-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Thu, Jun 02, 2016 at 08:54:59AM -0700, daltong defourne wrote:
> Hello!
> First and foremost, I did google and I did read this thread about Dom0 not
> being networkable anymore
>
https://groups.google.com/d/msg/qubes-users/c2RyhLmTCm4/VQXWnHtyBQAJ
>
> However, I need to have 3d acceleration available to a trusted-ish (in the
> sense, developed in-house) program that would need network access.
>
> Performance w/o acceleration access is unacceptable, while accelerated
> performance is okay (tested on raw fedora) so just giving up and running it
> in a Qubes AppVM is sadly not an option
>
> The software also needs network access.
Instead of breaking Qubes OS, better dualboot to some non-Qubes
distribution for this application usage. It will be significantly more
secure than exposing dom0 to network access. And even if that second
system would be compromised, will not be able to _directly_ steal your
data, as Qubes OS partition is encrypted by default. But while running
on bare metal, will be able to infect your hardware (think of BIOS, all
the firmwares etc). Usage of Anti-Evil-Maid is advised here to at least
detect some of those attacks.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXUM1BAAoJENuP0xzK19cs/LgH/RnMYLXsw3Vk4b10tM/xDI/q
C+0X9+otlYK6gUm3FiWGW/xiwuooJPCglF0L2FOuy/A7FFhyBYTbH/nskZsJTmQZ
mE5lR6SLTth+6EIv93EDQxkUOWbHY2jN7N9uYITSPOP4mytKhSJ19A6WhbL4PNmh
h2lF1XHqZV6w1MXmijXJtql179b8+dff4vsADEnZFx/dLAWLtosLAFJ6AnSmELWf
dkHtPnViClGjbSmoIRmUiUbcbwXmG4GndVsod1nAE5DQ8VDceZkFlE03wQm3LlaG
Y6+UxsJ/FXGxhwDqVL6lQjF6jhPPiwwyv4b2LjcQWIU7Hs2iBoLZXQSRLsGocr0=
=YjjE
-----END PGP SIGNATURE-----