Silk Road forums
Discussion => Security => Topic started by: awesome1126 on August 15, 2011, 03:27 pm
-
Hey there, I have had my virtualbox and ubuntu programs for a while, but didn't get around to installing them and getting the guest OS running until recently. The host is a mac running leopard, and I'm wondering what is the best way for me to keep myself secure using this setup? I have read that running things using a VM is the way to go, but I don't exactly know where to start.
Should I run TAILS from the Guest OS (Ubuntu)? Or should I just install the Tor browser bundle and truecrypt and all that. I've read some things about isolation, but I don't want to start anything until I know the pros and cons of each, which seem pretty hard to narrow down in these huge posts.
What I'm basically asking is which way is going to provide me the best technical security?
-
I would think the best way would be to install the Virtual Machine on a USB stick, and then encrypt that.
I haven't gotten that far, yet.
The tor browser bundle package you are talking about is the easiest way to install TOR and Firefox, and be safe.
When you exit, pretty much everything is gone.
I wanted system that used security but I could still use my favorite toys.
Here's a link to install a tor vidalia polipo package on Ubuntu.
http://kyleabaker.com/2011/01/11/how-to-setup-and-use-tor-anonymity-in-ubuntu/
Remember to let Vidaiia take permanent control.
Then install the TOR button in Firefox, and you are off and running.
To install Pidgin with SILC.
http://www.unixmen.com/software/1788-pidgin-290-released-download-ppa
-
Thanks for the reply! I'll check those links out and I'll start to get that system set up... does anyone know the importance of, or how to isolate firefox from Tor? I'm planning on running Tor on the guest and not the host, is this the right idea?
-
Yea that's the right idea.
Most important is that you encrypt the VM guest file.
There are people trying to get the entire VM to go through a TOR proxy on the host, but I haven't seen anyone successful in that, but keep your eyes open for that since it'd be the best.
In the guest OS:
start tor (through vidalia or whatever you prefer)
get the tor firefox addon.
And just to be on the safe side you can set your global proxy settings so all other applications that detect for local proxy automatically goes through tor as well.
That's usually in System Settings -> Network -> Network proxy
should be set to something like socks: 127.0.0.1:9050 check in your tor config or vidalia to verify the port.
you can see if you are successfully running tor by accessing any .onion domain or going to:
https://check.torproject.org/
And NEVER do non-tor browsing with your guest OS, use it exclusively for tor.
If you run a bitcoin client in your guest, make sure it connects through tor (just google how to do that)