Random Tor User: [...] > The guest VM is locked down and may only access the internet through > the host system's Tor socks proxy on port 9050.
The lockdown part is too shortly described. How? Iptables? > Is there any weakness in this setup? Yes. Just a few things coming to my mind... You should not use Firefox. Use Tor Browser. [1] How to you use Tor Browser without running Tor over Tor? What you basically need, is to use a similar concept like aos. [2] Even if you can prevent IP and DNS leaks, Java and Flash can leak more information than that, such as your time zone and system time. [3] Who checked if Java or Flash do not use your MAC address to correlate with your previous activities? Flash is a black box and Adobe is not known for putting much value into users privacy. The VM can see MAC address of your host. It's possible to prevent this. [4] Apart from MAC address there are other caveat. Even the name of the user account could be used for correlation. Also forcing the whole system through a single Tor port opens up for Identity correlation through circuit sharing. [5] Your operating system update mechanism inside the VM might go through the same Tor circuit including all the stuff flash already reveals. It your guest operating system is Windows, it gets worse. They send a Globally Unique Identifier (GUID) while updating. If you send it once in the clear and once over Tor, mixed up with flash traffic... [6] System time correlation is also at risk. [7] [1] https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers [2] https://trac.torproject.org/projects/tor/wiki/doc/TorBOX [3] https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/ApplicationWarningsAndNotes#BrowserPlugins [4] https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/SecurityAndHardening#aossProtocol-Leak-ProtectionandFingerprinting-Protection [5] https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/ApplicationWarningsAndNotes#Identitycorrelationthroughcircuitsharing [6] https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxyLeaks [7] https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/SecurityAndHardening#aossSecureAndDistributedTimeSynchronizationMechanism _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
