On Tuesday, March 6, 2018 at 7:19:05 AM UTC+1, Tim W wrote: > On Tuesday, March 6, 2018 at 12:23:10 AM UTC-5, Yuraeitha wrote: > > On Tuesday, March 6, 2018 at 5:24:50 AM UTC+1, sevas wrote: > > > Thank you both for this enlightening talk, and especially Yuraeitha for > > > such a lengthy researched opinion! > > > > > > We speak of stability. Stability and vulnerability go hand in hand, dont > > > they? > > > > > > I love the kde plasma desktop and I would like to have it. But it looks > > > like a complicated GUI that probably is not as secure as something more > > > simple. But again, the non-root GUI is not going to connect to the > > > internet. > > > > > > My previous feelings were to use one template for internet access and one > > > for background/desktop/personal use. But that may not be needed since > > > applications available in a template are not necessarily used in the > > > appVM. Is that correct or would there be some data leak? > > > > > > XFCE is something I havent used in a long time, but I will surely look > > > into my customization techniques before I make a big move. > > > > About the stability going hand in hand with vulnerability, I view it the > > same way too, though it's not always the case if it isn't possible to > > exploit it, which also isn't always possible too. > > > > Qubes once used KDE btw, you can find the discussion that made the change > > from KDE to XFCE5 here https://github.com/QubesOS/qubes-issues/issues/2119 > > Some of these issues I believe have changed though, what is perceived as > > "ugly" was back then a bit of an unlucky controversial statement due to > > different subjective opinions and it caused a bit of a stir in the KDE > > community. But I believe KDE also corrected some of those issues since > > then? > > > > It's a good idea to keep your critical offline app's and data in an offline > > VM btw, keep doing that. You can also find multiple of official Qubes > > recommendations suggesting this offline AppVM move. For example the Split > > GPG guide in the Qubes doc's recommend this approach in order to keep your > > GPG keys more secure from being hacked. For example if only one application > > makes an outgoing opening in the firewall in the AppVM, then data in that > > AppVM might be opened to risk through exploits and attacks to that > > established connection. I have about 15-17 AppVM's which I use, not > > including the ones I don't use or templates, and I'm probably a light AppVM > > user compared to the more extreme ones. If it seems overwhelming though, > > try start with a set smaller number of VM's, then as you get used to it, > > try expand with a couple of VM's at a time. Think about what it adds to > > security or practical use-cases, and keep reviewing your VM layout :) > > > > I believe there should be no issue switching between XFCE4 and KDE though, > > since the guide to KDE doesn't mention deleting XFCE4, just disabling it > > (at least it didn't at the time I read it). So presumably you should be > > able to switch between them with 2-3 commands in the tty terminal. You > > mihgt want to double-check that though, for example can you keep switching > > between them multiple of times without causing any harm to the system? > > Correct. I have had both on and functioned fine. > > For secuirty I see little difference other than maybe the amount of code. > The more code ,all things being equal, the more possible holes errors surface > area to attack.
The big issue with Fedora that Chris pointed out worries me though, with man in the middle attacks on the updating/install processes. Potentially anyone could then be targeted very easily, or are such attacks more exotic and tricky to perform in a real life setting? I don't suspect they are as easy as to allow script kiddies to do it, but it might not take the most skilled hackers around either? We're not even talking about infecting packages here, but just preventing critical updates from reaching the targeted update system. This seems like a very big deal, and appears to hurt fedora's reliability, trust and security. Maybe I'm blowing this out of proportion from reading this, but it just seems "Bad!" with a big fat capital letter B!. If I was an attacker, this is certianly a method I would find feasible by the sound of it and try look into. Seen from an attackers PoV, why wouldn't an attacker use this method? It seems ideal and effective, which is what scares me about it. If there is a way/method to circumvent and avoid this issue, then it needs to be made an issue that more people are aware about? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/22ce94e5-c53b-438d-9e42-2a6abef2d5c2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
