Andrew David Wong writes: > Joanna Rutkowska has just published a new article titled "Qubes Air: > Generalizing the Qubes Architecture." The article is available both on > Joanna's blog: > > https://blog.invisiblethings.org/2018/01/22/qubes-air.html > > And on the Qubes website: > > https://www.qubes-os.org/news/2018/01/22/qubes-air/
Instead of putting the RDP client into the master GUI qube to talk to the RDP server in the slave GUI qube, how about putting the RDP client into a stub qube in the master zone? The stub would work analogously to the Qubes PDF converter to produce simple image data. Then the master GUI qube can talk to the stub via the standard intra-zone GUI protocol, and an RDP exploit could only compromise the stub. Inter-slave compromises could also be prevented by using a dedicated stub for each slave, instead of one stub to talk to all the slaves. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/wO6HpXWKP4xsj0HWYyZsj7Snlu53WNKUojJdwyIgVBm%40local. For more options, visit https://groups.google.com/d/optout.
