Laugh please... the subject is oxymoronic-funny.
Any version Windows has been unsafe for general web browsing for like 4 years now. Known safe sites- those having no third party ads are ok, the rest (most of the internet) are not safe. Which means you WILL get a virus eventually if you don't pre-determine with Linux or a Mac which sites are safe. I've gotten them from Staples.com, Newegg.com, UltraVNC (their site has been hijacked for several years). Most of the file sharing sites and free TV/movie sites have viruses in their ads, not to mention the content generally isn't legal. Amazon and Youtube have some currently safe third party ads, but you are still taking a risk visiting those from XP or any version of Windows. Antivirus protection can prevent an infection, but only if the engine detects the virus. A zero day encryption (ransomware) virus can totally ruin your PC, data and potentially all PCs and data on your network.
Multiple offline backups of your important data is no longer optional- I use an old version of xxcopy on Win2000 to work around the ridiculously expensive licensing of the newer versions when accessing networked drives. The data from each PC is copied onto an internal 10TB drive on one of my Win7 boxes, then I have multiple external 10TB drives to clone the internal 10TB drive to. I know about Robocopy and other backup programs. Wasted 2 months with Robocopy scripts not doing what I wanted. FastCopy freezes every Win7 box it was tried on (requiring a power cycle and Acronis recovery, chkdsks be done).
The safest Windows web browsing solution I know of is Google Chrome on Windows 10, with a realtime antivirus software running (MSSE is fine). Zero day threats are still a risk though. Windows 10 has the Windows 10 "experience" aka horrow show, 500GB Acronis images, what?!?, slow no matter how fast your hardware is, no proper 2D GDI video acceleration, not much works properly... etc. And Classic Shell (sourceforge) is no savior. I wouldn't wish this OS on my worst enemy.
There is a solution for XP SP3 32bit. Minimum requirements- Core2Duo with VT enabled and 8GB RAM. One pagefile.sys on a RAMDisk using RAM XP cannot see (unmanaged RAM).
I tried several Linux flavors on VMWare Player virtual machine (and real hardware too). Ubuntu and Debian have issues.. I don't know why they are hyped, wasted way too much time trying to get anything to work... horrid desktops lacking basic features... then I tried Linux Mint 17.3. Wow... with just a few tweaks, looks much like XP or Win7 in Classic mode. Powerful start menu with applications to tweak (or break) anything. And it runs Firefox and/or Chrome with everything working but DRM audio/video. Non DRM video is fine- fullscreen Youtube plays at 30FPS. Plus with running in a virtual machine, you can create Acronis style snapshots just by shutting down the VM and copying with Windows Explorer the VM's folder to another folder (have the date and PC name in the folder name and copy to a different drive for max speed as the folder can be 30GB). If you break the VM, delete the VM folder and copy your backup to the same place.
Moving the VM to another PC is trivial. Install VMWare Player, copy the VM folder to it, and import the VM (you do need to be careful to not start the old VM; you can change the network name on one of them to avoid conflicts).
I found 1 to 1.2GB for the Linux Mint VM seems to be the best compromise for VMed Firefox speed and XP available RAM and commit charge. You can run the VM with more RAM for even faster VMed Firefox performance, but then you can do less in XP before running out of RAM or forcing another pagefile be created somewhere. As I run one 5GB pagefile.sys on a 5GB Superspeed RAMDisk, I try to keep commit under 5GB or else XP will create another on one of my SSDs and greatly slow down the PC.
VMWare Player has Unity mode which makes Linux applications appear on the host OS (XP) taskbar. You wouldn't know it's running on a different OS unless you select it- window outline glows, or save a file from it and you'll get the Linux file system. That right, you can have Firefox running on Linux, but it appears on the XP taskbar and appears to be a native XP app. Brilliant, but I prefer to just run Linux normally (Unity disabled), and have Firefox run inside the Linux VM window. As with XP, you can have multiple Firefox profiles and a custom shortcut to start each.
Linux does have a steep learning curve, especially doing stuff from the command line. Use Linux Mint for your sanity. Learning VMWare Player and its config file is somewhat painful. The config file commands for VMWare Workstation generally also work in VMWare Player. Make sure to install the VMWare Tools for the 2D video acceleration.
