On 01/08/2019 03:07 PM, Chris Laprise wrote:
On 01/08/2019 07:25 AM, simon.new...@gmail.com wrote:
As per subject, does anyone use things such as AIDE (or other file
integrity IDS) ?
I understand the security model is "if dom0 is compromised, you are
fscked" but it would be at least nice to have something that gave me a
heads up if such an event happens.
I think Marek mentioned that HEADS has a root fs verification scheme. I
was going to try HEADS but the dependence on Google services made me
back off.
Of course, I should mention anti evil maid: AEM essentially protects the
/boot partition (and your firmware!). That is nothing to sneeze at and
gives you a decent basis for investigating the dom0 root volume if
something does crop up.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/1cbbe43e-ce84-5a63-b40a-136e36d95b8c%40posteo.net.
For more options, visit https://groups.google.com/d/optout.