[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TBB advantages in VM



Abel Luck:
> Interesting reading, thanks! My use case is different. It's running
> Qubes-OS [1] with a specific TorVM acting as a transparent proxy for
> other AppVms.
> 
> The AnonBrowserVM is a VM that only has Firefox (soon TBB without tor).
> OS updates are handled separately in a different VM. The root FS is
> read-only (technically COW, but never written, see [2]).
> 
> Looking at your attack comparison matrix, I believe a proper Qubes
> w/TorVM+AnonAppVM setup is safe for all attacks except those involving a
> vm exploit and an attack against the tor process or network.

I haven't check in details, but Qubes looks very good.

There is a big and very good blog post about Qubes + Tor. The part it
lacks is the stream isolation part.

http://theinvisiblethings.blogspot.com/2011/09/playing-with-qubes-networking-for-fun.html
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk