how to use Tor securely (Re: Silk Road founder arrested ...)
coderman
coderman at gmail.com
Fri Oct 4 06:15:30 PDT 2013
On Fri, Oct 4, 2013 at 2:01 AM, Adam Back <adam at cypherspace.org> wrote:
>... For my taste the Tor connection
> and code and physical device identifiers (physical MAC addr, HD serial etc)
> should be OUTSIDE of a VM and all client software should be inside the VM.
a better approach is putting them all in constrained guest virtual
machine instances. i'm fond of Qubes for this purpose, although there
is much ongoing discussion around the best configuration.
even better make your Anonymous Tor Browser VM disposable, and
frequently re-instantiated. then when your rich attack surface browser
gets pwned you've significantly limited the duration and scope of
impact.
check out:
http://theinvisiblethings.blogspot.com/2011/09/playing-with-qubes-networking-for-fun.html
https://www.whonix.org/wiki/Comparison_with_Others
https://groups.google.com/forum/#!forum/qubes-devel
More information about the cypherpunks
mailing list