Abel Luck: > adrelanos: >> Hi, >> >> Is it Amnesic or can it be made Amnesic? >> >> Or in other words.... Can you be sure, that after deleting (or wiping) >> the torified AppVM no activity can not be reconstructed with local disk >> forensics? Could the torified AppVM be securely wiped without any >> leftovers? (Leftovers such as swap, or what else?) > > Regarding deletion of the VM: I was under the impression secure deletion > was not possible on modern SSDs. > > On the other hand, it should be possible to create an AppVM whose > writeable diskspace lies in enitrely in RAM. I'll investigate this.
This already exists! In Qubes the DisposableVM is RAM only by default. > >> >> Is Tor's data directory persistent, i.e. does it use Entry Guards? >> > I've not configured this explicitly, do you have any suggestions? > Here's the tor config: > > https://github.com/abeluck/qubes-addons/blob/master/qubes-tor/start_tor_proxy.sh > >> Are hardware serials, such as BIOS DMI information, hdd serials etc. >> hidden? (For a more comprehensive list of hardware serials and how to >> test if them are visible, you could check Whonix less important >> protected identifies as reference. [1]) >> > I'm fairly certain this is the case, seeing as how these are all VMs > (xen is the hypervisor), but I've not verifier the hunch so I can't make > this claim > > Hm, if you use the Qubes feature that lets you assign PCI (or USB) > devices to a VM, then obviously, no. > > Thanks for the link, I'll investigate some more. > >> Cheers, >> adrelanos >> >> [1] >> https://sourceforge.net/p/whonix/wiki/Security/#less-important-identifies >> _______________________________________________ >> tor-talk mailing list >> tor-talk@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> > > _______________________________________________ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
