[tor-talk] [tor-dev] Porting Tor Browser to the BSDs
WhonixQubes
whonixqubes at riseup.net
Tue Apr 14 21:59:42 UTC 2015
On 2015-04-14 9:50 pm, Yuri wrote:
> On 04/14/2015 14:41, WhonixQubes wrote:
>>
>> I believe it is probably generally harder to break out of a virtual
>> machine than root a Linux distro, like Tails, because hypervisors have
>> a more limited attack surface compared to a full monolithic OS.
>>
>> If you use Qubes, then it is infinitely harder to root the host
>> system.
>
>
> Can you describe the scenario how can somebody potentially break out
> of the virtual machine and root the host system, if VM is wired to
> connect only through tor?
>
> Yuri
Some VM breakout scenarios:
- Hypervisor vulnerability
- Trojaned hypervisor
- Side channels
WhonixQubes
More information about the tor-talk
mailing list