I'm not too familiar with Whonix. May I ask what it does exactly to protect the system from a malicious actor with root level access to the "gateway" machine?
Additionally is there any analysis or guidance on the safe hardware and software configuration of virtual machines from the Whonix project? As you may be aware, virtual machines are not a security product in and of themselves and they are certainly not magic. Do you suppose that it may be the case that malicious software has a harder time gaining root privileges on Tails than breaking out of a badly configured virtual machine? Do not forget that hypervisor software has bugs too and generally has unrestricted access to the host machine. May I also ask if Whonix addresses the other key feature of Tails which is ensuring that there will be no forensic evidence left behind after usage? With regards to Torbrowser on BSD, from what I understand the Tor browser project is simply a collection of patches for Firefox. I'm confident you can receive many of the benefits of the Tor browser by patching and compiling Firefox manually. I say this because there is a Gentoo Linux overlay which does exactly that. On 12 Apr 2015 17:24, "WhonixQubes" <whonixqu...@riseup.net> wrote: > On 2015-04-12 6:47 am, Andreas Krey wrote: > >> Whonix https://www.whonix.org is a very good solution available on all >>> BSDs today. For some reason it remains under-appreciated. >>> >> >> Tails also comes to mind. >> > > > One quick note on Whonix vs. Tails: > > If malware roots your Tails, then it is game over for your anonymity, as > your real IP and MAC are exposed. > > With Whonix, the Tor process is further isolated out into a separate > machine (virtual or physical), so that root-privileged malware or other > misbehaving apps can't just circumvent the Tor connection and get access to > your real IP or MAC address. > > > Put a strong condom on your Tor isolation. > > > Hat tip to mirimir for the mention of our high security Qubes + Whonix > option too. ;) > > WhonixQubes > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
