On Saturday, 20 January 2018 10:14:00 CET bowa...@gmail.com wrote: > This way the attack surface of Qubes code is very small.
The proposal does not change the attack surface at all. Reading on what you wrote below, I think you have misunderstood the proposal to one of GPU passthrough. > A GPU is another computer in your computer attached with a bus. It has a > firmware, run-time, memory, processor. Rootkits exists to attack the > run-time and even to stay persistent in the GPU (not sure if these > attacks are still possible on the persistence side) Therefore Dom0 is the > only OS that can have code running on it Yes, I think you misunderstood the proposal, the GPU is not being shared or made available to anyone but dom0 in the proposal. Making your worry irreleavnt. The proposal is made specifically to avoid needing to make the GPU available for all Qubes. -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/1884306.4Qn7dAWZx5%40mail. For more options, visit https://groups.google.com/d/optout.