[tor-talk] Benefits of Running TBB in a VM?
Tempest
tempest at bitmessage.ch
Sat Jul 5 14:19:53 UTC 2014
Bobby Brewster:
>
> Currently, my Tor use model is as follows:
>
> Me (TBB in Ubuntu) ---> VPN ---> Tor (entry node) ---> Tor network
>
> I could, instead, do:
>
> Me (TBB Ubuntu VM) ---> VPN (configured in VM) ---> Tor (entry node) ---> Tor network
>
> However, from what I've read, there isn't really any advantages to using a VM unless the non-VM system has been compromised (e.g. trojan / rootkit / whatever).
if your non-VM host system has been compromised, there is absolutely no
notable advantage to using a vm. your vm will be affected by the
malware that sits on the host system. however, if you use a vm and the
vm gets infected by malware, you have an extra layer of protection
against the malware infecting your host system. thus, with the snapshot
method i described, you can effectively wipe away malware in certain
scenarios.
from an anonymity standpoint, whether running from your host or from a
vm, malware with a phone home system has a greater chance of
successfully identifying you than if you used a system like whonix.
> Also, one thing I'm unclear about is, if one is using a VM, whether a bridged or NAT'd connection is superior.
>
> The only difference I can see is that the bridge provides a 192.168.x.x address while the NAT provides a 10.0.2.x address. Both appear as the interface eth1.
>
> Any opinions?
for anonymity, it doesn't make any difference. you're better off running
it as an "internal network" and using an additional vm as a gateway that
has rules to push all traffic through the tor network.
--
gpg key - 0x2A49578A7291BB34
fingerprint - 63C4 E106 AC6A 5F2F DDB2 3840 2A49 578A 7291 BB34
More information about the tor-talk
mailing list