Hello everyone, currently I don't have QubesOS installed unfortunately, so I can't check this by myself, and it might take some time until I'll be able to install it, therefore I'm asking about this on the list: I think that AIDE is the most sophisticated tool for checking file system integrity (and I believe that this approach might be one of the best in order to see whether a system got compromised or not), but obviously it could render this approach useless, if one would first habe to go online after having installed QubesOS and then AIDE from a Repo, which might be compromised. Therefore my question: Is AIDE included in the Fedora installation iso, so that those security issues couls be circumvented?
By the way, doing so should not only be done before going online for the first time, but already before the system restarts after its installation (because otherwise ACPI or other firmware code might compromise the system during the first boot process). If it's not included in the installation iso, then I'd strongly suggest that it should be added. (The second best solution would be to download it and pray that this download is not compromised (probably I don't need to mention that there are various ways to compromise this download without someone being able to notice that), bur actually that doesn't even sound like a 'second best', but a rather careless approach.) Maybe manually hashing files by writing a script could be another approach (I'd rather do that than trust a security relevant tool I downloaded from somewhere), though AIDE is really great in its functionality and it would be really nice if doing so would be possible. Kind regards and all the best David -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/n4aswxfhkcyqvwfnft22564e.1478334195110%40email.android.com. For more options, visit https://groups.google.com/d/optout.
