[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Designing a secure "Tor box" for safe web browsing?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Designing a secure "Tor box" for safe web browsing?
From: Maxim Kammerer <mk@xxxxxx>
Date: Mon, 26 Mar 2012 18:12:41 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 26 Mar 2012 12:13:21 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dee.su; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=NJgb6DIwxHHAESyJ4zlKs9tkObMQH8qtEK3vxA6Sxc0=; b=ctYLO8iAVrfPNVKdyKQ1N+BtwNjojt6aQIUrToWBdKqw9TkSvErW+0W84U8klCXlWE 8ayMax78OEBfEY/nwdiD03jJ4AvpJHlPumdrXM7YACb+65+XacxqetQPlhSoRU+PFpgD nFBOvCouIUbok/YXu4FppOahlaoCOrUkJrBZQ=
In-reply-to: <85y5qoz424.fsf@xxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <C4B25024-6903-4D19-A3C6-F3BA688BFF6C@xxxxxxxxxxxxxx> <4E3EED40.5060804@xxxxxxxxxxxx> <85ty9kt0xq.fsf@xxxxxxxx> <201203221102.53930.r_a@xxxxxxxxxxx> <CAHsXYDD=WnQQ20NUmRfhmrT0ywh8YHsupeDTjy6LRN25SZLLGA@xxxxxxxxxxxxxx> <85y5qoz424.fsf@xxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On Mon, Mar 26, 2012 at 00:52, intrigeri <intrigeri@xxxxxxxx> wrote:
> I'm curious about what resources proved to be limiting during your
> experiments, and what "too demanding" means in your usecases.

Well, Intel VT / AMD-V virtualization extensions are rarely available
on laptops, and without these extensions (accessible, e.g., via KVM),
running a virtualized instance is extremely slow (startup time is also
very high if only doing that for specific applications, even with
KVM). There are also RAM requirements — how much do you allocate? This
needs to be decided in advance, regardless of how much memory the user
needs for performing the task in the VM.

> I would be happy to learn why you consider this is pointless.

Relying on such (intrinsically complex) VM separation for security of
specific applications means that you don't trust your system to
perform basic tasks like user privileges separation (e.g., when unsafe
browser is run under dedicated user credentials). This is somewhat
contradictory. For tasks like abstracting network interfaces and other
hardware, the user can run everything in a VM by themselves — why
force it on everyone? For approaches like Qubes OS, see my comment
here: https://forum.dee.su/topic/gui-isolation.

-- 
Maxim Kammerer
Liberté Linux (discussion / support: http://dee.su/liberte-contribute)
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- Re: [tor-talk] Designing a secure "Tor box" for safe web browsing?
  - From: ra
- Re: [tor-talk] Designing a secure "Tor box" for safe web browsing?
  - From: Maxim Kammerer
- Re: [tor-talk] Designing a secure "Tor box" for safe web browsing?
  - From: intrigeri

Prev by Author: Re: [tor-talk] Designing a secure "Tor box" for safe web browsing?
Next by Author: Re: [tor-talk] Choosing a name for a .onon
Previous by thread: Re: [tor-talk] Designing a secure "Tor box" for safe web browsing?
Next by thread: [tor-talk] Compilation error in tor-0.2.2.35 FreeBSD
Index(es):
- Author
- Thread