Re: Hidden service: Is it possible for an attacker to break out of a VM?
On Thu, Oct 07, 2010 at 08:31:14PM -0400, Michael Gomboc wrote: > Hi! > > If there is no back-door or bug in your VM software, how you wanna break out > of the VM? Ever seen bugless software? > Even with root privileges you will be a prisoner within the VM. http://www.google.com/search?aq=f&q=break+out+of+VM > pgp-id: 0x5D41FDF8 > Proof me wrong. Lack of professional paranoia detected. -- Eugen* Leitl http://leitl.org";>leitl http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Me <-> Tor <-> VPN <-> Internet?
On Thu, 7 Oct 2010 23:58:28 -0400 grarpamp wrote: > > a free VPN > > There are VPN providers that will let you pay anonymously. > > Among others, I would be interested in reading posts > containing lists of VPN providers that offer one or more > of these two services. Thanks. No -- put them on the Hidden Wiki. Finding *that* is left as an exercise for the reader. Robert Ransom signature.asc Description: PGP signature
Re: Me <-> Tor <-> VPN <-> Internet?
> a free VPN > There are VPN providers that will let you pay anonymously. Among others, I would be interested in reading posts containing lists of VPN providers that offer one or more of these two services. Thanks. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Hidden service: Is it possible for an attacker to break out of a VM?
On Thu, Oct 07, 2010 at 08:31:14PM -0400, michael.gom...@gmail.com wrote 2.8K bytes in 78 lines about: : If there is no back-door or bug in your VM software, how you wanna break out : of the VM? That's a perfect world that doesn't exist. The VM software will have bugs, someone will exploit it. For a start, http://duckduckgo.com/?q=virtual+machine+attacks -- Andrew pgp 0x31B0974B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Hidden service: Is it possible for an attacker to break out of a VM?
On Thu, 7 Oct 2010 18:12:45 -0400 hi...@safe-mail.net wrote: > Several people recommend running a hidden service from within a VM, > to prevent attackers from doing side channel attacks and reading off your > hardware components and serial numbers. Using a VM doesn't prevent most side-channel attacks. It only blocks access to a description of your hardware. > Then I heard that attackers can actually break out of VM's if they get root > access on it due to a successful attack. It depends on the VM software you are using. Robert Ransom signature.asc Description: PGP signature
Re: Hidden service: Is it possible for an attacker to break out of a VM?
Hi! If there is no back-door or bug in your VM software, how you wanna break out of the VM? Even with root privileges you will be a prisoner within the VM. Proof me wrong. Michael 2010/10/7 > The title says it all: > > Several people recommend running a hidden service from within a VM, > to prevent attackers from doing side channel attacks and reading off your > hardware components and serial numbers. > > Then I heard that attackers can actually break out of VM's if they get root > access on it due to a successful attack. > > I just want your opinions on that one, thanks! > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ > -- Michael Gomboc www.viajando.at pgp-id: 0x5D41FDF8
Re: Hidden service: Is it possible for an attacker to break out of a VM?
Hikki, >From a defense in depth point of view it can help to use a VM. It is not impossible for an adversary to break out of a VM, but if you are using a good VM it will at least require a pretty sophisticated attacker. I would say that using a VM would increase the security of your hidden service. On Thu, Oct 7, 2010 at 5:12 PM, wrote: > The title says it all: > > Several people recommend running a hidden service from within a VM, > to prevent attackers from doing side channel attacks and reading off your > hardware components and serial numbers. > > Then I heard that attackers can actually break out of VM's if they get root > access on it due to a successful attack. > > I just want your opinions on that one, thanks! > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ > -- Sincerely Yours, ---Thomas S. Benjamin *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Hidden service: Is it possible for an attacker to break out of a VM?
The title says it all: Several people recommend running a hidden service from within a VM, to prevent attackers from doing side channel attacks and reading off your hardware components and serial numbers. Then I heard that attackers can actually break out of VM's if they get root access on it due to a successful attack. I just want your opinions on that one, thanks! *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: AdvTor
Thus spake Anon Mus (my.green.lant...@googlemail.com): > Well, well, well suddenly the problem fixes "itself"... after 20+ > disconnects and 10+ "You are using a proxy which is changing your > data... refusing connection.." over the past 3 days. > > Must be just another co-incidence ..funny though how it was still > failing a minute prior to my post being written today. This must be > similar to the DNS resolution problem (unable to resolve DNS and so > failed page access) to webcrawler.com when using these servers as exits > the last 4 weeks... (might be fixed now, but these are all in my exclude > as exits list, so I wouldn't know). > > spfTOR1,spfTOR2,gpfTOR1,gpfTOR2,Amunet1,Amunet2,Amunet3,Amunet4,Amunet5,Amunet6,Amunet7,Amunet8,Amunet9,Amunet10,Amunet11,Amunet12,blutmagie,blutmagie2,blutmagie3,blutmagie4 > That's an interesting list. It looks like you just took the top 20 fastest exits and listed them. Are you excluding these because of proven malicious activity; because of poor connectivity; because they are banned from most sites; or just because you needed a button to make your Internet as slow as possible, and Tor seemed like the best choice? -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpr5u6KTLkmI.pgp Description: PGP signature
Re: AdvTor
On Thu, Oct 07, 2010 at 05:20:08PM +0100, my.green.lant...@googlemail.com wrote 2.3K bytes in 55 lines about: : Well, well, well suddenly the problem fixes "itself"... after : 20+ disconnects and 10+ "You are using a proxy which is changing : your data... refusing connection.." over the past 3 days. This would be a lot better if it came with logs, bug reports, and data. It could also be the destination site having problems, or the exit relay is overloaded, or sun flares. The Internet is complex, narrowing down the problem to Tor or not Tor is a first step. -- Andrew pgp 0x31B0974B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: AdvTor
Nick Mathewson wrote: On Thu, Oct 7, 2010 at 4:32 AM, Anon Mus wrote: On Sun, Oct 3, 2010 at 2:05 PM, wrote: Hello everyone. I found a fork (?) of tor software with GUI named Advanced Tor. I was surprised of its features, but found just nothing about it in web, though it has opened source placed in sf.net. Have you people discussed it? Please give a link to discussion if yes. Otherwise you are welcome (if it won`t break any or-talk rules), especially I`d like to know if someone can get through the code to check it for backdoors or something like that. Description and source: http://nemesis.te-home.net/Projects/AdvTor.html http://sourceforge.net/projects/advtor/ http://nemesis.te-home.net/Projects/AdvTor.html When connecting to this site through Tor either I get a "disconnect" or a weird message saying I am connecting via a proxy which is changing my data. I have only once had an acutual web page to browse (right after it the first post to OR-TAlk). Is this a TOr problem (e.g. a ban by Tor exits) or a site problem? Not sure what your trouble is here, but Tor doesn't ban sites. I just tried connecting there, and it worked fine for me. yrs, Well, well, well suddenly the problem fixes "itself"... after 20+ disconnects and 10+ "You are using a proxy which is changing your data... refusing connection.." over the past 3 days. Must be just another co-incidence ..funny though how it was still failing a minute prior to my post being written today. This must be similar to the DNS resolution problem (unable to resolve DNS and so failed page access) to webcrawler.com when using these servers as exits the last 4 weeks... (might be fixed now, but these are all in my exclude as exits list, so I wouldn't know). spfTOR1,spfTOR2,gpfTOR1,gpfTOR2,Amunet1,Amunet2,Amunet3,Amunet4,Amunet5,Amunet6,Amunet7,Amunet8,Amunet9,Amunet10,Amunet11,Amunet12,blutmagie,blutmagie2,blutmagie3,blutmagie4 *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: AdvTor
On Thu, Oct 7, 2010 at 4:32 AM, Anon Mus wrote: > On Sun, Oct 3, 2010 at 2:05 PM, wrote: >>> >>> Hello everyone. >>> >>> I found a fork (?) of tor software with GUI named Advanced Tor. I was >>> surprised of its features, but found just nothing about it in web, >>> though it has opened source placed in sf.net. >>> >>> Have you people discussed it? Please give a link to discussion if yes. >>> Otherwise you are welcome (if it won`t break any or-talk rules), >>> especially I`d like to know if someone can get through the code to >>> check it for backdoors or something like that. >>> >>> Description and source: >>> http://nemesis.te-home.net/Projects/AdvTor.html >>> http://sourceforge.net/projects/advtor/ >>> >>> > > http://nemesis.te-home.net/Projects/AdvTor.html > > When connecting to this site through Tor either I get a "disconnect" or a > weird message saying I am connecting via a proxy which is changing my data. > I have only once had an acutual web page to browse (right after it the > first post to OR-TAlk). > > Is this a TOr problem (e.g. a ban by Tor exits) or a site problem? Not sure what your trouble is here, but Tor doesn't ban sites. I just tried connecting there, and it worked fine for me. yrs, -- Nick *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: AdvTor
On Sun, Oct 3, 2010 at 2:05 PM, wrote: Hello everyone. I found a fork (?) of tor software with GUI named Advanced Tor. I was surprised of its features, but found just nothing about it in web, though it has opened source placed in sf.net. Have you people discussed it? Please give a link to discussion if yes. Otherwise you are welcome (if it won`t break any or-talk rules), especially I`d like to know if someone can get through the code to check it for backdoors or something like that. Description and source: http://nemesis.te-home.net/Projects/AdvTor.html http://sourceforge.net/projects/advtor/ http://nemesis.te-home.net/Projects/AdvTor.html When connecting to this site through Tor either I get a "disconnect" or a weird message saying I am connecting via a proxy which is changing my data. I have only once had an acutual web page to browse (right after it the first post to OR-TAlk). Is this a TOr problem (e.g. a ban by Tor exits) or a site problem? Jo *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Me <-> Tor <-> VPN <-> Internet?
On Thu, Oct 7, 2010 at 5:19 AM, John Brooks wrote:
> On Wed, Oct 6, 2010 at 9:11 PM, Load Bear wrote:
>> I am aware of that limitation. However, I am currently less concerned
>> about eavesdroppers between a given VPN and the destination than I am
>> about Tor exit-node eavesdroppers. Knowing the limitations involved, do
>> you know of some method to accomplish my expressed goal?
>
> Assuming it's not a free VPN, you also run the risk of being
> identified by your billing information. If it is free, I would say
> that there is just as much if not more risk of your traffic being used
> maliciously.
There are VPN providers that will let you pay anonymously.
However, if you're taking anonymity on the Internet seriously, using a
VPN as the last and only line of defense carries all kinds of risks:
Traffic analysis ("Let's look at all traffic going in and out of this
VPN server and match the traffic"), single point of failure in form of
the VPN provider (Do you trust him not to keep logs and sell them to
the next highest bidder?) and some more. From an academic point of
view, there isn't much anonymity to gain from a VPN.
You could run Tor on top of the VPN to gain anonymity. That sounds
technically possible even though I haven't tried it -- but I don't see
much benefit here unless you're living in a country that blocks the
public Tor nodes and most bridges.
Best,
/C
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
