Bug #12037
virt-manager doesn't work anymore with the USB persistence
0%
Description
When you apply these options : https://tails.boum.org/doc/advanced_topics/virtualization/virt-manager/index.en.html#index4h1
For using Tails launched in virt-manager with an external USB-stick.
This doesn’t work anymore since 2.9.1.
It show only the first boot-menu from the first window => " BOOT TAILS " live/live failsafe". and FREEZE on it after event after the decount.
30 minutes could passed… Nothing change.
(There is a picture in attachment)
Files
Subtasks
History
#1 Updated by Diki 2016-12-17 23:41:13
Hello,
If you check trafic between the Host machine and the virtual machine while Tails start, you will see security vulnerabilities.
Normally we should see that TLS traffic for the Tor network, but that is not the case ! I was able to detect network attacks. I think these network security flaws seriuosly impacts the startup of Tails. I have also seen in the Tails logs redundant anomalies causing several times the restart of several processes.
I have already transmited these facts with screeenshots to the Tails Administration. I got an evasive response… In summary, Tails asks me to reproduce the attacks I detected…
In conclusion, I think that the Tor network is compromised.
Best Regards.
Diki
#2 Updated by TITAN 2016-12-18 16:45:48
Hello Diki,
Thank you for these precious information..
So,the use of virtual-machine should be really reconsidered ?
If the Network is compromised too => there is non-sense to use it anymore..
It should be seriously audit!
I’m gonna edit the post in “high Priority”
#3 Updated by Diki 2016-12-18 19:12:31
Hello TITAN,
" So,the use of virtual-machine should be really reconsidered ? ": No
If someone can explain the origin of the TCP intrusions (Network traffic during Tails startup) that I have detected (see attachment), I think we will see more clearly …
Best Regards,
Diki
#4 Updated by Diki 2016-12-19 16:17:27
- File Virus-dhcpnameserver-detected.JPG added
Hello TITAN,
I think I have found the cause that is blocking the startup of Tails. As for the origin of this cause, I await an answer from my previous comment because I have a serious track on this subject.
First of all, it is very likely that you were infected, through the use of Tails, by the virus called “DhcpNameServer”. I did the test at home, and when I eradicated “DhcpNameServer”, the start of Tails is normal again.
To know if you are infected with “DhcpNameServer” (see attachment) runs an analysis with “RogueKiller”, then if it is confirmed you will have to delete it by following for example this tutorial here http://blog.removevirusnow.org/dhcpnameserver-removal/
We will then see how this virus was introduced via Tails but for now I expect a precise answer to my previous comment before discussing how this virus could infect a host machine through a virtual machine dedicated to Tails (Network adapter: NAT / DHCP VMWARE)
Waiting for your answer, :)
Best Regards,
Diki
#5 Updated by Diki 2016-12-19 17:42:15
Hello,
I invite you to read the answer (ticket #4) that I posted on your blog
here https://labs.riseup.net/code/issues/12037
Best Regards,
Diki
2016-12-18 17:45 GMT+01:00 <redmine@labs.riseup.net>:
> Issue Bug #12037 has been updated by TITAN.
>
>
> Hello Diki,
>
> Thank you for these precious information..
> So,the use of virtual-machine should be really reconsidered ?
>
> If the Network is compromised too => there is non-sense to use it anymore..
>
> It should be seriously audit!
> I’m gonna edit the post in “high Priority”
>
>
>
> ————————————————————
> Bug Bug #12037: virt-manager doesn’t work anymore with the usb persistence
> https://labs.riseup.net/code/issues/12037#change-64447
>
> * Author: TITAN
> * Status: New
> * Priority: Elevated
> * Assignee: TITAN
> * Category: Virtualization
> * Target version: Tails_2.9.1
> * QA Check:
> * Feature Branch:
> * Type of work: Code
> * Blueprint:
> * Easy:
> * Affected tool:
> ————————————————————
> When you apply these options : https://tails.boum.org/doc/advanced_topics/
> virtualization/virt-manager/index.en.html#index4h1
>
> For using Tails launched in virt-manager with an external USB-stick.
> This doesn’t work anymore since 2.9.1.
>
> It show only the first boot-menu from the first window => " BOOT TAILS "
> live/live failsafe“. and FREEZE on it after event after the decount.
> 30 minutes could passed… Nothing change.
>
> (There is a picture in attachment)
>
>
> —-Files————————————————
> TAILS BUG.png (42.5 KB)
>
>
> —
> You have received this notification because you have either subscribed to
> it, or are involved in it.
> To change your notification preferences, please click here:
> ”$":https://labs.riseup.net/code/my/account
>
#6 Updated by intrigeri 2016-12-20 10:17:34
> First of all, it is very likely that you were infected, through the use of Tails, by the virus called “DhcpNameServer”. I did the test at home, and when I eradicated “DhcpNameServer”, the start of Tails is normal again.
This ticket is about a problem on Linux (virt-manager), so I don’t think that this virus thing applies.
#7 Updated by intrigeri 2016-12-20 10:17:42
> If you check trafic between the Host machine and the virtual machine while Tails start, you will see security vulnerabilities.
This is off-topic on this ticket.
#8 Updated by intrigeri 2016-12-20 10:18:45
- Subject changed from virt-manager doesn't work anymore with the usb persistence to virt-manager doesn't work anymore with the USB persistence
- Target version deleted (
Tails_2.9.1)
#9 Updated by intrigeri 2016-12-20 10:20:08
- Priority changed from Elevated to Normal
- QA Check set to Info Needed
> When you apply these options : https://tails.boum.org/doc/advanced_topics/virtualization/virt-manager/index.en.html#index4h1
> For using Tails launched in virt-manager with an external USB-stick.
> This doesn’t work anymore since 2.9.1.
> It show only the first boot-menu from the first window => " BOOT TAILS " live/live failsafe". and FREEZE on it after event after the decount.
> 30 minutes could passed… Nothing change.
What operating system / version are you using?
What’s the output of sudo aa-status?
Please try other versions of the (virtual) USB adapter assigned to the VM. In particular, try the USB 3.0 (xhci) one.
#10 Updated by Diki 2016-12-20 15:17:43
" For using Tails launched in virt-manager with an external USB-stick.
This doesn’t work anymore since 2.9.1."
I use “VMWARE WORKSTATION 12 PRO” and I have no problem to use one USB Live Tails 2.9.1
What operating system / version are you using?: Host machine: WIndows 8.1 Pro
“What’s the output of sudo aa-status?”: ? sudo aa-status?
“Please try other versions of the (virtual) USB adapter assigned to the VM. In particular, try the USB 3.0 (xhci) one.”: I use already USB 3.0 for Live Tails 2.9.1. I have no problem.
#11 Updated by intrigeri 2016-12-20 16:04:55
> " For using Tails launched in virt-manager with an external USB-stick.
> This doesn’t work anymore since 2.9.1."
> I use “VMWARE WORKSTATION 12 PRO” and I have no problem to use one USB Live Tails 2.9.1
Which is why this is off-topic here: VMWARE has nothing to do with virt-manager :) My questions were for the bug reporter.
#12 Updated by Diki 2016-12-21 00:06:18
VMWARE is not the subject I explain just under which platform of virtualization I was able to highlight the detection of attacks especially Ddos at the start of Tails. Obviously you did not understand the problem I mentioned earlier in this thread.
#13 Updated by intrigeri 2016-12-21 08:16:04
> VMWARE is not the subject I explain just under which platform of virtualization I was able to highlight the detection of attacks especially Ddos at the start of Tails. Obviously you did not understand the problem I mentioned earlier in this thread.
Please report that problem as a new, separate problem, since it is off-topic on this ticket.
#14 Updated by intrigeri 2017-05-26 10:45:57
- Status changed from New to Rejected
- Assignee deleted (
TITAN)
Requested info was never provided, and it works for me => closing.