Many people believe cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Holy Grail of secure isolation is to use two or more physically separate machines. This belief seems so natural, that we often don't give it much thought. After all, what better isolation could we possible get than physical "airgap"?
I argue with this point of view in this new paper.
I think a good place for in-depth technical discussions around cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 topics discussed in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 paper would be our qubes-devel mailing list.
Tuesday, August 26, 2014
Wednesday, August 06, 2014
Qubes OS R2 rc2, Debian template, SSLed Wiki, BadUSB, and more...
Today we're release cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second release candidate (rc2) for Qubes OS R2. There are currently no more open tickets for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 final R2 release, and we hope that what we release today is stable enough and so will be identical, or nearly identical, to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 final R2 ISO, which we plan to release after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 summer holidays. Download and installation instructions are here.
After Qubes rc1 release a few months ago we have been hit by a number of problems related to unreliable VM start-ups. The most prevalent problem has been traced down to an upstream bug in systemd, which just happened to be manifesting on Qubes OS due to specific conditions imposed by our startup scripts.
Actually, it has not been cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first time when some things related to VM bootup or initialization didn't work quite well on Qubes, a side effect of heavy optimizations and stripping down we do in order to make cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 VMs as light weight as possible. E.g. we don't start most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Desktop Environment which ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rwise is assumed to be running by various desktop-related applications and services. In most cases cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se are really NOTOURBUG kind of problems, yet we just happen to be unlucky cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y manifest on Qubes. We do need more help from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 community with testing, debugging and patching such NOTOURBUG problems in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 upstream. The more people use Qubes OS, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 higher cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 chances such problems will be addressed much quicker. Ideally, in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 future, we could partner with a Linux distro that would include Qubes AppVM as one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 test cases.
Speaking of different Linux distros -- we have also recently built and released an experimental (“beta”) Debian template for Qubes AppVMs, a popular request expressed by our users for quite some time. It can be readily installed with just one command, as described in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 wiki. It is supposed to behave as a first class Qubes AppVM with all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Qubes signature VM integration features, such as seamless GUI virtualization, secure clipboard, secure file copy, and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r integration, all working out of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 box. Special thanks to our community contributors for providing most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 patches required for porting of our agents and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r scripts to Debian. This template is currently provided via our templates-community repo, but it nevercá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365less has been built and signed by ITL, and is also configured to fetch updates (for Qubes tools) from our server, but we look forward for somebody from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 community to take over from us cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 maintenance (building, testing) of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 updates for this template.
Also in our "Templates Appstore" you can find now an experimental “minimal” fedora-based template, which might be used by more advanced users to build customized special-purpose VMs and templates.
We have also moved our Wiki server to a bigger EC2 instance so it could better handle cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 increased traffic and also added a real CA-signed SSL certificate! But I encourage people to read why this is mostly irrelevant from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security standpoint and why cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y should still be checking signatures on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ISOs.
We also got a new logo (actually we never really had our own logo before). This also means Qubes now got its own distinct set of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mes for installer, plymouth and, of course, a bunch of cool wallpapers with Qubes logo nicely engraved on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m. However, it turned out that convincing KDE to set our wallpaper as a default one exceeds cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 collective mental abilities of ITL, and so one needs to right-click on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 desktop and choose one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Qubes-branded wallpapers manually after install or upgrade.
Every once in a while people (re-)discover that monolithic kernel-based desktop operating systems are not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best solution whenever cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 user even remotely cares about security...
Yes, USB inherent insecurity, as well as widespread GUI insecurity, or networking stack insecurity, trivial physical insecurities, or sick permissions model as used in most desktop systems, have all been known facts for years. The recognition of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems has been cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 primary motivator for us to start cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 work on Qubes OS back in 2009/2010.
And yes, Qubes running on an appropriate hardware (specifically with Intel VT-d) can solve most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems. Correction: Qubes OS can allow cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 user or administrator to solve cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems, as unfortunately this still requires some configuration decisions made by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 human operator. So today Qubes R2 is like a sports manual transmission, which requires a bit of skill to get most out of it. In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 near future I see no reason why we should not be offering cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "automatic 8-speed transmission" edition of Qubes OS. We just need more time to get cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re. The R3 release (Odyssey-based), whose early code is planned to be released just after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "final" R2, so sometime in September, is all about bringing us closer to that "automatic transmission" version.
With my 10+ years of experience as a system-level security researcher, I believe cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is no ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r way to go. Don't get deluded that safe languages or formally verified microkernels could solve cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems. Security by Isolation, done sensibly, is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 only way to go (of course it doesn't preclude making use of some formally verified components, like e.g. microkernel in place of Xen, at least in some editions of Qubes).
