Abel Luck: > adrelanos: >> Abel Luck: >>> adrelanos: >>>> Hi, >>>> >>>> Is it Amnesic or can it be made Amnesic? >>>> >>>> Or in other words.... Can you be sure, that after deleting (or wiping) >>>> the torified AppVM no activity can not be reconstructed with local disk >>>> forensics? Could the torified AppVM be securely wiped without any >>>> leftovers? (Leftovers such as swap, or what else?) >>> >>> Regarding deletion of the VM: I was under the impression secure deletion >>> was not possible on modern SSDs. >>> >>> On the other hand, it should be possible to create an AppVM whose >>> writeable diskspace lies in enitrely in RAM. I'll investigate this. >>> >>>> >>>> Is Tor's data directory persistent, i.e. does it use Entry Guards? >>>> >>> I've not configured this explicitly, do you have any suggestions? >> >> Tor Browser Bundle users are using persistent Entry Guards. >> >> Final goal should be to share the same fingerprint with them (web >> fingerprint, traffic fingerprint for local observer). If you manage to >> use Tor Browser in the AppVM and Entry Guards in the TorVM, the >> fingerprint should be the same. Except, that you added strong security >> by isolation for the case of a browser exploit. >> >> Whonix uses persistent Entry Guards and Tor Browser. >> >> Persistent Entry Guards are planed for Tails. >> https://tails.boum.org/todo/persistence_preset_-_tor/ >> https://tails.boum.org/todo/persistence_preset_-_bridges/ >> >> Tor Browser is planed for Tails. >> https://tails.boum.org/todo/replace_iceweasel_with_Torbrowser/ >> >> Persistent Entry Guards are considered for Liberte Linux: >> Please see recent thread "[tor-talk] Location-aware persistent guards". >> >> So the answer is yes, I in most cases I recommend persistence for Entry >> Guards and Tor's data dir. The same goes for Vidalia, since it can be >> used to configure Tor and bridges. >> >> Some further thoughts on persistent Entry Guards: >> On the other hand, non-persistent Entry Guards are more amnesic. So if >> you decide to add a amnesic feature, that should be also possible to do >> with the TorVM. >> >> There is also in the thread "[tor-talk] Location-aware persistent >> guards" or in the linked ticket >> https://trac.torproject.org/projects/tor/ticket/2653 are though, that >> non-persistent Entry Guards are better suited for people who travel a >> lot / Live CDs. >> > > Hm, interesting. I definitely need to implement persistent entry guards > then, but providing an amnesiac option will be difficult. When would the > user choose such an option, and where?
Difficult question, I don't know. For a quick research on any topic up would be useful to securely erase all local traces. For other tasks, IM and such, maybe once in a while and never for long term stuff such as hidden services. _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
