On Sunday 16 February 2014 13:42:59 Patrick Schleizer wrote: > Rusty Bird: > > Patrick Schleizer: > >> The problem is, any Whonix-Workstation behind Whonix-Gateway - > >> once compromised - can claim to be another Whonix-Workstation, > >> thus not being stream isolated anymore. > >> > >> This could be solved, when there was a defense, that prevented > >> impersonating other workstations. VPN and/or Static ARP entries > >> and/or OpenSSH could be used for that purpose. > > > > (How) does Qubes deal with this? > > Last time I checked, it it did not. (Apart from the workaround of > using a separate Tor-VM per workstation.) > > I guess they'd be also interested to discuss your new concept on their > qubes-devel mailing list. qubes-tor maintainer here.. playing with corridor in a Qubes ProxyVM right now :) As to the spoofing question, Qubes doesn't suffer from this problem. While there is only one gateway/torvm to many-workstation/appvm, each appvm uses a separate interface and subnet, so appvms can't impersonate or affect eachother. ~abel
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk