Jan 28, 2019, 9:25 PM by alexandre.belgr...@mailbox.org:
> Le lundi 28 janvier 2019 à 16:47 +0100, > qubes-...@tutanota.com > <mailto:qubes-...@tutanota.com>> a > écrit : > >> What do you yourself use? >> > Hope I can answer too. > > I use an X230 with Intel ME disabled from BIOS. It costs about 160€ on > the second hand market and it has pretty decent hardware. Lenovo claims > that Intel ME can be disabled, but Intel ME is still running and may > accept remote shadow connections given a signed certificate from Intel. > > This is why I am only reading the mailing list and not using Qubes. At > present, I consider Qubes as an interesting development, but not > reaching its goals because dom0 can be penetrated using Intel ME. > > I am quite amused by tails sending an update command on each boot. You > can be sure to light red light in a control center and be penetrated > within seconds if need be. Remember that governments have control of > most outgoing nodes. So neither do I use Tor. > > You just can't simply store valuable documents on a computer when > connected to a network. Companies that care about security should have > a complete process to manage workstations and internal networks, > without access to the Internet. We are back to ancien times. > > Kind regards, > Alexandre Belgrand > Hardware is only one part, right? The question was about the package you use. What OS, network, apps...yu propose? So, what so you use? Realize please, that you stand against SW, the OS (Qubes), arguing about HW. Also you argue about statements Qubes devs and especially Joanna Rutkowska, never claimed. They never claimed that Qubes is IME resistant. Actually the opossite. If they did, post their statement here please. I heard her instead stressing publicky and repeatedly that the IME is a global issue, not only of Intel (see PSP), to be addressed. You are fighting against non-existent claims arguing against Qubes. Even the name of the Qubes-OS - A REASONABLY secure OS. They dont claim Qubes is - An omnipotent 100% solution and IME resistant. Or do they? :) The IME attack is only one of many possible attacks. If you are opened to this kind of attack only, and resistant against many others, present in the traditional OSes, you increased your sec reasonably. Lets put it other way round. Everyone of us is a wrench-decryption non-resistant. If an adversary starts your thumb-wrench party, what finger-wrench decrypts your password and all the secrets? Now knowing this, do you use passwords or you just gave up, because the found that terrible wrench-security-hole in the system? Do you let your phone unencrypted and unlocked, available to anyone, your credit card number CVV and PIN public, cause both ways it can be cracked? Your email password, chat pass, your https cert if you own the domain? Do you keep your house unlocked at all times, cause both ways the lock can be hacked? Do you see the point? And the last question. Last but not least. You stated in one of your conversations here that you want people to stop using Qubes for security. Interesting - why would wish to do that? What is the benefit for you? How do we know you are not just another IS spook tasked with the attack on reasonable secure system, which provides very high security for even semi-tech users? Also if you would like to increase you paranoia, read the Yasha Levine, Surveillance Valley. In that case you can forget everything and ask only one question - can the tech that was designed to enslave us, save us? And if so, how one does that. > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to > qubes-users+unsubscr...@googlegroups.com > <mailto:qubes-users+unsubscr...@googlegroups.com>> . > To post to this group, send email to > qubes-users@googlegroups.com > <mailto:qubes-users@googlegroups.com>> . > To view this discussion on the web visit > > https://groups.google.com/d/msgid/qubes-users/84ef99dc3a6aad1e8e035b5dda640ed306d27792.ca...@mailbox.org > > <https://groups.google.com/d/msgid/qubes-users/84ef99dc3a6aad1e8e035b5dda640ed306d27792.camel%40mailbox.org>> > . > For more options, visit > https://groups.google.com/d/optout > <https://groups.google.com/d/optout>> . > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/LXO7VPB--3-1%40tutanota.com. For more options, visit https://groups.google.com/d/optout.
