If I understand Ra's reasoning, he argues that using Tor gateway VMs is more secure because workstation VMs only have Internet connectivity through Tor. Blocking leakage around Tor doesn't depend on proper routing and proxy configuration in the VM. Any non-TCP traffic from the workstation VM just gets dropped. Users may break TAILS trying to watch YouTube. With the Tor gateway+workstation setup, users can screw up the workstation VM, but they'll be safe as long as they don't NAT the LAN interface to host, or break Tor in the gateway VM (which would require some Linux skills). Of course, TAILS is most secure when run as a LiveCD, which isn't possible with the Tor gateway+workstation VM setup. Perhaps someone could create a LiveCD with Linux, VirtualBox and the VMs.
----- Original Message ----- From: Andrew Lewman Sent: 01/20/12 02:49 PM To: [email protected] Subject: Re: [tor-talk] Tor Gateway and Tor Workstation by ra [was: remove any all links from torproject.com to JanusVM] On Fri, 20 Jan 2012 11:41:18 -0000 [email protected] wrote: > > Is Ra's Tor gateway VM > > <http://ra.fnord.at/2011/05/easy-and-secure-anonymous-internet-usage/> > > safe to use on trusted host machines?> > Many people (ra, JanusVM, me) are interested in deploying something ra > calls 'Tor Workstation', which might not be the most bad name. (an > isolated machine which routes everything transparently through Tor) Why not just use tails or liberte in your favorite virtual machine? -- Andrew http://tpo.is/contact pgp 0x74ED336B _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