Disable the guid.vmem file. This is the VM's pagefile Linux uses. Even though I used it on a SSD, SSDs are horrible at writing data in small chunks. Spinning disk is probably faster... The solution is to disable the VM's physical pagefile (add to the VM's config file):
mainMem.useNamedFile = "FALSE"
from:
http://www.artykul8.com/2012/06/vmware-performance-enhancing/
The VM then reverts to its backup mode which is a virtual swap file kept in RAM which is presented to Linux (thus Linux still has a swap file, but it's not on physical disk). I was hoping the virtual swap file is paged out eventually, but from running XP's task manager and watching the vmware-vmx.exe process paging delta while copying a few GB of files, it looks like it's locked (not good... as it limits the number of VMs and apps I can run).
If anyone has experience with this solution using Virtual Box, please post how well it works, and any special tweaks you had to do to the VM. Last time I tried Virtual Box (2010) it was very slow compared to VMWare's products.
Set up Samba SMB networking on Linux (fun.. not) and map a drive to your Linux box. Use that to share stuff.
If you haven't put your XP pagefile.sys on a RAMDisk, do so, as your commit charge will be well into the range (above 1.5GB commit) that any disk IO forces app data to the pagefile. Setting this up is not trivial.... and is several threads of reading on various gaming forums. There are other RAMDisks that support using unmanaged RAM and a pagefile on XP. I haven't tried any of them yet, and use Superspeed RamdiskPlus v11.5.390.0 32bit. Any newer version I wasn't able to get the tweak working. It took 3 weeks, many emails, and hours on the phone with Superspeed's staff to get a working license file for that version for the second box I set up with this tweak... (first box was set up in 2011 when that was the current version) I'd advise you to research the other RAMDisks first. I'll start a thread here on the tweak at some point.
Note I ran this setup on another XP PC (also with 5GB pagefile and 5GB RAMDisk) for 1.5 years and used VNC to bring the desktops (I had 2) to my XP box. I had to create 2 programs with Lazarus to make the clipboard work properly and run an audio cable from the box to my soundcard to get sound. I gave the VM 2GB, but performance was subpar to local. Could do maybe 5FPS on a full screen Youtube vid. VNC just can't handle 30FPS full screen compression. Windowed Youtube vids were ok, but best performance is to run the VM local. Plus it is totally non-trivial to get VNC with a working clipboard on Linux Mint... wasted 3 months there... I did try some other desktop sharing program that had much easier set up, working clipboard, and better performance, but it used mpeg compression with visible artifacts and the killer was each connection used like 1GB on XP. VNC uses 5 to 9MB per connection on XP and lossless video compression. I have 8 VNC connections open now (8 other physical PCs running), so RAM usage per connection is a key metric for me.
Note that DRM content does NOT work on Linux... even with the latest Flash DRM module installed. After some researching, there's a feud going on between Abobe, Mozilla, Google, Linux... Adobe refuses to allow DRM content to work on Linux (if someone has a solution, please post).... so I use a Window 7 box with Google Chome to watch those streams (despite the security risk). There is MSSE with realtime protection on that box. I do load the page in Linux first to see the risk. If I see no obviously unsafe 3rd party ads and it is not on one of the file sharing domains, I proceed to open the website on Windows 7. If the video needs to watched fullscreen, I'll have to disconnect VNC and go over to that PC (it's in another room).
Once you get your Linux VM running with Firefox and/or Chrome, pat yourself on the back and enjoy safe web browsing on XP. Linux is the ultimate web browser sandbox.
Note there are still some rarely used security exploits with older Firefox versions (pre v57) on Linux, but with some Googling you can fix them (I forget the name of the app you need to install on Linux).
This solution works but comes with a cost of using about 1.2GB of the ~3GB RAM visible to the OS. It appears to be locked RAM (not able to be paged out). The point of my first test using a separate PC and VNC was to avoid this locked RAM cost. If I could get that working with 30FPS full screen video over VNC (or a different lossless desktop sharing program) I'd be most happy.
The other cost is Firefox performance. It is slower than native XP. Oh well. At least it's not sucking a bazillion User and GDI objects. I haven't used Chrome on Windows or Linux enough yet to give a relative performance comparison to Firefox. And I'm avoiding FF57 for the moment due to some legacy plugins I still use that are not available on FF57 (Classic Theme Restorer, Mozilla Archive Format, Session Manager).
