On 2/26/20 2:24 PM, brendan.h...@gmail.com wrote:
On Wednesday, February 26, 2020 at 12:18:48 PM UTC, ggg...@gmail.com wrote:
Boxes being the Sandboxing software available in Linux. It is my
hunch, that the VM's are taking advantage of some hardware feature
that insulates them that might be a security hole for Boxes. I dunno?
Background: Boxes is simply a nice front end for KVM and QEMU, which is
what most Linux virtualization solutions utilize.
Reasons that Qubes project initially chose Xen over KVM+QEMU (probably
better explained on the Qubes website):
1. The hypervisor code baseis substantially smaller in the Xen case.
Smaller generally means less security issues.
2. Xen came with better suited vt-d/IOMMU support at the time.
3. When parts of qemu are needed for certain virtualization scenarios,
Xen supports sandboxing qemu into stub domains.
4. QEMU has been historically problematic when it comes to security
issues, at least relative to Xen or even Xen w/ qemu in a stub domain.
Don't forget all the Qubes bits that make VMs work in concert: qrexec,
vchan, etc. These form a specially hardened VM management system. The
reason why Qubes Whonix exists, for example, is that other hypervisor
OSes don't have this level of security.
Links on the subject:
https://www.qubes-os.org/faq/#how-does-qubes-os-compare-to-running-vms-in-a-conventional-os
https://www.qubes-os.org/doc/security-critical-code/
Also, as I have not gotten a computer to run Qubes OS, I notice that
the App VM seem to be loading a full featured version of a Linux
OS. I am guessing that in reality you guys are using a smallish
Limited version of a Linux Distro.
Generally standard fedora and standard debian come as VM templates under
Qubes, yes. With caveats, Qubes also provides slimmer versions of the
template distros as well as optional downloads.
I was expecting to see some advice about how to uninstall the module
that runs the camera, and the microphone. I know I rarely use
them, so it would seem like a good idea. OR I guess, it is left to
the individual with the individual distro.
Assuming your camera is USB based (generally the case, even for internal
camera devices).
Generally, the default installation:
1. Hides all USB devices from dom0, making them unusable.
2. Puts all USB devices into device sandbox called sys-usb (this part is
optional, but useful if you want USB devices to work).
Generally, you can use command line or the devices widget to assign the
devices, including the microphone, to a VM if you choose (some
limitations on usbip support being broken for certain device types).
I was looking for a list of; If you want to be secure, "Never do
this." Another check list, like a pilot uses before taking off,
that is what the proper procedure is for some of the types of things
one might routinely do with Qubes OS.
This would vary by threat model. Without a threat model, a general
checklist would be impossible to provide.
Yes. Although the security faq linked above and additional security
guides exist here:
https://www.qubes-os.org/doc/#security-guides
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/8aaa21c2-df30-8e1b-216e-486c15fec229%40posteo.net.
