<schoen@eff.org> wrote:
One of the defenses people have talked about against hardware fingerprinting is running inside a virtual machine. Normally, software inside the virtual machine, even if it's malicious, doesn't learn much about the physical machine that hosts the VM. If you always use Tor inside a VM, then even if there's a bug that lets someone take over your computer (or if they trick you into installing spyware), the malicious software won't be able to read much real uniqueness from the host hardware, unless there's also a bug in the VM software.
[...] There's probably more research to be done about the conditions under which VMs can be uniquely identified both "from the inside" by malware, and remotely by remote software fingerprinting, absent VM bugs that give unintended access to the host.
We documented, which data, malware inside a VM could collect to identify users. [1] That doesn't mean, we wouldn't be happy about sophisticated, dedicated research. However, here is a summary: - (Apart from obvious and known, IP, DNS, (browser) fingerprinting.) - internal LAN IP (of virtualized operating system) - time zone (of virtualized operating system) - username (of virtualized operating system) - hostname (of virtualized operating system) - mac address of virtual machine - mac address of host (if using bridged networking) or mac address of gateway (if using virtual internal networking) - virtual disk uuids - Some information about the real CPU, depends on VM software. There might be options to further hide information about the CPU. - Installed software packages. - If you copy data into the VM: metadata. [1] https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/SecurityAndHardenin... ______________________________________________________ powered by Secure-Mail.biz - anonymous and secure e-mail accounts. _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE