[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs



I'm not too familiar with Whonix. May I ask what it does exactly to protect
the system from a malicious actor with root level access to the "gateway"
machine?

Additionally is there any analysis or guidance on the safe hardware and
software configuration of virtual machines from the Whonix project?

As you may be aware, virtual machines are not a security product in and of
themselves and they are certainly not magic.

Do you suppose that it may be the case that malicious software has a harder
time gaining root privileges on Tails than breaking out of a badly
configured virtual machine?

Do not forget that hypervisor software has bugs too and generally has
unrestricted access to the host machine.

May I also ask if Whonix addresses the other key feature of Tails which is
ensuring that there will be no forensic evidence left behind after usage?

With regards to Torbrowser on BSD, from what I understand the Tor browser
project is simply a collection of patches for Firefox. I'm confident you
can receive many of the benefits of the Tor browser by patching and
compiling Firefox manually. I say this because there is a Gentoo Linux
overlay which does exactly that.
On 12 Apr 2015 17:24, "WhonixQubes" <whonixqubes@riseup.net> wrote:

> On 2015-04-12 6:47 am, Andreas Krey wrote:
>
>> Whonix https://www.whonix.org is a very good solution available on all
>>> BSDs today. For some reason it remains under-appreciated.
>>>
>>
>> Tails also comes to mind.
>>
>
>
> One quick note on Whonix vs. Tails:
>
> If malware roots your Tails, then it is game over for your anonymity, as
> your real IP and MAC are exposed.
>
> With Whonix, the Tor process is further isolated out into a separate
> machine (virtual or physical), so that root-privileged malware or other
> misbehaving apps can't just circumvent the Tor connection and get access to
> your real IP or MAC address.
>
>
> Put a strong condom on your Tor isolation.
>
>
> Hat tip to mirimir for the mention of our high security Qubes + Whonix
> option too. ;)
>
> WhonixQubes
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk