Abel Luck: > Interesting reading, thanks! My use case is different. It's running > Qubes-OS [1] with a specific TorVM acting as a transparent proxy for > other AppVms. > > The AnonBrowserVM is a VM that only has Firefox (soon TBB without tor). > OS updates are handled separately in a different VM. The root FS is > read-only (technically COW, but never written, see [2]). > > Looking at your attack comparison matrix, I believe a proper Qubes > w/TorVM+AnonAppVM setup is safe for all attacks except those involving a > vm exploit and an attack against the tor process or network.
I haven't check in details, but Qubes looks very good. There is a big and very good blog post about Qubes + Tor. The part it lacks is the stream isolation part. http://theinvisiblethings.blogspot.com/2011/09/playing-with-qubes-networking-for-fun.html _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk