[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: More Secure Tor Browsing Through A Virtual Machine in Ubuntu



On Thu, Aug 20, 2009 at 9:05 AM, Curious
Kid<letsshareinformation@xxxxxxxxx> wrote:
> ..
> How is entropy gathered in virtual machines? Will it tell you if there is not enough entropy to support unpredictable routing and encryption? (Or is that even an issue at all with Tor?)

hi Curious,

entropy in virtual machines can be a serious problem. (see "Cloud
computing needs more chaos"). this can be mitigated by passing entropy
into the VM and keeping seed state persisted on virtual disk between
runtime instances. further improvement would entail an entropy daemon
like rngd inside the guest VM receiving entropy from the host.

Tor VM does persist the /dev/random seed state on virtual disk and
also hashes the kernel command line passed to the VM for mixing into
guest entropy pool. this has less entropy than would be desired,
however.

i have created a new flyspray to improve this further:
http://bugs.noreply.org/flyspray/index.php?do=details&id=1067

best regards,