On Wednesday, 24 January 2018 04:30:08 UTC, Syd Brisby wrote: > some considerations: > > * Raspberry Pi, beagleboard, USB armory, etc are very low-powered devices (in > both CPU & RAM). So running Qubes software on them at a productive speed will > be a challenge.
Perfectly fine as a USB decryptionVM or as a Split PGP with the benefit of not have your keys in CPU cache. > > * You're saying that laptop hardware specs are a problem for users. But > remember we had the problem of wireless modules still broadcasting after > being turned "off". So we needed laptops with wireless hardware switches to > be more certain that we couldn't be hacked. But now you are asking us to > again trust ordinary laptops and tablets that may not have hardware switches. > > * In reality, you are also changing from "deployment and virtualization" as a > single point of failure to "wireless" as the single point of failure. For > example, WPA2 has been declared insecure (hackable), with WPA3 being > necessary as a replacement. But, amazingly, WPA2 is still being "patched" by > manufacturers who think it's still acceptable - so how long will it take for > WPA3 to become ubiquitous? On the Raspberry side, wireless is a no go. Secure wired connection will be required (to mitigate L2 and below attacks). On the laptop side, sys-net will mitigate L2 and lower attacks. so your GUI connect to your QubesAIR by connecting to sys-firewall... nothing is changing (with the assumption that the protocol for remoting between Qubes is secure). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e467b8dd-f3c6-4633-b6c6-5bcc33bae388%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.