> If your Tor is running in another appVM, such as whonix-gw does, the worst > a sys-net compromise could do is redirect the *encrypted* Tor traffic from > whonix-gw, which isn't terribly useful for the attacker.
Oh, I should mention, as you asked in your original question, that yes, a compromised sys-net could absolutely and trivially reveal your IP, regardless of whether Tor is running in sys-net or another AppVM. All the attacker has to do is fling a single packet to their server (bypassing Tor), and they have your address. "ping" would do the trick. But if Tor is in a separate AppVM, any data going into sys-net is triply-encrypted, and the content is safe from an attacker who has compromised sys-net. (If Tor is running in sys-net, the traffic coming in from the VM isn't Tor-encrypted, obviously, and far more visible, HTTPS notwithstanding.) JJ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b4db5a08cca0cef35d47c814c9121326.webmail%40localhost. For more options, visit https://groups.google.com/d/optout.