Ringo wrote:

I would appreciate any feedback people have on this. This is just an idea and it's kind of beta, so don't use this unless you know what you're doing. PGP key at bottom of message

More Secure Tor Browsing Through A Virtual Machine in Ubuntu

IMHO, you're on the right track. Due to limited resources on my laptop, I've used (hardened) chroot jails to contain tor, my browser, mail client, dhcpd client, etc. - primarily to contain any successful intruder. Hotspot laptop users are constantly being probed and subjected to the latest attack scripts. But ISTM that small, optimized, hardened little VMs would be ideal - additionally protecting anonymity; perhaps reasonably allowing the use of JS on your browser within your browser VM. Your post begs the questions: 1. Which VM software are the most breakout proof, should an attacker gain access with a root shell? 2. Which VMs' guest software are the most opaque - i.e. have NO information available to a roving root? 3. Which VMs require the least overhead? 4. IIUC, one can attach a VM to his existing OS, or one can first install some sort of hypervisor followed by a primary OS, and a series of secondary OS's? If this is true, what are the pros and cons of either approach. (I presume that you want a number of VMs - each containing sensitive or vulnerable applications) ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE