[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs
On 2015-04-14 1:05 pm, Apple Apple wrote:
I'm not too familiar with Whonix. May I ask what it does exactly to
the system from a malicious actor with root level access to the
Dave's response addresses this. The point is not to absolutely isolate
the Whonix-Gateway where the Tor process is. Although, the
Whonix-Gateway does force its own connections through Tor, but not
secure against root-privileged malware.
Rather, the point is for your user machine (Whonix-Workstation) to be
securely isolated from reaching the clearnet, getting your real IP or
MAC address, etc.
You don't want the Tor process to be in the same security domain as the
user applications, since something malicious or misbehaving can simply
bypass it in one shot. Tails puts them both in the same general security
domain, so Tor protection can be bypassed and then it is game over.
Additionally is there any analysis or guidance on the safe hardware and
software configuration of virtual machines from the Whonix project?
As you may be aware, virtual machines are not a security product in and
themselves and they are certainly not magic.
The reality of this is somewhat different with Qubes.
This is why I launched the Qubes + Whonix project last year.
The security strength of Qubes VM isolation goes meaningfully beyond
More info: https://www.whonix.org/wiki/Qubes
Do you suppose that it may be the case that malicious software has a
time gaining root privileges on Tails than breaking out of a badly
configured virtual machine?
I believe it is probably generally harder to break out of a virtual
machine than root a Linux distro, like Tails, because hypervisors have a
more limited attack surface compared to a full monolithic OS.
If you use Qubes, then it is infinitely harder to root the host system.
Do not forget that hypervisor software has bugs too and generally has
unrestricted access to the host machine.
Right. But hypervisors are more minimal than a full bloated monolithic
Linux OS with hundreds of millions of lines of code, so naturally less
general attack surface exists to exploit.
For a usable system, Qubes currently goes the furthest with secure host
I'm also working to push even further towards building even stronger
security + anonymity systems in the future.
May I also ask if Whonix addresses the other key feature of Tails which
ensuring that there will be no forensic evidence left behind after
Not at this time.
However, with disk encryption, deleting VMs after usage, and overwriting
disk space, this same anti-forensics effect can be accomplished with
tor-talk mailing list - firstname.lastname@example.org
To unsubscribe or change other settings go to