-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CANNON: > Thank you for the prompt reply, thoughts and links to read up on. > My reasoning behind wanting isolation is due to the many cases of > the past in which certain adversaries were successful in > identifying a Tor user after compromising the system either through > a browser exploit, some 0day etc... because only that specific > application was configured for Tor and not the whole system. This > is why Whonix (and Qubes OS which uses Whonix) separates the Tor > gateway from workstation via virtualization. Even with software > isolation though I am beginning to think that hardware isolation > when implemented properly is more secure than software isolation, > with all the Xen bugs recently. I know that it can be an issue with > background applications sending identifying info, and while this > can be mitigated by not using some noisy sketchy OS like Mac OSX > or Windows that spies on users, the risk will still be there. In > the past I have used stream isolation to address this. I have > played around with stream isolation for each destination address > and also with setting stream isolation based on destination port. > Thoughts on stream isolation for this? > > Of course other precautions would need to be taken, such as > removing the internal wifi and bluetooth card to prevent any > compromise from identifying location. Along with not using the same > computer or OS for personal use and other uses they dont want > correlated with them (but shouldn't this already be a habit?). > > That was my first intended usecase was more protection from being > de-anonymized with the physical isolation. > > The second usecase is for applications that are hard to configure > for Tor or not made to work with Tor, to have it just use Tor with > no application level configuration needed. > > The third usecase, people sometimes use Tor not necessarily to be > anonymous in but to conceal their location. If one was concerned > about an exit node sniffing their data, my philosphy is that they > should not be using plaintext anyways. > > You do bring up a good idea of simply having the physical device > just act as a firewall to block non Tor traffic instead of having > it act as the Tor process. I will explore this idea to see if it > would work for my usecase. > > Is there any comments on the way Whonix gateway and TBB work > together?
You might find this documentation on Whonix with physical isolation interesting: https://www.whonix.org/wiki/Dev/Build_Documentation/Physical_Isolation Cheers, - -- - -Jeremy Rand Lead Application Engineer at Namecoin Mobile email: jeremyrandmob...@airmail.cc Mobile OpenPGP: 2158 0643 C13B B40F B0FD 5854 B007 A32D AB44 3D9C Send non-security-critical things to my Mobile with OpenPGP. Please don't send me unencrypted messages. My business email jer...@veclabs.net is having technical issues at the moment. -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJZNSGJAAoJELPy0WV4bWVwg20QAKUSEpKVXvP2RmdxVVRBIHWK AEjwUBBx/WktStYW832UvM/DJZ6nexobPjT9P4tVQU42xwjcYc0HzJePLYMIgMcs fTW+wiy+uG+GWlSaGAzPmP5icYBmP6zNlSU5+6wKBo0XJGqNYz6Ra65dtvy8DvI7 kijHUX5kTJzANxOaDBafioDiiqct7yoVJTDKn5qufhN4Xx1IDtdDNfn2waWr1W/n QWiC0LybZeCBHRdDy3jC+HFdJ/TElopCjElQDHq5C+jANVdvTvKFCodhdvdExOBn in/alTLj0kI9Ym4kq44XpF4NYPIB7HHAPBBfUkUpnE6LkUQUY1t5sohTPdK2FZ88 t7aaqtiU7KkJ/ERRW7vZJaWrIIsR0IYse3DCB1oWhhOKbOPteBOHJBAmzaFovPjJ prddn0XGGvIXKYvFj/CRYJilxR/E8lEn8ptcEYfWRL726kfsz461YlN2go1bdaYH rJqPwOjHn5b/JkXyx8qOqm67uEsaOydW8WEBPNXEn3d0j7tKDZJUaf3dGxtUU91C eh/B9yMX2iaZDgOpb2bGShIKc00uotluk0IMkq0B/oVbc9BumZOIC6sTihza8g9m PJG9a9xL6W/Ye6ZVWs2QtpNC4WJxMvG9NLonzCoi28/A6zQ3lfyQl1ixdERu2wSQ 2iXh0fovovdpPiAvuSvV =B9eo -----END PGP SIGNATURE----- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
