[tor-talk] TBB advantages in VM
adrelanos
adrelanos at riseup.net
Fri Sep 28 14:26:12 UTC 2012
Abel Luck:
> Interesting reading, thanks! My use case is different. It's running
> Qubes-OS [1] with a specific TorVM acting as a transparent proxy for
> other AppVms.
>
> The AnonBrowserVM is a VM that only has Firefox (soon TBB without tor).
> OS updates are handled separately in a different VM. The root FS is
> read-only (technically COW, but never written, see [2]).
>
> Looking at your attack comparison matrix, I believe a proper Qubes
> w/TorVM+AnonAppVM setup is safe for all attacks except those involving a
> vm exploit and an attack against the tor process or network.
I haven't check in details, but Qubes looks very good.
There is a big and very good blog post about Qubes + Tor. The part it
lacks is the stream isolation part.
http://theinvisiblethings.blogspot.com/2011/09/playing-with-qubes-networking-for-fun.html
More information about the tor-talk
mailing list