How well does Qubes OS actually protect against key lockers ?

[A]

How well does Qubes OS actually protect against key lockers ?

[Sven Semmler]

On Wed, Feb 19, 2020 at 04:19:07AM -0800, A wrote:
> How well does Qubes OS actually protect against key lockers ?

Through compartmentalization: this means if someone has a successful
exploit and installs a key logger only that qube will be affected.

Example:

- web qube
- email qube
- project 1 qube (offline)


If by clicking on something in the web qube, you end up having a
keylogger there, everything you do in the email and project 1 qube
should still be invisible for that keylogger

Of course, if you got somehow tricked into installing tainted software
in dom0 the game is over.

An additional level of defense can be achieved by having e.g. your web
qube be disposable (not storing state through reboot). That way if you
get infected in one session, after you stop/start the qube you are clean
again.


/Sven

--
public key: https://www.svensemmler.org/0x8F541FB6.asc
fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6

[Ulrich Windl]

>>> A <annee...@gmail.com> schrieb am 19.02.2020 um 13:19 in Nachricht
<6060_1582114749_5E4D27BD_6060_305_1_418aea73-f8b8-44bc-9152-b644e3ad2551@google
roups.com>:

> How well does Qubes OS actually protect against key lockers ?

You mean key _loggers_?

>
> --
> You received this message because you are subscribed to the Google Groups
> "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to qubes-users...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/qubes-users/418aea73-f8b8-44bc-9152-b644e3a
> d2551%40googlegroups.com.

[A E]

Yes, you’re right, I did not see that. 🙂