Silk Road forums

Discussion => Security => Topic started by: yokes101 on December 06, 2012, 03:11 pm

Title: Liberte on VMware, Security risk?
Post by: yokes101 on December 06, 2012, 03:11 pm
For while now I have been logging on to the road with very poor security.
So I decided to to do some thing about that. I zero-filled my hard drive and did a full disk encryption.

Then I installed VMware to run Liberte (as I find running it on a USB very inconvenient) but now i'm getting a warning when I boot Liberte.
It's some thing like "warning non-native environment". Can anyone tell me what that means?
Is it a big deal or what?
Title: Re: Liberte on VMware, Security risk?
Post by: Just Chipper on December 06, 2012, 07:31 pm
It's simply stating that this OS was never tested in a virtual environment. AKA use at your own risk. I noticed that I receive more timeouts and network hiccups when running liberte or tails as VM vs CD or USB. Other than that everything works fine IME. Also I would highly reccomend NOT using persistence if you're using a VM as your data will be viewable from the host OS. Also not sure if you're aware but you can boot your VM FROM usb within the host OS, rather than using an OVA or ISO file to boot from.
Title: Re: Liberte on VMware, Security risk?
Post by: yokes101 on December 06, 2012, 08:06 pm
It's simply stating that this OS was never tested in a virtual environment. AKA use at your own risk. I noticed that I receive more timeouts and network hiccups when running liberte or tails as VM vs CD or USB. Other than that everything works fine IME. Also I would highly reccomend NOT using persistence if you're using a VM as your data will be viewable from the host OS. Also not sure if you're aware but you can boot your VM FROM usb within the host OS, rather than using an OVA or ISO file to boot from.

God the last thing I want is more timeouts and network errors!

Surely it's ok if the VM data is viewable from the host OS if the host OS is on an encrypted disk?
I will look into booting VM from usb within the host OS, That sounds like the best option to me.

Thanks for the info.  :)
Title: Re: Liberte on VMware, Security risk?
Post by: Just Chipper on December 07, 2012, 03:11 pm
It's simply stating that this OS was never tested in a virtual environment. AKA use at your own risk. I noticed that I receive more timeouts and network hiccups when running liberte or tails as VM vs CD or USB. Other than that everything works fine IME. Also I would highly reccomend NOT using persistence if you're using a VM as your data will be viewable from the host OS. Also not sure if you're aware but you can boot your VM FROM usb within the host OS, rather than using an OVA or ISO file to boot from.

God the last thing I want is more timeouts and network errors!

Surely it's ok if the VM data is viewable from the host OS if the host OS is on an encrypted disk?
I will look into booting VM from usb within the host OS, That sounds like the best option to me.

Thanks for the info.  :)

Well if it's turned off it is. My concern is my host OS being compromised and snooping my guest OS traffic while online. For this reason I run all network apps from host OS through sandbox.
Title: Re: Liberte on VMware, Security risk?
Post by: yokes101 on December 07, 2012, 07:17 pm
It's simply stating that this OS was never tested in a virtual environment. AKA use at your own risk. I noticed that I receive more timeouts and network hiccups when running liberte or tails as VM vs CD or USB. Other than that everything works fine IME. Also I would highly reccomend NOT using persistence if you're using a VM as your data will be viewable from the host OS. Also not sure if you're aware but you can boot your VM FROM usb within the host OS, rather than using an OVA or ISO file to boot from.

God the last thing I want is more timeouts and network errors!

Surely it's ok if the VM data is viewable from the host OS if the host OS is on an encrypted disk?
I will look into booting VM from usb within the host OS, That sounds like the best option to me.

Thanks for the info.  :)

Well if it's turned off it is. My concern is my host OS being compromised and snooping my guest OS traffic while online. For this reason I run all network apps from host OS through sandbox.

Sandbox? Sorry im new to this your going to have to bear with me.

I looked into booting an OS from USB into a VM, All I could find was a program called "Plop Boot" and im still trying to get it working.
If you have any more info on the that topic I would appreciate it.  :)
Title: Re: Liberte on VMware, Security risk?
Post by: Just Chipper on December 07, 2012, 07:44 pm
Sandbox? Sorry im new to this your going to have to bear with me.

I looked into booting an OS from USB into a VM, All I could find was a program called "Plop Boot" and im still trying to get it working.
If you have any more info on the that topic I would appreciate it.  :)

A Sandbox is a space on your harddrive that you write to instead of the OS. Therefore if the app in the sandbox gets infected, you simply format the sandbox. I personally use sandboxie on my host. But it's a windows only application. There are plenty for Mac and Linux though if you search around. Also on the USB plop does work, but is a huge pain in the ass as it only uses usb1.0(slow) instead of 2.0. Lookup pendrivelinux, they have a walkthrough on how to boot from USB.
Title: Re: Liberte on VMware, Security risk?
Post by: SRtester on December 08, 2012, 12:37 am
I boot a persistent Liberte USB stick on Windows OS in VMware player using the "Plop" bootloader as mentioned above. Yes it states "Warning: non-native environment (vmware)". I've never thought of this as a security risk, in fact booting from USB into a VM is inherently more secure than say, the Tor browser bundle. The USB stick is encrypted too, of course.
Title: Re: Liberte on VMware, Security risk?
Post by: jonnyboy91 on June 13, 2013, 12:09 am
Hey everyone quick question from this. I'm running vmware in win7 and have my liberte linux installed and setup on a usb. i've been booting from usb fine and then using ethernet connection because my wireless adapter won't work. But now running vmware and plop bootloader ive loaded up my liberte from usb using vmware fine and am bridging the connection from the host using the wireless adapter and then it shows up as wired connection inside liberte. Is there any settings i need to check or uncheck in vmware or my computer to be secure?

thanks
Title: Re: Liberte on VMware, Security risk?
Post by: abitpeckish on June 13, 2013, 02:23 pm
Running things on a hypervisor is fine, so long as you trust the hypervisor and its administrator(s).
Title: Re: Liberte on VMware, Security risk?
Post by: Just Chipper on June 13, 2013, 03:56 pm
Hey everyone quick question from this. I'm running vmware in win7 and have my liberte linux installed and setup on a usb. i've been booting from usb fine and then using ethernet connection because my wireless adapter won't work. But now running vmware and plop bootloader ive loaded up my liberte from usb using vmware fine and am bridging the connection from the host using the wireless adapter and then it shows up as wired connection inside liberte. Is there any settings i need to check or uncheck in vmware or my computer to be secure?

thanks

Please do not bridge the connection as this is inherently less secure. This gives Liberte an IP on your LAN rather than using the one your host has. I would recommend NATing Liberte and using the wireless on the host if this is your preference.

Running things on a hypervisor is fine, so long as you trust the hypervisor and its administrator(s).

The hypervisor isn't the issue. The host OS being compromised is. If you use a GUI on the host (as I assume most do) then an attacker can view every app accessing the GUI as there is no GUI level isolation. This means if you are using Firefox on the host and someone compromises it, they can view all your apps running in the GUI including your VM.