aforensics
commented
3 years ago It's a definite goal we want to achieve (for both performance reasons and, after we research to confirm it's the case overall, privacy). The question is how long it will take to get there. We're still very new and, at the moment, a small team. It will take some programming gymnastics to get KVM working in Tails but we hope we can get there. We need to complete our move to Python first, which we aim to happen this year: https://www.reddit.com/r/HiddenVM/comments/kra5o5/hvm2_release_delayed/
We will have to make the KVM experience manageable in our GUI for beginners so that it's no harder to use than VirtualBox. A wizard to set up a new VM from an ISO (or to launch GNOME Boxes to do it), and make sure it's easy to click around to change any existing VM's settings. It's a huge amount of work because of how we have to also hack Tails to make everything possible (while not compromising security in any unacceptable way), but it could potentially be done.
For now, you can try to use your VMs while offline or lock down the possibility of any software in Tails from spying on your VMs using firewall rules or a firewall program at the Tails Linux level. Put it in your Extras script to automate it. E.g. configure firewall to only allow processes like VirtualboxVM to connect to the Internet.
Thank you for your patience.
Like one of the previous issue opened. I want to thank you for this amazing tool.
VirtualBox is still vulnerable to Spectre and Meltdown which makes using it extremely dangerous for privacy activists, whistleblowers and people in countries where the internet is censored. Especially for people like me in China. It is well documented that the Chinese Communist Party will go to great lengths to control information and jail whistleblowers every chance they get. Maybe you can switch to KVM instead of VirtualBox and like the other contributor said, make another beta repository for KVM HiddenVM in the meantime while you're testing it. KVM provides better hardware performance than VirtualBox. I'm adding a link from Whonix's official website suggesting this change.
https://www.whonix.org/wiki/KVM#Why_Use_KVM_Over_VirtualBox.3F
That being said, I really appreciate the hard work you have put into this tool. You have given the oppressed like me a great piece of software to protect us.
Thanking you.