[tor-talk] Benefits of Running TBB in a VM?
mikewolf at riseup.net
Wed Jul 2 21:19:42 UTC 2014
On 7/2/2014 1:02 PM, Bobby Brewster wrote:
> What are the benefits of running TBB in a VM?
> AIUI, there are two advantages.
> 1. If malware infects the VM, then just the VM is compromised. If your Windows/Mac/Linux system is infected, then your entire system is affected (yes, I realise that it should be only the user account for Linux unless you are root).
> 2. If your system is comprimised, your real IP cannot be discerned. For example, in my non-VM Ubuntu machine, my wlan0 IP is listed as 192.168.1.50. However, on my NAT'd VirtualBox Ubuntu, there is no wlan0, only eth1. This gives an IP of 10.0.2.15 which is obviously not the IP assigned by my ISP.
> Does this make sense? Are there other benefits? Any disadvantages? Thanks.
#1 -- Unless the malware breaks out of the VM. 
#2 -- Not true. You're assuming the malware is looking at your IP
address and then reporting it. Well, it may... but the act of
connecting to another server to report your IP address exposes your
actual public IP address.
BTW, 192.168.1.50 is *also* not the IP address assigned by your ISP,
it's a local NAT address given out by your router. If you could hide
behind NAT, you'd already be safe :)
More information about the tor-talk