Finally one more announcement for today: after writing this blog for 8 years, I've suddenly felt like I might need to try also some new form of expression... And so, for a few days, I now have a twitter account (@rootkovska), which I hope to use for updates on Qubes, as well as more general commentary on various things happening in IT security.
After Qubes rc1 release a few months ago we have been hit by a number of problems related to unreliable VM start-ups. The most prevalent problem has been traced down to an upstream bug in systemd, which just happened to be manifesting on Qubes OS due to specific conditions imposed by our startup scripts.
Actually, it has not been cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first time when some things related to VM bootup or initialization didn't work quite well on Qubes, a side effect of heavy optimizations and stripping down we do in order to make cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 VMs as light weight as possible. E.g. we don't start most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Desktop Environment which ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rwise is assumed to be running by various desktop-related applications and services. In most cases cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se are really NOTOURBUG kind of problems, yet we just happen to be unlucky cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y manifest on Qubes. We do need more help from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 community with testing, debugging and patching such NOTOURBUG problems in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 upstream. The more people use Qubes OS, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 higher cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 chances such problems will be addressed much quicker. Ideally, in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 future, we could partner with a Linux distro that would include Qubes AppVM as one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 test cases.
Speaking of different Linux distros -- we have also recently built and released an experimental (“beta”) Debian template for Qubes AppVMs, a popular request expressed by our users for quite some time. It can be readily installed with just one command, as described in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 wiki. It is supposed to behave as a first class Qubes AppVM with all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Qubes signature VM integration features, such as seamless GUI virtualization, secure clipboard, secure file copy, and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r integration, all working out of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 box. Special thanks to our community contributors for providing most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 patches required for porting of our agents and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r scripts to Debian. This template is currently provided via our templates-community repo, but it nevercá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365less has been built and signed by ITL, and is also configured to fetch updates (for Qubes tools) from our server, but we look forward for somebody from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 community to take over from us cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 maintenance (building, testing) of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 updates for this template.
Also in our "Templates Appstore" you can find now an experimental “minimal” fedora-based template, which might be used by more advanced users to build customized special-purpose VMs and templates.
We have also moved our Wiki server to a bigger EC2 instance so it could better handle cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 increased traffic and also added a real CA-signed SSL certificate! But I encourage people to read why this is mostly irrelevant from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security standpoint and why cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y should still be checking signatures on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ISOs.
We also got a new logo (actually we never really had our own logo before). This also means Qubes now got its own distinct set of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mes for installer, plymouth and, of course, a bunch of cool wallpapers with Qubes logo nicely engraved on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m. However, it turned out that convincing KDE to set our wallpaper as a default one exceeds cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 collective mental abilities of ITL, and so one needs to right-click on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 desktop and choose one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Qubes-branded wallpapers manually after install or upgrade.
Every once in a while people (re-)discover that monolithic kernel-based desktop operating systems are not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best solution whenever cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 user even remotely cares about security...
Yes, USB inherent insecurity, as well as widespread GUI insecurity, or networking stack insecurity, trivial physical insecurities, or sick permissions model as used in most desktop systems, have all been known facts for years. The recognition of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems has been cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 primary motivator for us to start cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 work on Qubes OS back in 2009/2010.
And yes, Qubes running on an appropriate hardware (specifically with Intel VT-d) can solve most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems. Correction: Qubes OS can allow cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 user or administrator to solve cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems, as unfortunately this still requires some configuration decisions made by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 human operator. So today Qubes R2 is like a sports manual transmission, which requires a bit of skill to get most out of it. In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 near future I see no reason why we should not be offering cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "automatic 8-speed transmission" edition of Qubes OS. We just need more time to get cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re. The R3 release (Odyssey-based), whose early code is planned to be released just after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "final" R2, so sometime in September, is all about bringing us closer to that "automatic transmission" version.
With my 10+ years of experience as a system-level security researcher, I believe cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is no ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r way to go. Don't get deluded that safe languages or formally verified microkernels could solve cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems. Security by Isolation, done sensibly, is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 only way to go (of course it doesn't preclude making use of some formally verified components, like e.g. microkernel in place of Xen, at least in some editions of Qubes).
Finally one more announcement for today: after writing this blog for 8 years, I've suddenly felt like I might need to try also some new form of expression... And so, for a few days, I now have a twitter account (@rootkovska), which I hope to use for updates on Qubes, as well as more general commentary on various things happening in IT security.
Subscribe to:
Posts (Atom)
