[tor-talk] Benefits of Running TBB in a VM?
scarp at riseup.net
Thu Jul 3 04:39:50 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
> On 7/2/2014 1:02 PM, Bobby Brewster wrote:
>> What are the benefits of running TBB in a VM?
>> AIUI, there are two advantages.
>> 1. If malware infects the VM, then just the VM is compromised. If
>> your Windows/Mac/Linux system is infected, then your entire
>> system is affected (yes, I realise that it should be only the
>> user account for Linux unless you are root).
>> 2. If your system is comprimised, your real IP cannot be
>> discerned. For example, in my non-VM Ubuntu machine, my wlan0 IP
>> is listed as 192.168.1.50. However, on my NAT'd VirtualBox
>> Ubuntu, there is no wlan0, only eth1. This gives an IP of
>> 10.0.2.15 which is obviously not the IP assigned by my ISP.
>> Does this make sense? Are there other benefits? Any
>> disadvantages? Thanks.
> #1 -- Unless the malware breaks out of the VM. 
> #2 -- Not true. You're assuming the malware is looking at your IP
> address and then reporting it. Well, it may... but the act of
> connecting to another server to report your IP address exposes
> your actual public IP address.
> BTW, 192.168.1.50 is *also* not the IP address assigned by your
> ISP, it's a local NAT address given out by your router. If you
> could hide behind NAT, you'd already be safe :)
> -- Mike
Not a lot to be gained from running the TBB inside a regular VM other
than isolation of malware. If you're using Tor then I assume anonymity
means something to you.
Have a look at Whonix it is designed specifically for this kind of
usage. Additionally it isolates the Tor service in it's own VM to
provide extra network security from malware that could by-pass the Tor
service and directly access some remote location thus revealing you.
Most attacks about breaking out of a VM rely on you installing the
guest tools, so never do that.
scarp | A4F7 25DB 2529 CB1A 605B 3CB4 5DA0 4859 0FD4 B313
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the tor-talk