Are there any security benefits of setting up standalonevm instead of appvm?
For instance, having 5 standalonevms based on minimal template with one program installed in each instead of having 5 appvms for one program in each based on a default template with all programs installed (for example, fedora-30) I am mainly worried about 3 thing: 1. Thunderbird and other communication tools sometimes can be compromised and malicious code can affect all programs installed. I am scared that even if I don't use a program in an appvm, it can indirectly reduce my security. 2. If an attacker will successfully replace packages while updating the template, they will have full access to all my appvms. I know that Tor somewhat protects from it, but it can still happen. 3. Proprietary software may monitor activities of other programs even if I don't use it. Similar to what snap does (runs in the background and updates software without any interraction with the user) some proprietary programs may do the same even if I don't use them. I would be happy to hear your opinions on this topic. Maybe you want to point out where I am incorrect or have some advantages and disadvatages that should be considred, except of usability. Thank you in advance. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/16f86353a37.ee74a56c247405.5496737173292994771%40privacy.com.co.
