On 8/13/20 10:32 PM, 54th Parallel wrote:
> Since the lions' share of Qubes installs are Intel based, I think a
> side-channel attack would be the most likely way to breach a Qubes
> system.
I thought Spectre and Meltdown have been dealt with by shutting off
hyperthreading and updating microcode? Also, the latest CPUs have
Spectre mitigation built-in, though this only deals with the earlier
variants of the attacks if I remember correctly.
I'm not going to get into details now, but the short story is Intel
haven't addressed all the sidechannel vulnerabilities, and the long and
varied trend of Intel vulns points to a fundamentally flawed
implementation... too many cheap shortcuts were taken.
Even worse is that Intel are now retiring their patch process for some
CPUs that are still popular with Qubes users, for example Ivy Bridge (I
expect Haswell to not be far behind if it hasn't already been ghosted).
To do this with a CPU that is 7 years old (when they announced it) is
very disappointing.
IIRC for a relatively recent generation (I think it was Skylake!) they
said the expected mitigation was for You + Me to replace their junk with
newer hardware. No refund, no exchange program... just "We're the Big
Gorilla and you give us more of your money now".
FTS!
> DDR4 memory offers a big attack surface as well
Does this refer to the RowHammer (HammerRow?) attack?
Yes, rowhammer and its offshoots. Unfortunately, the changes in DDR4
that were supposed to increase resistance were eventually discovered to
be cheap shortcuts themselves and have actually made the situation worse.
> OTOH, a state actor wishing to attack a Qubes system might have better
luck with the RPM MITM against Fedora that we discussed in another thread.
Pretty much my biggest concern right now, though I'm procrastinating on
writing the damn script
Relevant to the thread:
https://arstechnica.com/information-technology/2020/08/nsa-and-fbi-warn-that-new-linux-malware-threatens-national-security/
P.S. I'm not liking this new Google Groups look
On Friday, 14 August 2020 at 00:06:42 UTC+8 Chris Laprise wrote:
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/2006256d-543b-8e24-d3e4-3502d8ca1ce6%40posteo.net.
