I do this, kvm/libvirt on Linux, Linux browsers, SPICE/virt-viewer. I don't rollback the VMs like you're suggesting, although that does seem like a good idea to start doing. In addition to the VM-based isolation, the VMs are running on a completely separate machine. One of the other major features this gets me is that my router sends traffic different places depending on what VM it's coming from. Casual web browsing goes out a rotating cloud IP (need to move this to EU sometime), bank and other surveillance based authentication sites go out my uplink directly (fuckers), torrent traffic goes out a commercial VPN, embedded device configuration gets no WAN.
Performance is acceptable, even for videos and the like. I'm sure it's considerably slower, but it works for me. I also see adding a bit of a speed bump that mentally distances the web from my main computing environment as a benefit.
Performance is acceptable, even for videos and the like. I'm sure it's considerably slower, but it works for me. I also see adding a bit of a speed bump that mentally distances the web from my main computing environment as a benefit.