[tor-talk] Benefits of Running TBB in a VM?
Bobby Brewster
bobbybrewster203 at yahoo.com
Sat Jul 5 17:05:10 UTC 2014
>>>if your non-VM host system has been compromised, there is absolutely no
>>>notable advantage to using a vm. your vm will be affected by the
>>>malware that sits on the host system.
I don't understand this. If my Ubuntu system has a virus / rootkit / whatever then what I do on it is compromised.
The VM is, in effect, a seperate OS. How would it be affected by the malware on the non-VM system?
On Saturday, July 5, 2014 3:19 PM, Tempest <tempest at bitmessage.ch> wrote:
Bobby Brewster:
>
> Currently, my Tor use model is as follows:
>
> Me (TBB in Ubuntu) ---> VPN ---> Tor (entry node) ---> Tor network
>
> I could, instead, do:
>
> Me (TBB Ubuntu VM) ---> VPN (configured in VM) ---> Tor (entry node) ---> Tor network
>
> However, from what I've read, there isn't really any advantages to using a VM unless the non-VM system has been compromised (e.g. trojan / rootkit / whatever).
if your non-VM host system has been compromised, there is absolutely no
notable advantage to using a vm. your vm will be affected by the
malware that sits on the host system. however, if you use a vm and the
vm gets infected by malware, you have an extra layer of protection
against the malware infecting your host system. thus, with the snapshot
method i described, you can effectively wipe away malware in certain
scenarios.
from an anonymity standpoint, whether running from your host or from a
vm, malware with a phone home system has a greater chance of
successfully identifying you than if you used a system like whonix.
> Also, one thing I'm unclear about is, if one is using a VM, whether a bridged or NAT'd connection is superior.
>
> The only difference I can see is that the bridge provides a 192.168.x.x address while the NAT provides a 10.0.2.x address. Both appear as the interface eth1.
>
> Any opinions?
for anonymity, it doesn't make any difference. you're better off running
it as an "internal network" and using an additional vm as a gateway that
has rules to push all traffic through the tor network.
--
gpg key - 0x2A49578A7291BB34
fingerprint - 63C4 E106 AC6A 5F2F DDB2 3840 2A49 578A 7291 BB34
--
tor-talk mailing list - tor-talk at lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
More information about the tor-talk
mailing list