Silk Road forums
Discussion => Security => Topic started by: seuss on March 31, 2012, 05:50 pm
-
also this is off topic but i reiterate the need for you guys to use tor-isolated VMs (with hardware isolation if you can)
saw this stated in a post. i've looked this up and found this tutorial (hxxp://lifehack.org/articles/technology/beginners-guide-run-linux-like-any-other-program-in-windows.html). any tech-savvy person care to express whether he/she thinks this is a good, up-to-date tutorial for a noob, or if there is any tutorial which is better? Also what does it mean to have hardware isolation? is that like putting the VM on a trucrypt encrypted usb flashdrive? i need to encrypt my hdd too, anyone care to redirect me to a tutorial on how to do that? any advice or redirection to good pages or threads would be appreciated.
-
well the conclusion on this was that you are better off using OS virtualization or paravirtualization than hardware virtualization, but non virtualized hardware isolation is the clear win
-
That post almost meant only using something which is defaulted to force all connections through Tor, so you can't log in drunk one day in the clear and give away your identity by accident like Sabu did
-
well the conclusion on this was that you are better off using OS virtualization or paravirtualization than hardware virtualization, but non virtualized hardware isolation is the clear win
in layman's terms? lol sorry. should i follow that tutorial or not? if by non-virtualized hardware isolation you mean putting linux on a truecrypt flash drive or something to that effect, i dont think i'll manage well. a VM seems to be my best bet.
That post almost meant only using something which is defaulted to force all connections through Tor, so you can't log in drunk one day in the clear and give away your identity by accident like Sabu did
i, as a customer, should be using a vm for more security anyway though , right? instead of just accessing the darknet on my regular firefox browser on windows
-
Using the Tor browser bundle is fine for here if you're just a buyer. You can't connect to SR otherwise so you're g2g.
Now if you're connecting to IRC and jabber and your external emails it'd be best to create a VM snapshot or use a live CD that forced all connections through Tor so you can't fuck up, because we're only human and nobody can maintain perfect comsec discipline everyday.
Can always install Virtualbox, VMware or Qemu and load up a Tails or Liberte Linux .iso in it.
Better if you just burnt it to CD and rebooted
-
Using the Tor browser bundle is fine for here if you're just a buyer. You can't connect to SR otherwise so you're g2g.
Now if you're connecting to IRC and jabber and your external emails it'd be best to create a VM snapshot or use a live CD that forced all connections through Tor so you can't fuck up, because we're only human and nobody can maintain perfect comsec discipline everyday.
Can always install Virtualbox, VMware or Qemu and load up a Tails or Liberte Linux .iso in it.
Better if you just burnt it to CD and rebooted
i thought the tor browser bundle was considered inefficient by some folks; don't remember the technical reasons though. all i have are vidalia and tor button. i dont use irc or jabber. what would be the additional advantages of getting a virtualbox/vmware/qemu for me then? anyway if this isn't really a security hazard for me then, i should still get my HDD encrypted right? whats this whole deal with truecrypt? any tutorials for a noob?