Hacker News new | past | comments | ask | show | jobs | submit login

Not only are you not required to route traffic over Tor, but you can create arbitrary tree network topologies for all VMs.

For example, see the screenshot on https://github.com/kbrn/qubes-app-print-vm-status. VMs can access the 'net through "sys-firewall" (i.e. in the clear); or through "[redacted]-vpn", which has firewall rules enforced by "sys-firewall" that reject any traffic not to the designated VPN endpoint; or through "sys-whonix", which obviously routes all traffic over Tor.

Another great feature afforded by combining Qubes and Whonix is that it's trivial to use Whonix as a disposable VM, so you can really be sure one browser instance (say, for porn) can never affect another browser instance (say, for Facebook, or for leaking the next tranche of NSA docs).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: