Some comments:
1) You mention "vm exploit" in a few places. While I understand your
intention, I think it's not quite fair to compare e.g. a vm exploit
against Virtual Box with a vm exploit against Qubes. Even comparing
Virtual Box against Xen would be unfair, and in Qubes we have
additionally put some more work into further (comparing to Xen)
minimizing possibility of such attacks, e.g. by moving network backends
to untrusted netvm by default, by using explicit kernels for PV domains,
by using our custom GUI virtualization, by refactoring/hardening HVM
support, and probably a few other things I forgot just now).
2) Regarding Cold Boot Attack prevention -- theoretically all that is
needed to implement this on Qubes is to setup tboot with Qubes (i.e.
modify grub.conf to load tboot.gz before xen.gz). In the future we
should modify AEM to perform tboot installation automatically, currently
this would need to be done manually (although I haven't tested it
myself). But once done, AEM should work with TXT-generated PCRs out of
the box.
Intel TXT, which is what tboot implements, should provide protection
against most coldboot attacks. This is because the chipset (MCH) on a
TXT-compatible system should be blocking access to DRAM if it detects
that the previous shutdown(s) was "un-clean", and this is what happens
in cold boot attack scenario. In that case the only way to unlock access
to DRAM is for the BIOS to load and execute Intel-provided SCLEAN module
(verified by digital signature), whose job is to wipe the DRAM.
So, this should prevent standard cold boot attacks where the attacker
reboots the target system from a USB disk or CDROM, and then attempts to
scan the memory for secrets. Unfortunately TXT's SCLEAN cannot prevent
more extreme form of this attack where the attacker physically extracts
the DRAM dies from the target platform and plugs into another system
(under attacker's full control). The latter could only be fully
protected if our OS/VMM performed on the fly encryption of all the data
that go to DRAM. This is not as unthinkable as it might sound, but
surely impacts performance somehow, and also deserves a separate discussion.
It made me curious, though, adrelanos, that you wrote in your table that
Tails does offer protection against cold boot attacks. I wonder how? Is
that it just tries to keep disk decryption key in CPU registers? Well,
surely that would only be a tip of the iceberg, as there can still be
lots of other interesting secrets in DRAM, right? (Such as the auth key
to your world-0wning botnet, or something)
3) And, BTW, perhaps it might make sense to write "Qubes TorVM" in the
column header, instead of just "TorVM"?
joanna.