[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TOR bundle on hostile platforms: why?



On 08/08/2013 04:23 PM, Thomas Hluechnik wrote:

SNIP

> I was really happy when finding tails. This should be considered as the future
> for TOR: it doesnt matter if any DAU (german word for computer beginner) has its
> Windows computer full of backdoors and viruses. He just starts from USB or CD
> having an acceptable level of security.

As you say, Tails is great because it's a LiveCD with no persistent
storage by default. But it's still running Tor and browser etc in the
same machine, so exploits can mess with Tor and networking stack.

Running Tor and apps in separate VMs is far safer. Whonix and Incognito
do that with pairs of gateway and workstation VMs in VirtualBox. Qubes
does that (and far more isolation) using a custom, hardened hypervisor.

Running apps in VM(s) and Tor on the host is almost as secure. I wonder
whether that could be done in a LiveCD that would be widely usable. The
main problem using VirtualBox is that both host and VM need desktops.
Even using light distros, that leads to fairly large LiveDVDs, which
require substantial RAM to boot.

A Qubes LiveCD would be very cool.

SNIP
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk