Mark Newman wrote on 4/5/19 8:00 PM:
I understand how Xen works to compartmentalize one VM from another. What I don't understand is how or if it can help protect from things like rootkits, key loggers and especial the Intel Management Engine backdoor. (See: https://www.eff.org/deeplinks/2017/05/intels-management-engine-security-hazard-and-users-need-way-disable-it) I am not a security professional, and am hoping someone can explain so I can understand.
Qubes helps protect from these threats by making it more difficult to exploit them. Unauthorized code needs to install that rootkit or key logger on a machine somehow. See https://www.qubes-os.org/intro/ for an overview. If an Intel ME exploit needs to run some software on the local machine, Qubes will make it harder for it to communicate with what it needs.
However, compromise that takes place solely at the hardware level is not something Qubes can protect from nor claims to. Qubes can't protect from a network attack directly against Intel ME, for example. Some users therefore use a non-onboard NIC and are also interested in Coreboot, ME Cleaner, and/or an older AMD laptop that does not have a management engine.
-- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/af367eea-7a7c-9fd8-d157-f8c692b465e6%40danwin1210.me. For more options, visit https://groups.google.com/d/optout.
