A thought on security through obfuscation.

Right now in terminal is you type: "uname -r" we get the kernel version, which 
has "qubes" in the name.

Straight away the attacker, knows he's dealing with a qubes VM. Could we not 
name the kernels to match their original OS?

And following that same concept, disguise any other tell tale signs this is a 
VM on Qubes. QubesIncoming, could just be called received.  Use non qubes 
unique process or packet names. This would also include renaming Xen stuff. 
Hiding any obvious qubes unique directories deeper into the file system.

Of course if an attacker specifically tries to tell if they are in a VM its 
impossible to 100% hide it, but if an attacker does a quick check and thinks 
they're on a standard debian desktop, memory attacks & dom0 are never a target.

Just an idea.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c3fc9950-076e-4bfa-a2fe-43dbb3ce2f57%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to