> The goal is to create a bulletproof environment where nothing can leak > thought configuration mistakes, dns, java, flash, plugins and even side > channel attacks, local infections, trojans... > Additionally it's also nice to know that all applications can be torified > even if they do not support proxy settings
> Initial step is to learn how to setup a VPN server and how to connect to a > VPN server and to use it's internet connection. After that's done this > internet connection needs to be torified. You can't trust any machine to honor it's VPN, proxy, torify, or any other settings when under attack. Most certainly not a Windows box running all that stuff. The only way to do it is to let the box of wayward software run free and insert a packet filter on it's physical wire. Then smile while you run whatever you want. If you put the box of junk in a VM and trust the parent OS to corral the VM's net (which is reasonable), that's fine too. But I wouldn't ever try to point some standalone box's stack (under VM or not) to a VPN terminator like this. That's asking for trouble. _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
