This means on shutdown the key is purged from memory and swap is, for all intents and purposes, irrecoverable. Ideally swap should be encrypted with a random key generated each boot. Using full disk encryption isn't even a great solution, many Linux installers only encrypt the swap with the same master key as is used for your system partition. The VM, too, is possibly storing unexpected information about it's state even if you've disabled paging/swap (can you even fully do this under Windows?) and hibernation. Worse still if the systems support hibernation or suspend-to-disk, it will write the entire contents of memory( !!) to disk! Everything in your Tails session would be stored on the filesystem of the Host machine. This means information about the website your were browsing, your cryptographic keys, your plaintext instant messenging and email may just be written to disk in plaintext. If you run Tails inside of a VM on a host system that uses a pagefile or swap, chunks of the memory in use by the Tails virtual machine will be written to disk. It has anti-forensic properties, Tails is meant to not leave forensic evidence on the system. Some of Tails' properties only hold if it is running in the environment that it expects! It is running inside a virtualized environment that Tails expects and believes to be hardware. The "guest" (Tails) cannot do anything about the actions of the "host". If you are using your own computer, it is probably safe.Īs the documentation states there are limitations. This one irks me, especially when the "VMs are magic" crowd provide answers like:
0 kommentar(er)
