[tor-talk] Benefits of Running TBB in a VM?

Tempest tempest at bitmessage.ch
Sat Jul 5 14:19:53 UTC 2014

Bobby Brewster:
> Currently, my Tor use model is as follows:
> Me (TBB in Ubuntu) ---> VPN ---> Tor (entry node) ---> Tor network
> I could, instead, do:
> Me (TBB Ubuntu VM) ---> VPN (configured in VM) ---> Tor (entry node) ---> Tor network
> However, from what I've read, there isn't really any advantages to using a VM unless the non-VM system has been compromised (e.g. trojan / rootkit / whatever).

if your non-VM host system has been compromised, there is absolutely no
notable advantage to using a vm.  your vm will be affected by the
malware that sits on the host system.  however, if you use a vm and the
vm gets infected by malware, you have an extra layer of protection
against the malware infecting your host system. thus, with the snapshot
method i described, you can effectively wipe away malware in certain

from an anonymity standpoint, whether running from your host or from a
vm, malware with a phone home system has a greater chance of
successfully identifying you than if you used a system like whonix.

> Also, one thing I'm unclear about is, if one is using a VM, whether a bridged or NAT'd connection is superior.
> The only difference I can see is that the bridge provides a 192.168.x.x address while the NAT provides a 10.0.2.x address. Both appear as the interface eth1.
> Any opinions?

for anonymity, it doesn't make any difference. you're better off running
it as an "internal network" and using an additional vm as a gateway that
has rules to push all traffic through the tor network.

gpg key - 0x2A49578A7291BB34
fingerprint - 63C4 E106 AC6A 5F2F DDB2 3840 2A49 578A 7291 BB34

More information about the tor-talk mailing list