Tails's sandboxing secures it against deanonymization via a simple TBB vulnerability, but both firefox holes and linux privilege escalations are relatively common, and it seems likely that as Tails gets more popular it must be getting more attractive to try to combine the two. Sandboxing the browser in a virtual machine would make this much more difficult. I'd like to know whether this seems like a worthwhile thing to do to people here, of any work currently being done in this direction, and any difficulties people anticipate with it.
Here is what I know about the project so far: - Whonix works this way, but I think people don't use it because it's pretty clunky compared to tails. - Most current computers don't cope well with nested virtualization, so the Tails testing suite would run very slowly for most people if Tails depended on a virtual machine. There are new CPUs for which this isn't a problem. - There is a privacy-oriented chromium-based browser, seaturtle, which would aims to serve the same niche as TBB currently. Currently it only runs on android. Since it's chromium-based, it may be much more secure than TBB. I'm imagining this would be a fairly straightforward project: install TBB into a barebones debian virtual machine with TBB configured to connect to the "clearnet" from the VM's perspective, build Tails with virtualbox included, and with this VM wired up to tor. I don't yet know exactly how to configure TBB in this way, or how to connect the VM to tor. Either problem could turn out to be messier than it looks to me at the moment. But it seems like doing this would head off a fairly significant risk for people. Best regards, Alex
_______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.