SSD+malicious HDD?
41 views
Skip to first unread message
gg...@vfemail.net
Apr 7, 2017, 6:00:24 AM4/7/17
to qubes...@googlegroups.com
Hi guys
1. I have installed and update Qube-os on my SSD and after i connect to motherboard HDD.SSD- primary, HDD-secondary. It attached directly to Dom0. If my HDD - malicious, is it a threat?
2.Is Debian 9 safer than Debian 8, or Fedora 24 more safer than Fedora 23?
Thanks
-------------------------------------------------
ONLY AT VFEmail! - Use our Metadata Mitigator™ to keep your email out of the NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!
No Bandwidth Quotas! 15GB disk space!
Commercial and Bulk Mail Options!
Chris Laprise
Apr 8, 2017, 12:22:12 AM4/8/17
to gg...@vfemail.net, qubes...@googlegroups.com
On 04/05/2017 12:02 AM, gg...@vfemail.net wrote:
> |Hi guys
> 1. I have installed and update Qube-os on my SSD and after i connect to
> motherboard HDD.SSD- primary, HDD-secondary. It attached directly to
> Dom0. If my HDD - malicious, is it a threat?
Future versions of Qubes may be able to protect against a malicious HDD,
> |Hi guys
> 1. I have installed and update Qube-os on my SSD and after i connect to
> motherboard HDD.SSD- primary, HDD-secondary. It attached directly to
> Dom0. If my HDD - malicious, is it a threat?
but not currently. Even an AEM-enabled Qubes could be vulnerable to a
DMA attack.
> 2.Is Debian 9 safer than Debian 8, or Fedora 24 more safer than Fedora 23?
> Thanks|
because its at end-of-life.
Chris
--
Chris Laprise, tas...@openmailbox.org
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
Unman
Apr 8, 2017, 9:24:30 AM4/8/17
to Chris Laprise, gg...@vfemail.net, qubes...@googlegroups.com
On Sat, Apr 08, 2017 at 12:22:05AM -0400, Chris Laprise wrote:
> On 04/05/2017 12:02 AM, gg...@vfemail.net wrote:
> >|Hi guys
> >1. I have installed and update Qube-os on my SSD and after i connect to
> >motherboard HDD.SSD- primary, HDD-secondary. It attached directly to
> >Dom0. If my HDD - malicious, is it a threat?
>
> Future versions of Qubes may be able to protect against a malicious HDD, but
> not currently. Even an AEM-enabled Qubes could be vulnerable to a DMA
> attack.
>
> >2.Is Debian 9 safer than Debian 8, or Fedora 24 more safer than Fedora 23?
> >Thanks|
>
> The first three are receiving security updates, but the fourth is not
> because its at end-of-life.
>
> Chris
Debian-8 is somewhat more secure then Debian-9, in that the priority is
> On 04/05/2017 12:02 AM, gg...@vfemail.net wrote:
> >|Hi guys
> >1. I have installed and update Qube-os on my SSD and after i connect to
> >motherboard HDD.SSD- primary, HDD-secondary. It attached directly to
> >Dom0. If my HDD - malicious, is it a threat?
>
> Future versions of Qubes may be able to protect against a malicious HDD, but
> not currently. Even an AEM-enabled Qubes could be vulnerable to a DMA
> attack.
>
> >2.Is Debian 9 safer than Debian 8, or Fedora 24 more safer than Fedora 23?
> >Thanks|
>
> The first three are receiving security updates, but the fourth is not
> because its at end-of-life.
>
> Chris
to release security updates for stable(8). Updates for unstable may be
delayed for assorted reasons, sometimes weeks after a fix for stable.
Note too that for Debian systems there are no security updates for
packages from the contrib and non-free repositories. I am fairly
certain that a default install has those repositories enabled - you can
disable them by removing the names from /etc/apt/sources.list, but this
will restrict the software that is available to you. It's a clear trade
off. (This is an oversimplification in that some packages may get
updates, but there isn't a systematic security update process for
these packages.)
(It's one of those cases where Qubes trades convenience against security
- this one is a mistake imo.)
Reply all
Reply to author
Forward
0 new messages