[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor + SELinux sandbox = leak proof without VM overhead?




On Sun, 29 Aug 2010 00:25 +0200, "intrigeri" <intrigeri@xxxxxxxx> wrote:
> Hi,
> 
> Gregory Maxwell wrote (22 Aug 2010 00:55:49 GMT) :
> > I think it's obvious that the best way of using tor is running your
> > torrified apps in a VM which can only access the outside world via
> > TOR.
> 
> I doubt there is something like "the" best way of using Tor. One
> always needs to balance the risks vs. the efforts needed to get some
> protection against it. More practically speaking: there are use cases
> the Tor Browser Button is perfect for, but it cannot prevent every
> leakage of anonymity to local disks. Then come Tor-ified VM setups
> that protect users a bit more but still somehow rely on the host
> operating system. Then comes running a Tor-ified Live system such as
> T(A)ILS [1] on bare metal. Each situation has its best fit solution
> but I don't think one solution can be told to be best in any cases.
> 
>   [1] https://amnesia.boum.rog/
> 
 That would be '.org' :)
BTW is there somewhere from where the CACert root certificate (or
fingerprint) can be downloaded with protection from an SSL cert I
already trust? The above link, once corrected, generates an SSL warning.
GD

-- 
http://www.fastmail.fm - Same, same, but different...

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/