Delivery-Date: Sat, 05 Jul 2014 13:58:39 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 15B9A1E0462
	for <archiver@seul.org>; Sat,  5 Jul 2014 13:58:29 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 490BA2FD6A;
	Sat,  5 Jul 2014 17:58:24 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id A94D12FDEC
 for <tor-talk@lists.torproject.org>; Sat,  5 Jul 2014 17:45:22 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 1pVs8e6JEz2R for <tor-talk@lists.torproject.org>;
 Sat,  5 Jul 2014 17:45:22 +0000 (UTC)
Received: from mari.romanrm.net (mari.romanrm.net
 [IPv6:2400:8500:1301:801:157:7:203:202])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 4D8042F6F9
 for <tor-talk@lists.torproject.org>; Sat,  5 Jul 2014 17:45:22 +0000 (UTC)
Received: from natsu (unknown [IPv6:fd39::a60:6eff:fef3:b5b3])
 by mari.romanrm.net (Postfix) with ESMTPS id 2BECA27123
 for <tor-talk@lists.torproject.org>; Sat,  5 Jul 2014 17:45:15 +0000 (UTC)
Date: Sat, 5 Jul 2014 23:45:12 +0600
From: Roman Mamedov <rm@romanrm.net>
To: tor-talk@lists.torproject.org
Message-ID: <20140705234512.0a4773c3@natsu>
In-Reply-To: <1404579910.39384.YahooMailNeo@web122401.mail.ne1.yahoo.com>
References: <1404414258.29695.YahooMailBasic@web122406.mail.ne1.yahoo.com>
 <53B80989.7060706@bitmessage.ch>
 <1404579910.39384.YahooMailNeo@web122401.mail.ne1.yahoo.com>
X-Mailer: Claws Mail 3.8.1 (GTK+ 2.24.10; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Subject: Re: [tor-talk] Benefits of Running TBB in a VM?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0920712994424685335=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

--===============0920712994424685335==
Content-Type: multipart/signed; micalg=PGP-SHA1;
 boundary="Sig_/nvzPBpOB.JKWu2I6kQxF5HR"; protocol="application/pgp-signature"

--Sig_/nvzPBpOB.JKWu2I6kQxF5HR
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Sat, 5 Jul 2014 10:05:10 -0700
Bobby Brewster <bobbybrewster203@yahoo.com> wrote:

> >>>if your non-VM host system has been compromised, there is absolutely no
> >>>notable advantage to using a vm.=C2=A0 your vm will be affected by the
> >>>malware that sits on the host system.=C2=A0=20
>=20
>=20
> I don't understand this. If my Ubuntu system has a virus / rootkit / what=
ever then what I do on it is compromised.
>=20
> The VM is, in effect, a seperate OS. How would it be affected by the malw=
are on the non-VM system?

First of all, malware at the host OS can capture and log all keypresses you=
 do
in the VM system; can also make screenshots or video capture of what you do=
 in
it, can also capture network traffic or even read memory of the guest VM.

Second, there is the issue of trust; your host system has unrestricted acce=
ss
to the entire disk of all guest VMs it runs. If your host executes malicious
code, you can't be sure that your guest VMs haven't been accessed and tampe=
red
with in some way. On the contrary, you should assume they HAVE been
compromised by the infected host.

--=20
With respect,
Roman

--Sig_/nvzPBpOB.JKWu2I6kQxF5HR
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlO4OagACgkQTLKSvz+PZwhMNgCgj5sc2cSKdQZX3FQBQasJS/UH
jMQAn1/atGCQrfanZY4nqPijmuxAbVD9
=jW04
-----END PGP SIGNATURE-----

--Sig_/nvzPBpOB.JKWu2I6kQxF5HR--

--===============0920712994424685335==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============0920712994424685335==--

