On Saturday, July 15, 2017 at 10:11:47 PM UTC-7, yreb-qusw wrote: > On 07/14/2017 05:40 PM, pixel fairy wrote: > > any network available OOB > > sorry what would be an example of this ? "out of band" ?
yes. ipmi, idrac etc. these usually have a vnc interface to the "console" you'd normally have from the attached keyboard, mouse, and monitor. so this exploit would work on those. usually these interfaces exist on bussiness class hardware, like vpro on some laptops. you may be able to disable it in bios. this is not the intel M.E. (management engine), though its functionally related. > > I'm not clear what SED is , :) self encrypting drive https://en.wikipedia.org/wiki/Hardware-based_full_disk_encryption > I don't really see any docs on ?initializing AEM , I do see that it > says to : > > --- > In Dom0 install anti-evil-maid: > > sudo qubes-dom0-update anti-evil-maid > --- > > I personally have no USB-VM , would my Bios need to be configured > some particular way, beyond what it already is with 3.2 booting and stable yes, you would need the iommu enabled. for intel, this is called vt-d > I have about zero concern on malware from USB drives, maybe I > shouldn't , but seems far -fetched in my case. So, maybe I don't need sometimes its the firmware, sometimes its the devices themselves. for example, you wouldn't want a web cam, gps, or microscope available to just any appvm. for block devices qubes already filters usb to use those those safely, but i suspect sys-usb is safer than dom0 doing it. dont know exactly how that works. then theres the malicious hub devices like rubber ducky, bash bunny etc. dont know the likelyhood of you running into that. > AEM depending on what "network OOB" would mean ..... sys-usb is easy enough that anyone with an iommu should use it, unless you only have like 4 gigs of ram. AEM is more work, and has its trade offs. > regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a8bcdb8d-9b79-4609-b6fc-64d11db7b704%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
