Abel Luck: > adrelanos: >> Hi, >> >> Is it Amnesic or can it be made Amnesic? >> >> Or in other words.... Can you be sure, that after deleting (or wiping) >> the torified AppVM no activity can not be reconstructed with local disk >> forensics? Could the torified AppVM be securely wiped without any >> leftovers? (Leftovers such as swap, or what else?) > > Regarding deletion of the VM: I was under the impression secure deletion > was not possible on modern SSDs. > > On the other hand, it should be possible to create an AppVM whose > writeable diskspace lies in enitrely in RAM. I'll investigate this. > >> >> Is Tor's data directory persistent, i.e. does it use Entry Guards? >> > I've not configured this explicitly, do you have any suggestions?
Tor Browser Bundle users are using persistent Entry Guards. Final goal should be to share the same fingerprint with them (web fingerprint, traffic fingerprint for local observer). If you manage to use Tor Browser in the AppVM and Entry Guards in the TorVM, the fingerprint should be the same. Except, that you added strong security by isolation for the case of a browser exploit. Whonix uses persistent Entry Guards and Tor Browser. Persistent Entry Guards are planed for Tails. https://tails.boum.org/todo/persistence_preset_-_tor/ https://tails.boum.org/todo/persistence_preset_-_bridges/ Tor Browser is planed for Tails. https://tails.boum.org/todo/replace_iceweasel_with_Torbrowser/ Persistent Entry Guards are considered for Liberte Linux: Please see recent thread "[tor-talk] Location-aware persistent guards". So the answer is yes, I in most cases I recommend persistence for Entry Guards and Tor's data dir. The same goes for Vidalia, since it can be used to configure Tor and bridges. Some further thoughts on persistent Entry Guards: On the other hand, non-persistent Entry Guards are more amnesic. So if you decide to add a amnesic feature, that should be also possible to do with the TorVM. There is also in the thread "[tor-talk] Location-aware persistent guards" or in the linked ticket https://trac.torproject.org/projects/tor/ticket/2653 are though, that non-persistent Entry Guards are better suited for people who travel a lot / Live CDs. > Here's the tor config: > > https://github.com/abeluck/qubes-addons/blob/master/qubes-tor/start_tor_proxy.sh > >> Are hardware serials, such as BIOS DMI information, hdd serials etc. >> hidden? (For a more comprehensive list of hardware serials and how to >> test if them are visible, you could check Whonix less important >> protected identifies as reference. [1]) >> > I'm fairly certain this is the case, seeing as how these are all VMs > (xen is the hypervisor), but I've not verifier the hunch so I can't make > this claim > > Hm, if you use the Qubes feature that lets you assign PCI (or USB) > devices to a VM, then obviously, no. > > Thanks for the link, I'll investigate some more. > >> Cheers, >> adrelanos >> >> [1] >> https://sourceforge.net/p/whonix/wiki/Security/#less-important-identifies >> _______________________________________________ >> tor-talk mailing list >> tor-talk@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> > > _______________________________________________ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
