Per the thread on the Tor tracker (
https://trac.torproject.org/projects/tor/ticket/7681), I want to start
working on integrating the of Pseudonymity as defined by WiNoN into Tails.
Namely, users run multiple, independent VMs connected to independent paths
through the Tor network in order to wear multiple hats. A user accessing
IRC and GMail under two different contexts would do so in two different
VMs. There are other benefits of using VMs as the Whonix folks have
recognized. Namely, that information about the host cannot (easily) leak
into the guest and vice-versa. To do this I propose the following:
- In the host, we run redsocks (
http://darkk.net.ru/redsocks/), this will
pick up traffic from the VMs and redirect it to Tor. Currently there exists
no package for redsocks in Squeeze, should we check to see if the Wheezy
package works or just build our own Redsocks package?
- Install the necessary software for both LXC and KVM
- Give amnesia the right sudo abilities to start LXC and KVM
- Add start LXC Pseudonym and KVM Pseudonym to the desktop
- Upon starting a Pseudonym, we'll add a Tap device and connect it to a
bridge, where redsocks will pick up the traffic. For each pseudonym, we'll
run a unique redsocks instance and start a new Tor proxy socket.
- We can either a pseudonym watcher to clean up state or just run the
pseudonym in a script, blocking on the VM execution. When the VM has been
closed, it is automatically cleaned up.
- Use IP Tables to enforce communication between the pseudonyms and Tor
In this instance, each pseudonym will have a unique IP address, but it will
only be able to talk to Tor running via the bridge and not other pseudonyms.
Call this round 1, and we'll add more details as we discuss.
Cheeers,
David