Hi, On Sat, Sep 10, 2016 at 04:08:53AM -0700, neilhard...@gmail.com wrote: > Qubes is insecure due to Xen exploits. [...] > Considering that Snowden is literally advertised on the Qubes home page, I > would suggest the answer is "Yes".... The NSA is now very likely spending > money buying up Xen exploits and developing them themselves.
you are mostly right, but you also mostly miss the point ;-)
Of course Qubes is attackable via Xen exploits. Like all the other OSes
are attackable via *other* exploits, which attackers have been
targetting since almost half a century already.
The biggest and most valuable target is still Windows, then MacOS, and
then an attacker also want to own Redhat and Debian, preferedly via holes
in the source codes, to also catch all those other Linux distros.
And, yes, Qubes is attackable via Xen.
(And maybe, one would ignore all those OSes and just attack via Intel ME
or the AMD and ARM equivalents of that..)
So as said, you mostly missed the point. Security ain't binary.
--
cheers,
Holger
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/20160910113113.GA13135%40layer-acht.org.
For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: Digital signature
