On 27. august 2012 at 1:21 PM, adrelanos wrote:Random Tor User: [...] > The guest VM is locked down and may only access the internet through > the host system's Tor socks proxy on port 9050.
The lockdown part is too shortly described. How? Iptables? No, until now I have just set up an alternative Windows as a VMware guest. The VMware network is configured as hostonly which means that the guest can only connect to the host's IP address. > Is there any weakness in this setup? Yes. Just a few things coming to my mind... You should not use Firefox. Use Tor Browser. [1] Fixed. I have the Tor browser in the guest system pointing to the socks proxy running on the host system. How to you use Tor Browser without running Tor over Tor? What you basically need, is to use a similar concept like aos. [2] Even if you can prevent IP and DNS leaks, Java and Flash can leak more information than that, such as your time zone and system time. [3] Nothing requires that the timezone and localization iof the guest corresponds to that of the host system. Am I correct that the Tor browser wont care about which timezone time, date or localization is present in the running system so long as it can establish a socks connection. A socks connection is so far I know agnostic to this information. The only think which could happen in the worst case would be the guest system's information leaking through the Tor browser. Windows Update and other Microsoft services should not be able to "break out" of the guest system because the only network to which the guest has access is the host system. Who checked if Java or Flash do not use your MAC address to correlate with your previous activities? Flash is a black box and Adobe is not known for putting much value into users privacy. The VM can see MAC address of your host. It's possible to prevent this. [4] My host system is not directly connected to the internet. The host system (computer) connects to a router. My ISP only "sees" the MAC address of my router. QAnd even so, I often swap/randomize the host system's MAC and computer name when I use the computer to connect away from home. Apart from MAC address there are other caveat. Even the name of the user account could be used for correlation. What if I write a VBS script to randomize tall this information? Everytime the guest starts up, all sensitive information is randomized. And the host is a bear metal machine only used for hosting my Tor socks proxy. Also forcing the whole system through a single Tor port opens up for Identity correlation through circuit sharing. [5] Your operating system update mechanism inside the VM might go through the same Tor circuit including all the stuff flash already reveals. Even in Windows, it's possible to disable all update services. If the guest only participates in a hostonly network, it can't access external internet resources except through the socks proxy. Of course the host system is different, but what I am interested in is hiding what I am doing inside the guest. I don't care about people knowing I runs Tor as socks proxy. I don't intend to host hidden services, so the time window for attacks should be very shortlived. My only goal is being able to torify Flash and Java for browsing. So mwhat I don't know is whether the JonDoNym guide to proxifying Flash and Java is secure enought for browsing. _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