Any version Windows has been unsafe for general web browsing for like 4 years now. Known safe sites- those having no third party ads are ok, the rest (most of the internet) are not safe. Which means you WILL get a virus eventually if you don't pre-determine with Linux or a Mac which sites are safe. I've gotten them from Staples.com, Newegg.com, UltraVNC (their site has been hijacked for several years). Most of the file sharing sites and free TV/movie sites have viruses in their ads, not to mention the content generally isn't legal. Amazon and Youtube have some currently safe third party ads, but you are still taking a risk visiting those from XP or any version of Windows. Antivirus protection can prevent an infection, but only if the engine detects the virus. A zero day encryption (ransomware) virus can totally ruin your PC, data and potentially all PCs and data on your network.
Multiple offline backups of your important data is no longer optional- I use an old version of xxcopy on Win2000 to work around the ridiculously expensive licensing of the newer versions when accessing networked drives. The data from each PC is copied onto an internal 10TB drive on one of my Win7 boxes, then I have multiple external 10TB drives to clone the internal 10TB drive to. I know about Robocopy and other backup programs. Wasted 2 months with Robocopy scripts not doing what I wanted. FastCopy freezes every Win7 box it was tried on (requiring a power cycle and Acronis recovery, chkdsks be done).
The safest Windows web browsing solution I know of is Google Chrome on Windows 10, with a realtime antivirus software running (MSSE is fine). Zero day threats are still a risk though. Windows 10 has the Windows 10 "experience" aka horrow show, 500GB Acronis images, what?!?, slow no matter how fast your hardware is, no proper 2D GDI video acceleration, not much works properly... etc. And Classic Shell (sourceforge) is no savior. I wouldn't wish this OS on my worst enemy.
There is a solution for XP SP3 32bit. Minimum requirements- Core2Duo with VT enabled and 8GB RAM. One pagefile.sys on a RAMDisk using RAM XP cannot see (unmanaged RAM).
I tried several Linux flavors on VMWare Player virtual machine (and real hardware too). Ubuntu and Debian have issues.. I don't know why they are hyped, wasted way too much time trying to get anything to work... horrid desktops lacking basic features... then I tried Linux Mint 17.3. Wow... with just a few tweaks, looks much like XP or Win7 in Classic mode. Powerful start menu with applications to tweak (or break) anything. And it runs Firefox and/or Chrome with everything working but DRM audio/video. Non DRM video is fine- fullscreen Youtube plays at 30FPS. Plus with running in a virtual machine, you can create Acronis style snapshots just by shutting down the VM and copying with Windows Explorer the VM's folder to another folder (have the date and PC name in the folder name and copy to a different drive for max speed as the folder can be 30GB). If you break the VM, delete the VM folder and copy your backup to the same place.
Moving the VM to another PC is trivial. Install VMWare Player, copy the VM folder to it, and import the VM (you do need to be careful to not start the old VM; you can change the network name on one of them to avoid conflicts).
I found 1 to 1.2GB for the Linux Mint VM seems to be the best compromise for VMed Firefox speed and XP available RAM and commit charge. You can run the VM with more RAM for even faster VMed Firefox performance, but then you can do less in XP before running out of RAM or forcing another pagefile be created somewhere. As I run one 5GB pagefile.sys on a 5GB Superspeed RAMDisk, I try to keep commit under 5GB or else XP will create another on one of my SSDs and greatly slow down the PC.
VMWare Player has Unity mode which makes Linux applications appear on the host OS (XP) taskbar. You wouldn't know it's running on a different OS unless you select it- window outline glows, or save a file from it and you'll get the Linux file system. That right, you can have Firefox running on Linux, but it appears on the XP taskbar and appears to be a native XP app. Brilliant, but I prefer to just run Linux normally (Unity disabled), and have Firefox run inside the Linux VM window. As with XP, you can have multiple Firefox profiles and a custom shortcut to start each.
Linux does have a steep learning curve, especially doing stuff from the command line. Use Linux Mint for your sanity. Learning VMWare Player and its config file is somewhat painful. The config file commands for VMWare Workstation generally also work in VMWare Player. Make sure to install the VMWare Tools for the 2D video acceleration.
