3.4-0mx17) ...
    Processing triggers for desktop-file-utils (0.23-1) ...
    Processing triggers for mime-support (3.60) ...
    demo@antix1:~/Downloads
    $ 
    
    #13072
    Member

    olsztyn

    Great! Thanks very much for sacrificing your time on figuring this.
    Out of curiousity: Is python 3 adding lots of bloat to the system therefore was not included in AntiX or somehow it is not compatible with ‘Systemd free philosophy’?

    #13075
    Forum Admin
    anticapitalista
    anticapitalista

    python3 is included on antiX, but we do not include EVERY python3 library to avoid unnecessary bloat.
    BTW Peppermint linux is Ubuntu based and not Debian based so installing apps such as the one you anted to install, is not advised. Luckily there is a debian version of the app you want (via our sister distro MX Linux) that you can be sure is safe.

    Philosophers have interpreted the world in many ways; the point is to change it.

    #13085
    Member

    olsztyn

    Thank you for the info on Python 3. Agreed on avoiding unnecessary bloat… This is good.
    Yes, I am aware that Peppermint (the developer of ICE SSB) is Ubuntu based and installing SSB on Debian is not advised even if the install is in .deb format. I understand it is possible, as shown above by Caprea (thank you!) but it is not critical for me to go that path as I resorted to a simple workaround – namely Chrome shortcut function creates an SSB and puts an icon on Space Fluxbox desktop. This is good enough for me as I do not need integration into menus, categorization, etc.

    Thanks also for your pointing me to MX, where SSB is available. Now, if you meant I could use MX 17 repositories then I will try this at some point. If, on the other hand you recommended I use MX in place of AntiX for that reason then I will not go that route. Full SSB integration is not critical enough for me. I had tried MX before and I found AntiX much more to my liking for a number of reasons. Although I appreciate MX contribution to popularity of both and many other users may find MX is better for them. Both distros are following the path of the right ideas…
    Thanks and Regards,
    Francis.

    #13090
    Moderator
    masinick
    masinick

    Using MX repo and packages should be safe. Both antiX and MX contain quite a bit of common Debian and antiX software.

    If there are any conflicts between specific packages, just carefully observe any package warnings. If in doubt, abort any changes in question, copy the warnings and ask if they are significant before committing the package changes.

    Brian Masinick

    #13231
    Member

    skidoo

    xref: https://www.antixforum.com/forums/topic/antix-security-options/

    Using MX repo and packages should be safe.

    Are you familiar with the phrase “TRUST, BUT VERIFY” ?

    Too often, packagers are a happy-go-lucky bunch, are non-programmers and are oblivious to security considerations. They rubberstamp, pass along whatever the upstream developer(s) bundled into an app. If we’re lucky, the packager will dogfood testdrive the app and will amend the app’s configuration settings (aka “dot conf” aka “preferences”) if they notice any non- “sane”, or blatantly objectionable/annoying, default settings.

    Tonight I fully audited the code. For the record, technically, the peppermint ice app is not even fully OPEN SOURCE.
    search.json.mozlz4
    The contents of this (re)distributed file are “obfuscated”. It is a compressed, not-easily-unarchived, blob.
    (cannot be unpacked for inspection via commonly-installed unarchiving tools)
    Presence of the search.json.mozlz4 file begs the pointed question:
    “Why are they meddling with the default embedded search engine(s)?!?”

    Peppermint follows in the steps of LinuxMint. LinuxMint has tampered with (probably still does) default browser settings, bundling a “Mint Search Enhancer” component which is 1) designated as a “system addon” (cannot be UNinstalled via firefox addonsManager UI) and 2) is speciously stated as a dependency for one of Mint’s core O/S packages (so that a user dare not uninstall “mint-search-enhancer” package ~~ doing so will wreck the O/S)

    I did unpack and inspect the search.json.mozlz4 bundled with ice. To their credit, AT THIS MOMENT the file contains no objectionable (to me) tacked-on fingerprinting parameters nor partner/affiliate querystring parameters. If/when ice is redistributed by Mint, it’ll be par for the course if they first taint it with partner/affiliate links. If/when peppermint releases an “upgrade”, perhaps tainted with newly-embedded affiliateID monetization search params, will the packagers (think to // know how to // remember to) unpack and inspect the obfuscated file bundled within each new upstream version?

    Notwithstanding the above, the ice-firefox launcher… why the heck is it even needed, or desirable?
    Do you REALLY fancy launching browser instances “naked and blind”?
    The ice-firefox launcher generates browser instances which load ZERO of your installed addons (noscript,uBLock,etc)
    into windows lacking (ssl lock symbol icon and) addressbar. In that scenario, you can only ASSUME you are entering login details into a webpage hosted on the site (your bank?) that you intended.

    “ice” simply serves to create .desktop files FULLSTOP.
    (I tested) By deleting the installed “ice-firefox”, and modifying the “ice” script to generate “Exec=firefox blabblahsite” launchers, we end up with normal browser windows… but the “ice” app lacks ability to EDIT previously created .desktop files and (stupidly, IMO) does not support drag-n-drop. As a user, I’m turned off by the prospect of typing stuff into a box, or copy/paste urlstring, for each site launcher. Instead, can drag from browser urlbar onto desktop… or drag to “mystuff” (kornelix utility app, package is in debian repos)… or drag the url into a cherrytree note.

    #13232
    Member

    skidoo

    generates browser instances which load ZERO of your installed addons (noscript,uBLock,etc)
    into windows lacking (ssl lock symbol icon and) addressbar.

    Bears mentioning that same caveat applies to use of the “antix-viewer” utility.
    “antix-viewer” is suitable for use as a helpdoc viewer, NOT as a general purpose web browser.

    #13239
    Member

    olsztyn

    “ice” simply serves to create .desktop files FULLSTOP.

    Thanks for extensive review.
    In another thread I reported some testing comparing ICE-SSB Peppermint to Chrome SSB.
    – I am curious of your assessment of both SSB solutions.
    – IMHO and in my original expectation the purpose of SSB should be Single Site Browser, which means it should be restricted to one site or domain without any capability to venture out to a different domain. Neither seem to restrict, which in my eyes kills the main security purpose. Chrome SSB appears to behave better though, as wheen you follow a link to a different domain it pops a url and SSL certificate owner if applicable (if SSL). ICE does not seem to do it. But again, nether is really restricting to s specific site, which defeats the main objective.

    #13249
    Member

    skidoo

    can’t offer an “assessment” of anything chrome/chromium related. I don’t use those browsers.

    Although I use and recommend quite a few web-native tools, e.g. https://gmicol.greyc.fr, https://.photopea.com, https://muro.deviantart.com
    I’m uncomfortable with the notion of labeling them as “web apps”, wrapping ’em in SSB, and including launchers for them in the desktop menu.

    Because the web browser provides “at launch, restore tabs from last session” and “don’t load tabs until focused” and multiple “profiles”, I fail to understand why anyone finds appeal in cluttering their desktop (or menu) with myriad site-specific launchers.

    #13252
    Member

    olsztyn

    I’m uncomfortable with the notion of labeling them as “web apps”, wrapping ’em in SSB, and including launchers for them in the desktop menu.

    I can see your point from such perspective.
    My exploring SSB capability comes from a different objective. It is to test if they truly live to ‘Site Specific Browser’ expectation from the perspective that they would be restricted (security) to that site, not allowed to go to another site. However my testing indicates they are not capable of this. Therefore they do not satisfy security objective.

Viewing 15 posts - 1 through 15 (of 15 total)

You must be logged in to reply to this topic.