Maybe a silly question

[Manuel Cornejo]

Hi everyone.

As Qubes works by means of the principle of security by isolation and every part of the hardware is running in a virtual machine. Does it make any sense to use Kaspersky Security for virtualization over the xen hypervisor  to improve security and antihacker security?

Is going KasperskyOS to suppose a big concurrency to Qubes?

Sincerely

Manuel Cornejo

[a.mc...@yandex.com]

Hi,
KasperskyOS is system for embbeded devices, for industrial devices. I don't see any advantages for home usage in Qubes OS. Besides, it's a closed source peace of software. Just forget about it, unless you are engineer/developer and going to use it for it's primary purposes.

As for Kaspersky Security for Virtualization, it could add extra security, but due to it's closed source nature it could be a weakness itself.
Also, it supports Citrix Xen Server, but it doesn't support open source Xen Server itself... Besides, it's not for free and pretty costly, not for home usage.

[Desobediente]

I second this.

If it's closed source, then by definition it is impossible to improve security. It's the other way around, it actually compromises all prior efforts into security.

[Manuel Cornejo]

Regarding the cost here it is: https://www.antivirussales.com/store/kaspersky-security-virtualization-server-1year-band-p-new . $76.38 doesn't seem a lot for 49 seats. The question is that this product is licensed for a "network" in mind not for a pc with "networked internals". Well so . Doesn't Qubes need and antivirus? What happend if on Qubes we set a VM with Windows 7 in it? Would you install antivirus on the virtual machine hoping that is going to be (the same /more) effective than the traditional not virtualized scenario? How do you protect your Qubes machine from virus? Just by putting down the VM and what about with bios rootkits and other malware?

[Jean-Philippe Ouellet]

On Fri, Mar 24, 2017 at 10:51 AM, Manuel Cornejo
<manuel.c...@gmail.com> wrote:
> Doesn't Qubes need and antivirus? What happend if on Qubes we set a VM with Windows 7 in it? Would you install antivirus on the virtual machine hoping that is going to be (the same /more) effective than the traditional not virtualized scenario? How do you protect your Qubes machine from virus? Just by putting down the VM and what about with bios rootkits and other malware?

IMO you are much better off using templates to ensure you don't use
compromised windows VMs to deal with data you care about than you
would be trying to use antivirus (a.k.a. "throwing all the untrusted
input at all the complex parsers, often with extremely weak
sandboxing").

[J. Eppler]

> As Qubes works by means of the principle of security by isolation and every part of the hardware is running in a virtual machine. Does it make any sense to use Kaspersky Security for virtualization over the xen hypervisor  to improve security and antihacker security?

The KasperskyOS uses a hosted hypervisor (type-2 hypervisor). The KasperskyOS is based on a reliable proprietary microkernel. They use device emulation or where possible paravirtualization. KasperskyOS is able to use hardware virtualization extensions, but does not require them [1]. I assume they use an mixed approach of binary translation and kernel based virtualization. However, everything is proprietary. This is the reason what makes a technical and security comparison between KasperksyOS and QubesOS impossible.

However, it is easy to argue why Xen is a good choice as hypervisor for security projects such as QubesOS:

- Xen is open source, which means everybody can audit and anylze it
- Xen is used by several large companies in their cloud data center (Amazon AWS, Netflix.... etc.) -> Industrial proven
- Xen was developed and maintained for over a decade and has proven to be reasonable secure and flexible.
- Xen itself has a very small code base, which means less code running higher privileged CPU modes (Intel VT + AMD-V ring -1, ARM "HYP" mode).

> Is going KasperskyOS to suppose a big concurrency to Qubes?

No, QubesOS has a very high security standard driven by excellent research from Invsible Things labs. Furthermore, QubesOS is open source, which means people can extend QubesOS for their own use cases. Larger community projects which extend QubesOS are Whonix, the Archlinux-Template, the Mirage-Firewall Unikernel. In addition there are a couple of smaller projects.

By the way, KasperskyOS is not the only solution. Bromium vSentry for example is another endpoint virtualization solution.

[1] https://os.kaspersky.com/wp-content/uploads/sites/11/2017/02/Kaspersky-Secure-Hypervisor-En.pdf

[cooloutac]

I gave up on Virus scans a couple years ago. I turned into one of the grey bears that use to tell me in the late 90s they were useless...

Actually revelations nowadays are that they are not just useless since they can't keep up with literally millions of viruses released every month, according to head of IAD for the NSA like 5 years ago... probably way more now.

But the fact is they are more of a security risk then they are worth. There is a security researcher Tavis Ormandy? who has exposed kapersky and exploits Norton quite frequently. Norton once took one of my suggestion when they started their 2009 I think was the year, a symantec employee contacted me and I was psyched to see they included my suggestion. With a brand new revamped norton that was destroying everyone else with the lightest foot print. Then I caught them hiding processses in the kernel and their own program, which ahd a feature who listed which cpu use was from norton or other on system, was lying haha. And after like 2 or 3 years they were back to raping hdd's and using resources again.

Rumours from the 90s about them making their own viruses to promote their own software has also been proven not too long ago. Especially related to Kapersky being caught as well. Some of them are so blatantly corrupt nowadays you know its them when they pop up on your windows machine out of nowhere lol...cough personal antivirus...cough..

[hongkongwillbefree]

On Tuesday, March 21, 2017 at 10:36:23 AM UTC-7, Manuel Cornejo wrote:

Hi everyone.

As Qubes works by means of the principle of security by isolation and every part of the hardware is running in a virtual machine. Does it make any sense to use Kaspersky Security for virtualization over the xen hypervisor  to improve security and antihacker security?

Reply: Kaspersky is incorporated in and obeys th elaws of the Russian Federation, which is controlled by the FSB, formerly knowen as the KGB. Man security flaws of record, most recently August 2019 breaking news.   https://www.techradar.com/news/kaspersky-antivirus-left-millions-customers-open-to-online-tracking