I guess the main benefit to having VPN on router is it takes that overhead off the PCs CPU & memory.
But the paper is right, a lot of network hardware is backdoored. Especially the cisco stuff. And im suspicious of the Chinese stuff too. We should endeavor to run open source routers. But im not aware of any open source modems? Im actually surprised someone hasnt cracked the proprietary DSL code and leaked an open source modem. I bet we would not like what we found in their proprietary code :/ Having a VPN-Proxy-VM offers the flexibility to chose what VMs directly connect to the internet, and which VMs are routed through the VPN which is nice. I've set my VPN-Proxy-VM using a minimal template, to future reduce the attack surface. You can also run the whonix-gw over the vpn, or vise versa. I imagine since snowden said to the world he uses Qubes OS, the NSA have had their team looking for ways in. I think qubes can be hardened much more than it currently is. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/43b6362b-0fd1-4105-b865-ccf0415cc8ce%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.