Firstly it's not intended to protect you from the hacking elite, I've never made that claim even once.
It really isn't intended to protect from much of anything, that is the main issue with it.
Secondly VMware is NOT full hardware virtualization, it's paravirtualization in this case (Full hardware virtualization is only available in their ESX products).
I am pretty sure ESX products are actually for paravirtualization, where as vmware workstation etc are full hardware virtualization. You are confusing
The more you respond the more it's clear that you have a very limited understanding (much more so than I had thought) of virtualization. I've made a career of it and security for well over a decade now, can you make that same claim? I doubt it.
I have only been studying computer security for about six years, but I do find it unlikely that you have ever worked in the computer security industry.
The only claim I've made as to it's purpose is it's intended to keep your data and transactions secure from LE.
And it will not, which is the issue
I never made any claims about the DEA. What intelligence work I did I really can't comment on for a plethora of reasons and you must be out of your fucking skull to think I would disclose any details related to that, I might as well eat a bullet before I disclose those details. The most I can say is I worked in general terms in the information security field, but thats all I will disclose.
Actually you did make claims about the DEA and the NSA. I didn't ask for specific details I just am curious which sort of work it was, SIGINT, COMINT, MASINT, etc. I don't think anyone will kill you for saying that will they?!
ASLR? Really? Are you really going to suggest that ASLR is even REMOTELY necessary for this application? If so go butt fuck your fantasy lover Theo and be done with it already. While ASLR provides levels of security to protect against hacks and the like thats NOT what this device is intended to be secure from as I have said over and over again but apparently that thick skull of yours doesn't seem to allow much data to penetrate it. I guess it's too secure.... 
ASLR and a 64 bit OS are at least highly suggested if you want to avoid being pwnt by the nth buffer overflow vulnerability in whichever applications you use. Yes we know you don't think your VM is secure from hackers, that is why it is strange to market it as a security oriented VM. You also have implemented its other security features poorly, and many of them are just eye candy that serve no real security function.
See above dickbag. Nobody made any claim that spybot was going to protect anyone from a would be attacker, it's a malware tool, thats all. Which if they are only using it for it's intended purpose is completely unnecessary, just like ASLR.
Scanning for malicious tracking cookies and generic spyware is essentially useless for serious security, but being immune to buffer overflow vulnerabilities in all of the applications you run seems like a pretty necessary thing to me.
Again failing to understand how virtualization works. Go do some reading Jr. because even if they had a whole dump of the HOST machines memory it's highly unlikely they would be able to retrieve the key from the guest. Secondly if someone comes bashing in your door, don't you think pulling the plug might be a wise move? Which would prevent them from obtaining a useable copy of what was in memory prior to pulling the plug unless they restore power in less than about 5-6 seconds. Which somehow I don't think the goon squad will be able to do.
1. They will root the guest VM and dump the key from memory there? After all the guest VM has the network facing applications that they can target already running inside of it.
2. If the key is in the guest VM memory it is also in host VM memory
3. They have much more than 5-6 seconds to forensically analyze the RAM after power is cut
4. I don't think you can likely pull the plug before they restrain you
So all you need for SR is firefox? Weird, if you are such a fucking expert how is it you missed the fact there are several other tools that should ALWAYS be used with SR?
And all of the tools are more or less the same on Windows or Linux.
Against who? Who is this device protecting against? You seem to often go on tangents and lose sight of this very important fact, but the more you punch away at that keyboard the more I realize you really are just another wanna be blackhat with no concept of what is reasonable security measures are and what is completely unreasonable and overkill for a particular application.
The more you pound on the keyboard the more I see you are either delusional or an epic troll
You again are talking about security that is extremely overkill for this application. I'm not even going to repeat myself for the 100th fucking time. You have absolutely NO fucking clue what I know about security and what security mechanisms I am familliar with.
I have no idea because you have not demonstrated any security know how, all you have demonstrated is the ability to install some random stuff (shit) and what is required for SR on Windows XP.
What I have admitted is that I am interested in making money in exchange for my professional skillset that I use every day in the real world and am compensated quite well for.
It is a shame if you are being paid to do anything related to security, but not that surprising. Most corporate security people blow.
Your wrong, I know this for a fact. I will not elaborate on this further but AES256 on it's own has been compromised in the past.
When it is used as a checksum AES-256 has had its security substantially reduced, I think there was also an attack that caused significant damage to it when used as a symmetric encryption algorithm, however there are no known cases of AES-128 or higher being directly broken. You can spout off bullshit uncited claims and say you have secret inside info all you want, but at the end of the day it just makes you look like a fuckwad. Citation, technical details, or shut the fuck up, to put it nicely.
Again showing your lack of comprehension of security in virtualization applications. There is isolation between guest memory and host memory, when was the last time you examined the memory dump of a guest VM generated from the host? If you did it wasn't very useful because it needs to be generated from within the guest to be useful.
1. They will analyze the virtual drive looking for the leak
2. Things in guest memory also must be in host memory
Nothing is ever %100 fool proof, suggesting anything otherwise would be disingenuous at best. If you are such an expert at cryptanalysis and/or forensics hows about I provide you with a file and a message inside it and when you are able to recover the data then you will have earned some semblance of a leg to stand on, until then you are nothing more than a forum troll spouting off at the mouth about things you don't know anywhere near what you suggest you do about.
I doubt that I can decrypt anything you send me that has been encrypted with a strong algorithm. I also doubt that the NSA can. You are the one claiming that AES-256 can be cracked, not me.
You clearly (again) demonstrating a significant lack of knowledge about the types of virtualization in use and the mechanisms and features of each. This vm is NOT full hardware virtualization or HVM for those in the industry (like myself) refer to it.
HVM and full hardware virtualization are not the same thing, you can have full hardware virtualization via binary translation without using HVM. This is the way the terms are very commonly used anyway, technically I believe that binary translation is not actually full hardware virtualization, but virtualbox is still called full hardware virtualization even if it isn't getting hardware support from the CPU.
The scope of the project is to keep you safe from local/state and FBI LE, thats it.
This product will not keep you safe from FBI and is unlikely to keep you safe even from many state and local agencies.
Show Posts
. You might want to use DBAN on top of it just incase though