Qubes OS Security in the Public Record

(arxiv.org)

33 points | by sciences44 4 hours ago

2 comments

  • Topfi 1 hour ago
    Blast from the past for me, though primarily interacted with the complementary Whonix side of things. Not surprising to read, considering how lean Qubes was from the get-go designed to be it makes sense that most things are from resulting upstream rather than with their code.

    Fully aware that it was never the goal for Qubes, but I have never been able to shake the idea that one could leverage their architecture in ways beyond security hardening, especially that screenshot with MSFT Office running in its own guest got my mind spinning back then. Might be worth revisiting some old ideas I'm just recalling, especially with there having been over a decade in development across many projects focused on hypervisors by many smart people, making a few old experiments likely less impossible.

  • adg001 1 hour ago
    Author of the paper here; AMA.
    • adg001 41 minutes ago
    • Joel_Mckay 10 minutes ago
      I would recommend having a look at advanced side-channel PCIe bus DMA taps used by game cheats. They use a second computer along with an external HDMI mask-overlay mixer, to dump the target computers internal game-engine state through unencrypted DMA access to the overlay channel. Thus, gives the cheaters x-ray vision and aim-bot features for games protected by kernel level anti-cheat software.

      Highly entertaining nuisance users. =3