More Secure Tor Browsing Through A Virtual Machine in Ubuntu
7v5w7go9ub0o
7v5w7go9ub0o at gmail.com
Mon Aug 24 06:18:50 PDT 2009
Ringo wrote:
> I would appreciate any feedback people have on this. This is just an
> idea and it's kind of beta, so don't use this unless you know what
> you're doing. PGP key at bottom of message
>
>
>
>
> More Secure Tor Browsing Through A Virtual Machine in Ubuntu
>
IMHO, you're on the right track.
Due to limited resources on my laptop, I've used (hardened) chroot jails
to contain tor, my browser, mail client, dhcpd client, etc. - primarily
to contain any successful intruder. Hotspot laptop users are constantly
being probed and subjected to the latest attack scripts.
But ISTM that small, optimized, hardened little VMs would be ideal -
additionally protecting anonymity; perhaps reasonably allowing the use
of JS on your browser within your browser VM.
Your post begs the questions:
1. Which VM software are the most breakout proof, should an attacker
gain access with a root shell?
2. Which VMs' guest software are the most opaque - i.e. have NO
information available to a roving root?
3. Which VMs require the least overhead?
4. IIUC, one can attach a VM to his existing OS, or one can first
install some sort of hypervisor followed by a primary OS, and a series
of secondary OS's? If this is true, what are the pros and cons of either
approach. (I presume that you want a number of VMs - each containing
sensitive or vulnerable applications)
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list