[tor-talk] Review request: TorVM implementation in Qubes OS
adrelanos
adrelanos at riseup.net
Fri Oct 19 12:30:37 UTC 2012
Abel Luck:
>>> Future Work Use local DNS cache to speedup queries (pdnsd)
>>
>> That could make users more fingerprintable.
>>
>>> Future Work Support arbitrary DNS queries
>>
>> That could make users more fingerprintable.
>>
>
> Yup, I'm aware. Really I've no plans to move forward here until
> something more concrete develops. (I'm looking at who Tails and
> Whonix, who've discussed this issue extensively).
>
>
>> What is it needed for anyway? Which things do not work without
>> arbitrary DNS queries?
>>
> XMPP SRV lookups for one. Not a pressing issue of course.
If you need any "special" DNS features, I don't see why they should be
implemented on the Gateway. They can equally easy more and safely
implemented on the Workstation(s) were needed.
Things I tested: DNSSEC over Tor, DNSCrypt by OpenDNS, httpsdnsd by
JonDos. [1]
There is no reason why ttdnsd or dns cache wouldn't work on the
Workstation/AppVM.
>>> Future Work Optionally route TorVM traffic through Tor
>>
>> What is the motivation behind it?
> There is no good reason I can think of yet, I'm just concerened a
> user misunderstanding what a TorVM does (provides torified
> networking to other AppVms), and opening firefox on it or
> something.
I see. Not sure, if possible, but could you remove all such
unnecessary applications? Maybe make it very clear as desktop
background or automatically opening text file?
Whonix as a optional configuration "Hide the fact that you are using
Tor/Whonix". [2] Not sure if the TorVM use can be easily hidden. Users
would have to download the templates over Tor.
[1] http://sourceforge.net/p/whonix/wiki/OptionalConfigurations/
[2]
http://sourceforge.net/p/whonix/wiki/OptionalConfigurations/#hide-the-fact-that-you-are-using-torwhonix
More information about the tor-talk
mailing list