On Sat, Sep 10, 2016 at 03:23:54PM -0400, Chris Laprise wrote: > That also misses the point.
yes, somewhat - thanks for making "the point" clearer! :-)
> Xen is far smaller and simpler than the kernels that protect Windows and
> Linux, and it has fewer vulnerabilities as a result. Its also worth noting
> that a large number of Xen vulns are either not serious or don't affect
> Qubes... they affect Xen installations configured for maximum features and
> convenience.
>
> I think the problem Qubes has with the Xen project is that the latter merely
> has a security "focus" (among others) instead of making security their
> number-one priority (as Qubes does). It also doesn't help that they publish
> additional bug-prone code which -- although secure installations like Qubes
> won't trust it -- nevertheless gets reported as simply "Xen vulnerabilities"
> when said bugs are discovered.
I agree, thanks for spelling it out!
--
cheers,
Holger
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/20160910224211.GA11208%40layer-acht.org.
For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: Digital signature
