Re: [qubes-users] Security advantages of static DVMs for sys-VMs?

[fiftyfourthparallel]

On Thursday, 16 July 2020 20:48:52 UTC+8, unman wrote:
>
> 54th - static disposableVMS are neither unstable nor hard to use. They 
> are as stable as a normal sys-VM and transparent in use. 
>

Unman, you're right. I was being overly cautious and, to be frank, scared 
of making my OS more complicated, but it's worth it.

Peter Funk wrote:

> Throwing everything away will also delete any evidence that
> something bad might have happened to this part of your digital
> life and will make later analysis of the events harder.


Logs aren't really a concern for me, but it's still something that I should 
look at for DispVMs. Thanks 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/712c3816-31a9-4437-9c61-cd93f9284ebco%40googlegroups.com.

Re: [qubes-users] Security advantages of static DVMs for sys-VMs?

[unman]

On Thu, Jul 16, 2020 at 12:26:04PM +0200, Peter Funk wrote:
> fiftyfourthparal...@gmail.com asked:
> > I read about running sys-vms as static disposable VMs on the Qubes 
> > documentation site 
> > ,
> >  
> > then on the Whonix guide to Qubes security 
> > . I have my reservations 
> > about this (but then I'm no expert) and it feels like the outcome will be 
> > unstable and hard to use. However, since this is on both the Qubes and 
> > Whonix sites, this is probably worth looking at. 
> > 
> > What do you think about using static DVMs as sys-VMs?
> 
> I'm no real expert either.  But from my knowledge so far:
> 
> The basic idea of disposable VMs is, that any bad change to
> this virtual machine is disposed (thrown away) after a restart
> by returning to an "known good state" automatically.
> 
> However: If it was possible in the first place that something
> bad happened to this "known good state" then starting over
> will not remove this possibility for future events.
> 
> Throwing everything away will also delete any evidence that
> something bad might have happened to this part of your digital
> life and will make later analysis of the events harder.
> 
> I think those disposable VMs are great if you want to enter
> new unexplored territory and want to keep the risk of your
> experiments under better control.
> 
> However if for example you use an external USB keyboard (as
> most of us must today as the old PS/2 connector is dead) and
> you have this device connected to your Qubes OS laptop using
> the ordinary USB socket then I see not much gain by bothering
> about making sys-usb a static DisposableVM.
> 
> Please correct me if I'm wrong.
> 

54th - static disposableVMS are neither unstable nor hard to use. They
are as stable as a normal sys-VM and transparent in use.

Peter - I think you are missing this point - when you set up (e.g) a
disposable sys-usb you need not start the template before creating the
disposableVM. That means that there is (almost) no prospect of the
"known good state" being compromised.
In the USB case, if someone were to access your computer with a BadUSB,
then they may be able to dump a payload which could then compromise any
other USB devices, or possibly other qubes. Using a disposable sys-usb
reduces this risk.
I routinely cycle my usb qubes after removal of any device.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20200716124849.GB22089%40thirdeyesecurity.org.

Re: [qubes-users] Security advantages of static DVMs for sys-VMs?

[Peter Funk]

fiftyfourthparal...@gmail.com asked:
> I read about running sys-vms as static disposable VMs on the Qubes 
> documentation site 
> ,
>  
> then on the Whonix guide to Qubes security 
> . I have my reservations 
> about this (but then I'm no expert) and it feels like the outcome will be 
> unstable and hard to use. However, since this is on both the Qubes and 
> Whonix sites, this is probably worth looking at. 
> 
> What do you think about using static DVMs as sys-VMs?

I'm no real expert either.  But from my knowledge so far:

The basic idea of disposable VMs is, that any bad change to
this virtual machine is disposed (thrown away) after a restart
by returning to an "known good state" automatically.

However: If it was possible in the first place that something
bad happened to this "known good state" then starting over
will not remove this possibility for future events.

Throwing everything away will also delete any evidence that
something bad might have happened to this part of your digital
life and will make later analysis of the events harder.

I think those disposable VMs are great if you want to enter
new unexplored territory and want to keep the risk of your
experiments under better control.

However if for example you use an external USB keyboard (as
most of us must today as the old PS/2 connector is dead) and
you have this device connected to your Qubes OS laptop using
the ordinary USB socket then I see not much gain by bothering
about making sys-usb a static DisposableVM.

Please correct me if I'm wrong.

Best regards, Peter.
-- 
Peter Funk ✉:Oldenburger Str.86, 2 Ganderkesee, Germany; :+49-179-640-8878 
✉office: ArtCom GmbH, Haferwende 2, D-28357 Bremen, Germany
☎office:+49-421-20419-0 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20200716102604.GD15925%40pfmaster-P170EM.


signature.asc
Description: Digital signature

[qubes-users] Security advantages of static DVMs for sys-VMs?

[fiftyfourthparallel]

Hi there,

I read about running sys-vms as static disposable VMs on the Qubes 
documentation site 
,
 
then on the Whonix guide to Qubes security 
. I have my reservations 
about this (but then I'm no expert) and it feels like the outcome will be 
unstable and hard to use. However, since this is on both the Qubes and 
Whonix sites, this is probably worth looking at. 

What do you think about using static DVMs as sys-VMs?


-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/206940d9-3dca-4621-9e25-78505730f662o%40googlegroups.com.