Linked by fvillanustre on Sun 1st May 2011 21:51 UTC
Linux "Qubes OS comes from an elegant concept: if you can isolate functional components within disposable containers, and you can separate those components that can be tainted through their interaction with the outside world from the core subsystems, you stand a good chance to preserve the integrity and security of the base Operating System at the possible expense of needing to jump through some hoops to move data around the system. All in all it sounds like a good proposition if it can be demonstrated to be practical." Read the full review.
Thread beginning with comment 471537
To read all comments associated with this story, please click here.
Not a review ?
by Neolander on Mon 2nd May 2011 08:02 UTC
Neolander
Member since:
2010-03-08

I fail to see how this qualifies as a review. Unless I miss something, no one's using the OS there, it's just a discussion of its theoretical merites.

Also, I have to read about it more carefully, but last time I've heard, "bluepill" was a windows-specific privilege escalation attack, which simply made clever use of intel VT to hide itself better. I fail to see how Qubes prevents this better than a vanilla Linux kernel, which already puts separate processes in separate adress spaces.

Can someone help me understand ?

(And am I the only one who thinks that this TXT thing is scary when you start to consider how an evil monopoly could use it ? This would probably be the end of all jailbreaking, making a locked-down device remain locked down forever)

Reply Score: 1

RE: Not a review ?
by Not2Sure on Mon 2nd May 2011 09:38 in reply to "Not a review ?"
Not2Sure Member since:
2009-12-07

Uhh.. it would not in theory be possible to install a "bluepill" from within a virtualized instance after a hardware-verified boot process. Do you even read the linked article?

Reply Parent Score: 1

RE[2]: Not a review ?
by Neolander on Mon 2nd May 2011 10:46 in reply to "RE: Not a review ?"
Neolander Member since:
2010-03-08

I agree that hardware code verification would be a powerful defense against rootkits. Until they manage to corrupt the code which the hardware uses for its verification, that is. However, this hardware feature is not mainstream yet, and will remain so for a very long time. Qubes' security is based on something else.

Developers of Qubes state that their security is based on untrusted component isolation through virtual machines. However, the "virtual machine" words are so overused nowadays that they have lost their meaning a lot of time ago. What is being virtualized ? What kind of isolation does this new layer provides ?

Mainstream OS kernels already provide a form of virtualization : software doesn't access the hardware directly, doesn't share a common address space... So what's new here ? In what way is their additional virtualization layer more secure than what the Linux kernel already provides ?

Edited 2011-05-02 10:55 UTC

Reply Parent Score: 1