On 07/11/2016 10:14 AM, neilhard...@gmail.com wrote:
Is it possible that someone who compromised QUBES, could re-write the AppVM in a way that whenever it is loaded up, it re-infects the entire system all over again...?
Excellent question. Let me just say that the restore would include other files that are used directly by dom0... a potential problem. If you wanted to truly protect dom0 in such a case, you could try manually extracting the appvm's private.img from the backup. Then you could create a new empty appvm, and move the restored img into that.
In that case, the only safe thing would be to manually back up the files within the AppVM with some sort of Fedora backup tool.
If you really think dom0 had been compromised, that could be safer.
Or is that not an issue... and it's safe to just back up the entire AppVM using the QUBES tool...?
Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d24d1a8d-ebc7-aea1-10f1-a53ac182661a%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
