tetrahedra via qubes-users:
On Sun, Sep 22, 2019 at 02:51:00PM +0000, 'awokd' via qubes-users wrote:
tetrahedra via qubes-users:
Is there any way to automatically do stream isolation on a per-VM basis?
Right now it appears this is not necessarily the case -- the network
traffic of AppVMs A and B may end up using the same Tor circuits (and
exit nodes).
Is there a way to set this up?
Stream isolation is enabled out of the box- per application in most
cases, per tab & TLD in Tor Browser's
(https://www.whonix.org/wiki/Stream_Isolation).
I am referring to stream isolation for non-Whonix Workstation based VMs,
and/or for applications which are not wrapped by `uwt`. (e.g Signal)
It would seem that different VMs ought to be stream isolated by default
(they are different VMs, we obviously want them isolated as much as
possible!)...
Isolating apps in the same VM is a different issue, but you're saying
traffic from different VMs is appearing to come from the same address?
Hmm, that definitely should not be happening. VM isolation is enabled
out of the box. Different VMs, whonix or otherwise, should never share
circuits. IsolateClientAddr (on by default) in whonix-gw's torrc should
isolate streams originating from different addresses/VMs, no matter what
OS or apps they're running.
-------------------------------------------------
This free account was provided by VFEmail.net - report spam to ab...@vfemail.net
ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the
NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/36af5c0c-913e-9e99-769e-f83925d0f944%40vfemail.net.