-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Michael Wolf: > On 7/2/2014 1:02 PM, Bobby Brewster wrote: >> What are the benefits of running TBB in a VM? >> >> AIUI, there are two advantages. >> >> 1. If malware infects the VM, then just the VM is compromised. If >> your Windows/Mac/Linux system is infected, then your entire >> system is affected (yes, I realise that it should be only the >> user account for Linux unless you are root). >> >> 2. If your system is comprimised, your real IP cannot be >> discerned. For example, in my non-VM Ubuntu machine, my wlan0 IP >> is listed as 192.168.1.50. However, on my NAT'd VirtualBox >> Ubuntu, there is no wlan0, only eth1. This gives an IP of >> 10.0.2.15 which is obviously not the IP assigned by my ISP. >> >> Does this make sense? Are there other benefits? Any >> disadvantages? Thanks. >> > #1 -- Unless the malware breaks out of the VM. [1] > > #2 -- Not true. You're assuming the malware is looking at your IP > address and then reporting it. Well, it may... but the act of > connecting to another server to report your IP address exposes > your actual public IP address. > > BTW, 192.168.1.50 is *also* not the IP address assigned by your > ISP, it's a local NAT address given out by your router. If you > could hide behind NAT, you'd already be safe :) > > > -- Mike > > > [1]http://www.darkreading.com/risk/hacking-tool-lets-a-vm-break-out-and-attack-its-host/d/d-id/1131254? > > Not a lot to be gained from running the TBB inside a regular VM other than isolation of malware. If you're using Tor then I assume anonymity means something to you.
Have a look at Whonix it is designed specifically for this kind of usage. Additionally it isolates the Tor service in it's own VM to provide extra network security from malware that could by-pass the Tor service and directly access some remote location thus revealing you. Most attacks about breaking out of a VM rely on you installing the guest tools, so never do that. - -- scarp | A4F7 25DB 2529 CB1A 605B 3CB4 5DA0 4859 0FD4 B313 -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJTtN6VAAoJEF2gSFkP1LMTFsYP/3tXhmN0pMRJH+HPyOPBYQtD p6+Z51eLLp93g/ugYXy3IG83fxrBUOnAKSa5iQQB+7h1hjRv3dfDSaecH1UtrjXv 8Ojm+LYYRrIsb61gJHCp77liKXT8zNOA1tdzJARvCZDTGeYVZXogXlwckV8bpBHp gvSZetfaiA/6UTEE+mxjoYkfMvcj9RkeoAEIGB3mAXi54NYoeHe5fGPSTHdr4iIs QPTqhkw3cRXm9K2qFAPMmQbYuFxpWVhlsGmFJRz8+yc6ajpJftlyK+cofSN3LNbT 7+hLOIJAOji8OdWP4hG7a1E2a1OT4GdbVeo+Jo+HueRrurN2hz28Wv04FGqpCYuc 2Yd8vk9F4+ciE1+I7GFsxMnDibhMAjR9vNP2kImHqxEnO/TfU/7UgDlQuGGgEVPF uLqak3QsGuOfY4eke5nU2A/C0EN0eBJ8Z4y+kNsN8QSoGEWUB6TwpPV0MUz/nedO T2hHC1pCzBWFBGk1G4tVOnwElHlH/OLE+GMFUB2GBQpzrttF8XBBmyqDqvXEJcWE cOSar4ZaS/W/Go5+3CbnDreEFC2qn9FRwgq1Rk6ZPlqpZ3h2yI3KbC7aD8cxgOA2 a+9RIgI9+/X86gcQKVJRZjZQ8ozRu1P1nlyN+7VloSUQ06O1ArFVnN6EFOVXePJx +aX4nc8XYMRNJ9zN5pac =zenG -----END PGP SIGNATURE----- -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
