Linked by fvillanustre on Sun 1st May 2011 21:51 UTC
Linux "Qubes OS comes from an elegant concept: if you can isolate functional components within disposable containers, and you can separate those components that can be tainted through their interaction with the outside world from the core subsystems, you stand a good chance to preserve the integrity and security of the base Operating System at the possible expense of needing to jump through some hoops to move data around the system. All in all it sounds like a good proposition if it can be demonstrated to be practical." Read the full review.
Permalink for comment 471537
To read all comments associated with this story, please click here.
Not a review ?
by Neolander on Mon 2nd May 2011 08:02 UTC
Neolander
Member since:
2010-03-08

I fail to see how this qualifies as a review. Unless I miss something, no one's using the OS there, it's just a discussion of its theoretical merites.

Also, I have to read about it more carefully, but last time I've heard, "bluepill" was a windows-specific privilege escalation attack, which simply made clever use of intel VT to hide itself better. I fail to see how Qubes prevents this better than a vanilla Linux kernel, which already puts separate processes in separate adress spaces.

Can someone help me understand ?

(And am I the only one who thinks that this TXT thing is scary when you start to consider how an evil monopoly could use it ? This would probably be the end of all jailbreaking, making a locked-down device remain locked down forever)

Reply Score: 1