[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TBB advantages in VM

Abel Luck:
> Interesting reading, thanks! My use case is different. It's running
> Qubes-OS [1] with a specific TorVM acting as a transparent proxy for
> other AppVms.
> The AnonBrowserVM is a VM that only has Firefox (soon TBB without tor).
> OS updates are handled separately in a different VM. The root FS is
> read-only (technically COW, but never written, see [2]).
> Looking at your attack comparison matrix, I believe a proper Qubes
> w/TorVM+AnonAppVM setup is safe for all attacks except those involving a
> vm exploit and an attack against the tor process or network.

I haven't check in details, but Qubes looks very good.

There is a big and very good blog post about Qubes + Tor. The part it
lacks is the stream isolation part.

tor-talk mailing list