[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Hidden service: Is it possible for an attacker to break out of a VM?



Hikki,

From a defense in depth point of view it can help to use a VM.  It is
not impossible for an adversary to  break out of a VM, but if you are
using a good VM it will at least require a pretty sophisticated
attacker.  I would say that using a VM would increase the security of
your hidden service.

On Thu, Oct 7, 2010 at 5:12 PM,  <hikki@xxxxxxxxxxxxx> wrote:
> The title says it all:
>
> Several people recommend running a hidden service from within a VM,
> to prevent attackers from doing side channel attacks and reading off your
> hardware components and serial numbers.
>
> Then I heard that attackers can actually break out of VM's if they get root
> access on it due to a successful attack.
>
> I just want your opinions on that one, thanks!
> ***********************************************************************
> To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
>



-- 
Sincerely Yours,
              ---Thomas S. Benjamin
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/