On Sat, Sep 10, 2016 at 03:23:54PM -0400, Chris Laprise wrote: > That also misses the point.
yes, somewhat - thanks for making "the point" clearer! :-) > Xen is far smaller and simpler than the kernels that protect Windows and > Linux, and it has fewer vulnerabilities as a result. Its also worth noting > that a large number of Xen vulns are either not serious or don't affect > Qubes... they affect Xen installations configured for maximum features and > convenience. > > I think the problem Qubes has with the Xen project is that the latter merely > has a security "focus" (among others) instead of making security their > number-one priority (as Qubes does). It also doesn't help that they publish > additional bug-prone code which -- although secure installations like Qubes > won't trust it -- nevertheless gets reported as simply "Xen vulnerabilities" > when said bugs are discovered. I agree, thanks for spelling it out! -- cheers, Holger -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160910224211.GA11208%40layer-acht.org. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: Digital signature