On Wednesday, 24 January 2018 04:30:08 UTC, Syd Brisby  wrote:
> some considerations:
> 
> * Raspberry Pi, beagleboard, USB armory, etc are very low-powered devices (in 
> both CPU & RAM). So running Qubes software on them at a productive speed will 
> be a challenge.

Perfectly fine as a USB decryptionVM or as a Split PGP with the benefit of not 
have your keys in CPU cache.

> 
> * You're saying that laptop hardware specs are a problem for users. But 
> remember we had the problem of wireless modules still broadcasting after 
> being turned "off". So we needed laptops with wireless hardware switches to 
> be more certain that we couldn't be hacked. But now you are asking us to 
> again trust ordinary laptops and tablets that may not have hardware switches. 
> 
> * In reality, you are also changing from "deployment and virtualization" as a 
> single point of failure to "wireless" as the single point of failure. For 
> example, WPA2 has been declared insecure (hackable), with WPA3 being 
> necessary as a replacement. But, amazingly, WPA2 is still being "patched" by 
> manufacturers who think it's still acceptable - so how long will it take for 
> WPA3 to become ubiquitous?

On the Raspberry side, wireless is a no go. Secure wired connection will be 
required (to mitigate L2 and below attacks).

On the laptop side, sys-net will mitigate L2 and lower attacks. so your GUI 
connect to your QubesAIR by connecting to sys-firewall... nothing is changing 
(with the assumption that the protocol for remoting between Qubes is secure).

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e467b8dd-f3c6-4633-b6c6-5bcc33bae388%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to