[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] corridor, a Tor traffic whitelisting gateway



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Rusty Bird:
> Patrick Schleizer:
>> The problem is, any Whonix-Workstation behind Whonix-Gateway -
>> once compromised - can claim to be another Whonix-Workstation,
>> thus not being stream isolated anymore.
>> 
>> This could be solved, when there was a defense, that prevented 
>> impersonating other workstations. VPN and/or Static ARP entries
>> and/or OpenSSH could be used for that purpose.
> 
> (How) does Qubes deal with this?

Last time I checked, it it did not. (Apart from the workaround of
using a separate Tor-VM per workstation.)

I guess they'd be also interested to discuss your new concept on their
qubes-devel mailing list.

-----BEGIN PGP SIGNATURE-----

iQJ8BAEBCgBmBQJTAMBiXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2RTk3OUIyOEE2RjM3QzQzQkUzMEFGQTFD
QjhENTBCQjc3QkIzQzQ4AAoJEMuNULt3uzxI2boP/1w+6qrYzFWGCQwMFvuX2CHZ
qaPCftMdur629HWsOm7UH29Bgyj0smF4a23l/8OFeYIfQp6l3oWQTJPHtn22zohA
MDusXR/2lfbWpt2mAjxYkvtMvY83lp0CtMJrw2cFJD69nrvWDjQvMQ1C3smwR5qL
0phapPz18+0Pp9E/5pEbKxWALdqCYCGLX76ED9wFhH1x9YM13FAx7xNnWB/1zZRt
P6uIbfUVU5teCXO/hG13X4tTxO+vHFb22ZvCBHLS67bmx+nUXxxlN2G2H8+UDvFU
5XXB0qIlq6SlWlk7J9WQy2L3fyEB89X8xE3FxMNO3jVjPoBfM6JcsmWoLar91D+1
5As0N/Y/LyVffvLfLAJdoLuajCNp6gCWBVub1QPKuSzV6xggrsrn5TKrVsoBZMNX
wyY+7U6idlYnKG8X3fiPu3F5mwZtlw/cqvE7/QOIvQSc62W7EaJgrlH9VQWyzlZR
gjOmytpdh36dbP8GuFYpJRw7MoSUPCWqadn4lpZzl06f9v/CkjT+Vn8mXYR3OaxU
ke/HyYXQ0FoAa3jWs00l8FIHb65zMIGo/qHAcbC5kSGt9DxoJGs6z0/XvJaiWDVf
8f/aU3LnViywaDS9JpH/SAQXt2zWzDWNTinAZ8tx5pWX61nQVyELLc4SSOAA+4g/
1Jr+T60EIXiaR4Y/dCVq
=7pBn
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk