The Tor Desktop Virtual Privacy Machine is a USB JumpDrive preloaded with a complete Linux OS and a roster of useful applications. Plug it into a Windows or Linux machine and launch a virtual Linux desktop that routes all network traffic through multiple network proxies using the Tor network. This provides a totally secure way to access your data, even when using an internet cafe PC or an untrusted network.
The VPM is a 128 MB Lexar JumpDrive USB key with a system installed on it based on Damn Small Linux/Knoppix and the Qemu processor emulator. It also contains all of the basic applications that a desktop user might need, like web browsing, email, IM, FTP, document viewing and editing, sound and video, and various system utilities. There’s enough room left on the drive to save bookmarks, settings, and small personal files.
I tested the VPM on a relatively cheapo 3 Ghz Pentium 4 with 512 MB Ram running Windows XP SP2: something similar to what you might find in a newer cybercafe. It can be used as a virtual desktop on either Windows or Linux, but I only tested it on Windows. I plugged it into my Mac with the idea that I might run it in VirtualPC just for kicks, but while I was waiting for VPC to launch, I decided that it was insane. (There’s a PPC-emulating version of Qemu in the works which could theoretically be used to run a slimmed down version of PPC Linux, but that would be a pretty big project)
To get started, just plug the USB drive into an available USB port (I used the one in my keyboard) and wait for the drive to mount. When it does, there are three files available: a very short readme, a DOS batch file to launch the Windows version and a shell script to launch the Linux version. There’s no installation of anything and no rebooting of the machine necessary. On my machine, it took one minute and twenty seconds for the system to boot up.
The system booted to an aesthetically pleasing Fluxbox-based desktop with a dark, Mordor-esque background picture and five big buttons across the top for Shell, Email (Sylpheed), Web (Firefox), IRC (X-Chat), and Messaging (Ayttm). All other functions are accessed through a right click. Forget all of the typical complaints about Linux on the desktop, with its too many options for everything. Space constraints have made this desktop very trim and quite intuitive, even elegant.
There is one linux-on-the-desktop complaint frequently trotted out by forum trolls that certainly applies to this experience: speed. With a combination of system performance affected by Qemu’s performance overhead and the network performance hit due to routing all traffic through TOR proxies, overall performance is a bit sluggish. It takes eighteen seconds from clicking on the Firefox icon to get Firefox loaded and the default Google homepage loaded up. It takes about five seconds to receive the results of a query on Google. It took about fifteen seconds for OSNews to load up completely. On the other hand, less network-intensive tasks like IM don’t really show off the slowdown. In a lot of ways, it felt like using an older, slower computer on a dial-up network connection. The bottom line is, if you want the privacy and security, there’s a price to pay, and that price is sluggish performance. I was happy to see that the performance hit wasn’t as severe as it has been on anonymous proxy servers that I’ve used in the past, though.
One thing that’s fun about the VPM is that you can see which country your proxy server is in by using the default Google page in Firefox. Google variously pegged me as being in Sweden, Canada, Greece, Germany, and the US (or unknown). I’ll start to worry when Google starts giving me results in Bork, Bork, Bork, Elmer Fudd, or Pig Latin.
In addition to the aforementioned speed issue, which was completely expected and not nearly as bad as it could be, I ran across a couple of problems, especially when I put my newbie hat on and approached the VPM as a regular, non-Linux-savvy computer user.
It wasn’t completely intuitive that “Xvesa” is the utility to change the screen resolution from the default 800×600 to a more sane 1024×768 or 1280×1024, but once I did it, the resolution change was painless. There are a couple of other Linuxy issues that a Windows user would find a little baffling. Setting up printing is not for the faint of heart, for example, and several other of the items in the control panel would be a bit cryptic. For most of them, if you don’t know what they do, you can just leave them alone (like Ndiswrapper or lwconfig), but when you’re searching for a way to change resolution or change other aspects of the default setup, it may take a bit of poking around if you’re not familiar with Linux.
As I mentioned before, that cute guess-my-location-and-language game that Google plays with you is fun at first, but it’s also an issue could become annoying when you’re trying to get real work done. You can set your cookie for Google, of course, but you should be prepared to occasionally see large portal sites displaying in languages you don’t understand. That’s just one of the quirks that you have to deal with if you want effective anonymity.
Several times during my browsing I came across an error page stating: “Privoxy error” where the proxy servers weren’t able to connect to the sites I was requesting, and I had to reload a couple of times before they came up. Again, one of the prices of anonymity.
The final quirk I discovered was the most annoying. Apparently, the system will not store the resolution change, so when I quit and re-launch VPM, it re-sets back to 800×600. I’m sure someone with more expertise than I could easily change the default to whatever they wanted, so this would cease to be an issue. Perhaps a tutorial on the web site is in order? Also, I noticed that various times during my messing around the system would fail to save the settings that I had changed, like Firefox bookmarks and settings, and once even an mp3 file that I had downloaded disappeared. This is due to the fact that when you shut down it saves your changes from RAM to the USB drive. (You can’t be saving stuff constantly to these flash drives because they only have a finite number of saves in them). Always make sure you shut down properly, or you’ll lose data. That’s always a possibility with any system, but with this one, it’s a certainty.
The Tor Desktop VPM costs $45 with free worldwide shipping. A blank 128 MB USB pen drive costs as little as $15 today, so you’re paying about $30 for the convenience of having all of this software installed and configured for you. Since I don’t know of very many people who need this kind of security whose time isn’t relatively valuable, I’m going to rate this product a bargain. If you’re interested in this mostly as a hobbyist exercise, then you’d certainly have fun making one on your own and customizing it to your heart’s content, but if you have a pressing need for this kind of security, then the Virtual Privacy Machine is a great option.
In conclusion, the Tor Desktop Virtual Privacy Machine is a well-executed assemblage of various Free Software tools and a useful service, priced fairly, and delivered in a small, convenient package. It’s suitable for use by anyone who uses public or insecure resources to access the internet and those who just want to keep their online activities private, such as cybercafe users, people whose bosses are likely to snoop on them at work, political activists (or just regular thinking people in repressive countries), people cheating on their spouses online, spies, crackers, OSNews trolls, and other mischief makers. Even minimally computer savvy people should have little problem using it, even though there are a couple of Linux and proxy-related quirks that might be a minor annoyance. It’s an excellent example of a quality purpose-specific device that can be made from freely-available software.
There was a similar thing called Metropipe that came out a good number of months ago. They had a free download of their linux distro a while back (based off of DSL), and was still useable around a month, month and a half ago. I put it on my Linux install with an updated version of QEMU and the KQEMU accelerator – much better with KQEMU Important thing was to edit the .bat launcher to use more ram.
The article writer mentioned ‘totally secure.’ How exactly do you achieve this? Suppose I’m running off a wireless network, unsecured, at my local internet cafe, and I’m jonesin’ to check my e-mail, man, *THROBBING* to check my e-mail. But my e-mail doesn’t do https://.
Won’t the plain-jane transmission have to be sent through my wifi AP, or will it be encrypted before it even hits the airwaves?
How does this stop key stroke loggers, screen grabbers, etc. from working? It isn’t booting into Linux, it’s just running a virtual machine on the (potentially spyware infested) untrusted machine.
You must always assume that any public workstation (especially internet cafes and libraries) has keystoke logging software installed. This isn’t a good idea for secure connections in anyway. (Also the data goes throught tor proxies. Do you trust them too?)