Disable the guid.vmem file. This is the VM's pagefile Linux uses. Even though I used it on a SSD, SSDs are horrible at writing data in small chunks. Spinning disk is probably faster... The solution is to disable the VM's physical pagefile (add to the VM's config file):
mainMem.useNamedFile = "FALSE"
from:
http://www.artykul8.com/2012/06/vmware-performance-enhancing/
The VM then reverts to its backup mode which is a virtual swap file kept in RAM which is presented to Linux (thus Linux still has a swap file, but it's not on physical disk). I was hoping the virtual swap file is paged out eventually, but from running XP's task manager and watching the vmware-vmx.exe process paging delta while copying a few GB of files, it looks like it's locked (not good... as it limits the number of VMs and apps I can run).
If anyone has experience with this solution using Virtual Box, please post how well it works, and any special tweaks you had to do to the VM. Last time I tried Virtual Box (2010) it was very slow compared to VMWare's products.
Set up Samba SMB networking on Linux (fun.. not) and map a drive to your Linux box. Use that to share stuff.
If you haven't put your XP pagefile.sys on a RAMDisk, do so, as your commit charge will be well into the range (above 1.5GB commit) that any disk IO forces app data to the pagefile. Setting this up is not trivial.... and is several threads of reading on various gaming forums. There are other RAMDisks that support using unmanaged RAM and a pagefile on XP. I haven't tried any of them yet, and use Superspeed RamdiskPlus v11.5.390.0 32bit. Any newer version I wasn't able to get the tweak working. It took 3 weeks, many emails, and hours on the phone with Superspeed's staff to get a working license file for that version for the second box I set up with this tweak... (first box was set up in 2011 when that was the current version) I'd advise you to research the other RAMDisks first. I'll start a thread here on the tweak at some point.
Note I ran this setup on another XP PC (also with 5GB pagefile and 5GB RAMDisk) for 1.5 years and used VNC to bring the desktops (I had 2) to my XP box. I had to create 2 programs with Lazarus to make the clipboard work properly and run an audio cable from the box to my soundcard to get sound. I gave the VM 2GB, but performance was subpar to local. Could do maybe 5FPS on a full screen Youtube vid. VNC just can't handle 30FPS full screen compression. Windowed Youtube vids were ok, but best performance is to run the VM local. Plus it is totally non-trivial to get VNC with a working clipboard on Linux Mint... wasted 3 months there... I did try some other desktop sharing program that had much easier set up, working clipboard, and better performance, but it used mpeg compression with visible artifacts and the killer was each connection used like 1GB on XP. VNC uses 5 to 9MB per connection on XP and lossless video compression. I have 8 VNC connections open now (8 other physical PCs running), so RAM usage per connection is a key metric for me.
Note that DRM content does NOT work on Linux... even with the latest Flash DRM module installed. After some researching, there's a feud going on between Abobe, Mozilla, Google, Linux... Adobe refuses to allow DRM content to work on Linux (if someone has a solution, please post).... so I use a Window 7 box with Google Chome to watch those streams (despite the security risk). There is MSSE with realtime protection on that box. I do load the page in Linux first to see the risk. If I see no obviously unsafe 3rd party ads and it is not on one of the file sharing domains, I proceed to open the website on Windows 7. If the video needs to watched fullscreen, I'll have to disconnect VNC and go over to that PC (it's in another room).
Once you get your Linux VM running with Firefox and/or Chrome, pat yourself on the back and enjoy safe web browsing on XP. Linux is the ultimate web browser sandbox.
Note there are still some rarely used security exploits with older Firefox versions (pre v57) on Linux, but with some Googling you can fix them (I forget the name of the app you need to install on Linux).
This solution works but comes with a cost of using about 1.2GB of the ~3GB RAM visible to the OS. It appears to be locked RAM (not able to be paged out). The point of my first test using a separate PC and VNC was to avoid this locked RAM cost. If I could get that working with 30FPS full screen video over VNC (or a different lossless desktop sharing program) I'd be most happy.
The other cost is Firefox performance. It is slower than native XP. Oh well. At least it's not sucking a bazillion User and GDI objects. I haven't used Chrome on Windows or Linux enough yet to give a relative performance comparison to Firefox. And I'm avoiding FF57 for the moment due to some legacy plugins I still use that are not available on FF57 (Classic Theme Restorer, Mozilla Archive Format, Session Manager).