Hacker News new | past | comments | ask | show | jobs | submit login
Running Tor in a NetBSD rump unikernel (github.com/supradix)
4 points by nbyouri on May 8, 2016 | hide | past | favorite | 1 comment



Hi. I created this package. It allows one to run an extremely secure tor relay on almost anything. The package is very easy to use and seems to work pretty well. I've been running the first of its kind "in the wild" as an exit relay for a week or so here...

https://atlas.torproject.org/#details/FD76CE423F64853C402EAC...

And it was officially merged upstream today here...

https://github.com/rumpkernel/rumprun-packages/commit/0171d4...

Running tor in a rump unikernel provides a single application, single address space image, with bare minimum necessary support drivers, that can be run portably on pretty much any hypervisor (or even on bare metal).

If security is a concern, you would be pretty hard pressed to run a more secure tor relay. This doesn't even have a /bin/sh, for example. There's precious little available to be exploited here, even should a tor exploit be found possible. Odds are, even a major tor vulnerability wouldn't do an interloper very much good in this case.

For background infomation, see...

Tor

https://en.wikipedia.org/wiki/Tor_%28anonymity_network%29

https://www.torproject.org/

Rump Kernel

https://en.wikipedia.org/wiki/Rump_kernel

http://rumpkernel.org/

Enjoy. :)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: