How to attach Ethernet to a VM other than sys-net..?
neilh...@gmail.com
I would like to attach the Ethernet to the Whonix VM, so that I can use it as a Tor router to route the Tor connection into a 2nd laptop.
How do you attach Ethernet to a particular VM..? Does anyone know..?
Thanks
ludwig jaffe
Hi, thats a good Idea, to do this.
Also I have another approach, what do you think to add the tor routing to a router like openwrt, so one does not waste too much energy (E.G. XEON CPU and 16GB RAM) for implementing this network infrastructure.
It would be great to move the networking approach of qubes-os out to a *networking-subssystem*
Such a subsystem could be a cheap atom based computer with a bunch of gbit-interfaces (or if space is a problem /old laptop/ just one that produces vlan-tags for a vlan switch).
So my idea would be a cubes-net-box that has some interfaces for external connections and that serves 1gbit line with different vlan numbers to one or more qubes-os boxes of a group. So this line can also go to a stupid layer2 switch (no vlan) and be distributed to all qubes-os computers.
This tagged lan contains the different internal networks of a qubes-os computer today.
So the personal vms or work vms could share a common network! So people in an organization can work together with qubes.
Private lines could still exist in the machine if needed for special anonymity.
For the other cases the qubes-net in the computers could just "subscribe" to the vlan-tags of the qubes-net, in order to get the personal-vm-net, torified net-whonix (one trusts his organization here to share a torified net). If one dioes not trust she just does not subscribe to the vlan of the torified net.
I would like it to have easier access to the net behind the internal nat. (printing, scanning via ethernet e.g.)
What do you think?
Is it a good idea?
Ludwig
neilh...@gmail.com
I came to the conclusion that this is all a waste of time.
A hacker (especially nation state) would hack your main home router.
Then hack your endpoint laptop.
Then they can see that both are connected to a dedicated Tor router in the middle, through its MAC address or other identifier, such as device name.
So they can see that both are connected to the same dedicated Tor router, and thus, they can see who you are that way.
So unless you are confident that you can secure your main home router, then this idea of a dedicated Tor router is hopeless.
You would be better off using a QUBES live disc and ONLY use Tor from the very start.
As the internal NSA Snowden documents say, "one page request" is all it takes to hack you.. but note, they can only do this page request if you are actually connecting via your real IP address.
Therefore, use a QUBES live disc, use TOR ONLY (never mix it up with clearnet), and make sure your BIOS is freshly installed, and then just cross your fingers and hope you don't get hacked while using Tor browser. By all means, use NoScript etc.