Re: Whonix ALPHA 0.4.5 - Anonymous Operating System released
nick black:
> [dropped tor cc]
>
> adrelanos left as an exercise for the reader:
>> This is because Whonix consists of two (virtual) machines. One machine
>> solely runs Tor and acts as a gateway, which we call Whonix-Gateway.
>> The other machine, which we call Whonix-Workstation, is on a
>> completely isolated network. Only connections through Tor are possible.
>
> I'll take a look at your [1] in a moment, but what about leaks at layers
> 5 and higher? If I understand correctly, you've got your proxying system
> scrubbing layers 3 through 4, and layer 2 is handled by virtue of the
> virtual machines, but if i own the box, and then go to whatsmyip.com or
> whatever, that's still going to see the......
If you get into the VM and own the box, i.e. escalate form the VM to the
host, it's game over. (Unless using Physical Isolation. [3]) See the
attack comparison table. [1]
> ahhh, nevermind, just read your "Protocol leaks" section. OK, so you're
> aware of this issue :D. you clearly feel it doesn't make moot the rest of
> the effort; could you explain why? thanks!
As the attack comparison table [1] shows, Whonix download version (no
Physical Isolation [3]) gets indeed defeated by VM exploits, exploit
against Tor process and attacks against the Tor network.
Nevertheless, it's useful. Misbehaving applications are confined.
It improves security in real world. [2]
Feel free to ask further questions about this or other topics.
> feel free to take this private, or back onto the tor list, or whatever.
>
No issue with me, whatever is most appropriate.
[1] https://sourceforge.net/p/whonix/wiki/Security/#attacks
[2]
https://sourceforge.net/p/whonix/wiki/Security/#whonix-security-in-real-world
[3] https://sourceforge.net/p/whonix/wiki/PhysicalIsolation/
Reply to: