Hakisho Nukama:
> On Sat, Oct 13, 2012 at 4:23 PM, Abel Luck <
ab...@guardianproject.info> wrote:
>> Hi folks,
>>
>> My qubes-tor service is ready for review. As Joanna suggested, I've
>> pushed it to a git repo.
>>
>> Source:
>>
https://github.com/abeluck/qubes-addons/commit/060b04871fd5f4f0faf40e7c7c5d55aa313387fa
>>
>> Documentation:
>>
https://github.com/abeluck/qubes-addons/blob/master/qubes-tor/README.md
>>
>> To build it:
>> I'm not sure quite how to integrate my addons repo into qubes-builder,
>> so I suggest checking out the repo then copying my changes over:
>>
>> $ rsync -a qubes-addons/* /path/to/qubes-builder/qubes-src/addons/
>> $ cd /path/to/qubes-builder/qubes-src/addons/
>> $ make rpms_tor
>>
>> The rpms will be in rpm/x64/qubes-tor*.rpm, where you can copy the to
>> your templatevm.
>>
>> Eagerly awaiting feedback, cheers,
>>
>> ~abel
>>
>> (public key attached to this message)
>
> Hi Abel,
>
> nice work so far, thanks!
>
Thank you, though I haven't done much more than packaging for Qubes the
already great work others have done.
> Would you advice to use a separate template for your AppVMs which uses
> TorVM as a NetVM (one template per anonymous identity)?
>
I use a separate template for my Net+ProxyVMs, than my normal AppVMs.
> My concern is about linking nicely separated domains with some kind of
> fingerprinting, be it through browser uniqueness or list of installed packages
> on a *common* template.
>
> Prerequisite are:
> - common template of identity exposing VM (banking, work) and anonweb
> - compromise anonweb and banking/work VM or
> - active/passive fingerprint gathered from both browsers
>
> If work, personal, untrusted and anonweb VMs are based on a common
> template a leak of both lists of installed applications and their
> versions could link your identity from you trusted VM to your anonweb VM.
>
As for separate templates for AnonVMS and AppVms, it isn't a bad idea
necessarily. The system fingerprinting your talking about is definitely
possible. If you can spare the HD space, I would not advise against it.
But, like Marek said, the act of using Qubes in and of itself is unique
and likely will be for some time.
> Browser uniqueness: Is it only different in qubes_ip and hostname
> (maybe profile-path) on both AppVMs sharing a common template?
>
If this is a concern for you, it is *essential* that you use TorBrowser
and **NOT** vanilla firefox from your AnonVMs. The Tor project has put
much effort into ensuring the TBB footprint is the same for all users,
and it will only get better.
Of course the TBB uses its own tor, which is undesirable (tor-within-tor
is bad). Attached to this email is a launcher for the TBB that bypasses
the bundled Tor and Vidalia. Be careful with it. (Note, the torbutton's
"new identity" doesn't work).
~abel