Wednesday, August 06, 2014

Qubes OS R2 rc2, Debian template, SSLed Wiki, BadUSB, and more...

Today we're release cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second release candidate (rc2) for Qubes OS R2. There are currently no more open tickets for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 final R2 release, and we hope that what we release today is stable enough and so will be identical, or nearly identical, to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 final R2 ISO, which we plan to release after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 summer holidays. Download and installation instructions are here.

After Qubes rc1 release a few months ago we have been hit by a number of problems related to unreliable VM start-ups. The most prevalent problem has been traced down to an upstream bug in systemd, which just happened to be manifesting on Qubes OS due to specific conditions imposed by our startup scripts.

Actually, it has not been cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first time when some things related to VM bootup or initialization didn't work quite well on Qubes, a side effect of heavy optimizations and stripping down we do in order to make cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 VMs as light weight as possible. E.g. we don't start most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Desktop Environment which ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rwise is assumed to be running by various desktop-related applications and services. In most cases cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se are really NOTOURBUG kind of problems, yet we just happen to be unlucky cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y manifest on Qubes. We do need more help from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 community with testing, debugging and patching such NOTOURBUG problems in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 upstream. The more people use Qubes OS, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 higher cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 chances such problems will be addressed much quicker. Ideally, in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 future, we could partner with a Linux distro that would include Qubes AppVM as one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 test cases.

Speaking of different Linux distros --  we have also recently built and released an experimental (“beta”) Debian template for Qubes AppVMs, a popular request expressed by our users for quite some time. It can be readily installed with just one command, as described in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 wiki. It is supposed to behave as a first class Qubes AppVM with all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Qubes signature VM integration features, such as seamless GUI virtualization, secure clipboard, secure file copy, and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r integration, all working out of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 box. Special thanks to our community contributors for providing most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 patches required for porting of our agents and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r scripts to Debian. This template is currently provided via our templates-community repo, but it nevercá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365less has been built and signed by ITL, and is also configured to fetch updates (for Qubes tools) from our server, but we look forward for somebody from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 community to take over from us cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 maintenance (building, testing) of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 updates for this template.

Also in our "Templates Appstore" you can find now an experimental “minimal” fedora-based template, which might be used by more advanced users to build customized special-purpose VMs and templates.

We have also moved our Wiki server to a bigger EC2 instance so it could better handle cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 increased traffic and also added a real CA-signed SSL certificate! But I encourage people to read why this is mostly irrelevant from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security standpoint and why cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y should still be checking signatures on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ISOs.

We also got a new logo (actually we never really had our own logo before). This also means Qubes now got its own distinct set of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mes for installer, plymouth and, of course, a bunch of cool wallpapers with Qubes logo nicely engraved on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m. However, it turned out that convincing KDE to set our wallpaper as a default one exceeds cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 collective mental abilities of ITL, and so one needs to right-click on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 desktop and choose one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Qubes-branded wallpapers manually after install or upgrade.

Every once in a while people (re-)discover that monolithic kernel-based desktop operating systems are not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best solution whenever cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 user even remotely cares about security...

Yes, USB inherent insecurity, as well as widespread GUI insecurity, or networking stack insecurity, trivial physical insecurities, or sick permissions model as used in most desktop systems, have all been known facts for years. The recognition of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems has been cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 primary motivator for us to start cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 work on Qubes OS back in 2009/2010.

And yes, Qubes running on an appropriate hardware (specifically with Intel VT-d) can solve most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems. Correction: Qubes OS can allow cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 user or administrator to solve cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems, as unfortunately this still requires some configuration decisions made by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 human operator. So today Qubes R2 is like a sports manual transmission, which requires a bit of skill to get most out of it. In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 near future I see no reason why we should not be offering cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "automatic 8-speed transmission" edition of Qubes OS. We just need more time to get cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re. The R3 release (Odyssey-based), whose early code is planned to be released just after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "final" R2, so sometime in September, is all about bringing us closer to that "automatic transmission" version.

With my 10+ years of experience as a system-level security researcher, I believe cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is no ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r way to go. Don't get deluded that safe languages or formally verified microkernels could solve cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se problems. Security by Isolation, done sensibly, is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 only way to go (of course it doesn't preclude making use of some formally verified components, like e.g. microkernel in place of Xen, at least in some editions of Qubes).

Finally one more announcement for today: after writing this blog for 8 years, I've suddenly felt like I might need to try also some new form of expression... And so, for a few days, I now have a twitter account (@rootkovska), which I hope to use for updates on Qubes, as well as more general commentary on various things happening in IT security.

11 comments:

AJH said...

Looking forward to trying it out. Pleased Qubes is moving forward.

Congrats to you and team.

Anonymous said...

Joanna, your efforts do not go unappreciated!

I've discovered and been a fan of QubesOS for only cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 past 6 months, but even now I see a daily growing census of users who appreciate your work and who understand cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 advantage of such a system. Many thanks to you and your team!

And by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 way, thanks for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 correct pronunciation of your name. I've been getting it wrong until now...

Alex Dubois said...

Great work. I know it is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 icing on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 cake but I find cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 logo brilliant. It capture very well cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 spirit of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 OS, a single user OS with strong isolation.

Matcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365w Fernandez said...

Great work as always, Joanna. With regards to your comments about formally verified microkernels, seL4 was just open sourced so now could be cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 time to replace Xen with seL4 if you're considering it for a future release :)

Anonymous said...

Joanna, Great to see your fantastic intellect manifested in an OS of such class.

cheers!!!

Joanna Rutkowska said...

Thanks. But don't forget Qubes is fruit of not just my work:
https://wiki.qubes-os.org/wiki/QubesDevelopers

arul said...

Joanna, regarding cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 dom0 and it's disaggregation - have you considered Xen's Mirage or NetBSD's rumpkernels - cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se seem like cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 projects made just for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 task?

Anonymous said...

If Qubes OS R2 is about to release it is time to plan Qubes OS R3 :)
1. Do you plan to support ARMv8(-A) in Odyssey-based Qubes OS R3?
2. What are yours feelings about security of ARMv8 based (micro-)servers?
For example AMD released development board with ARMv8 based Opteron™ A1100 System on a Chip with two integrated controllers of Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rnet and SCP (system control processor). Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rnet related chip in context of Loic Duflot's and Yves-Alexis Perez attack on network cards. SCP in context of its own security and question: Can SCP prevent various attacks?

Harry Johnston said...

The "USB stick reprogrammed to include a fake keyboard" attack seems particularly hazardous. Does/will Qubes have any countermeasures?

Perhaps whenever a new keyboard device appears it could be isolated from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 rest of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 system until it is used to enter a valid user's credentials?

Unknown said...

Congrats for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hard work !

Does now Windows AppVMs support different keyboard layouts (after VM tools are installed on Guest OS) so that we are not only forced to use QWERTY ?

Thanks

Anonymous said...

KDE default wallpaper:
/usr/share/kde4/apps/desktopcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365me/default/metadata.desktop:defaultWallpaperTheme=Elarun

-> change to a Qubes one?