[tor-talk] corridor, a Tor traffic whitelisting gateway

Abel Luck abel at guardianproject.info
Tue Apr 1 16:41:07 UTC 2014


On Sunday 16 February 2014 13:42:59 Patrick Schleizer wrote:
> Rusty Bird:
> > Patrick Schleizer:
> >> The problem is, any Whonix-Workstation behind Whonix-Gateway -
> >> once compromised - can claim to be another Whonix-Workstation,
> >> thus not being stream isolated anymore.
> >> 
> >> This could be solved, when there was a defense, that prevented
> >> impersonating other workstations. VPN and/or Static ARP entries
> >> and/or OpenSSH could be used for that purpose.
> > 
> > (How) does Qubes deal with this?
> 
> Last time I checked, it it did not. (Apart from the workaround of
> using a separate Tor-VM per workstation.)
> 
> I guess they'd be also interested to discuss your new concept on their
> qubes-devel mailing list.

qubes-tor maintainer here.. playing with corridor in a Qubes ProxyVM right now 
:)

As to the spoofing question, Qubes doesn't suffer from this problem.

While there is only one gateway/torvm to many-workstation/appvm, each appvm 
uses a separate interface and subnet, so appvms can't impersonate or affect 
eachother.

~abel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140401/5777a916/attachment.sig>


More information about the tor-talk mailing list