-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 2016-11-14 17:02, Sec Tester wrote: > A thought on security through obfuscation. > > Right now in terminal is you type: "uname -r" we get the kernel version, > which has "qubes" in the name. > > Straight away the attacker, knows he's dealing with a qubes VM. Could we not > name the kernels to match their original OS? > > And following that same concept, disguise any other tell tale signs this is a > VM on Qubes. QubesIncoming, could just be called received. Use non qubes > unique process or packet names. This would also include renaming Xen stuff. > Hiding any obvious qubes unique directories deeper into the file system. > > Of course if an attacker specifically tries to tell if they are in a VM its > impossible to 100% hide it, but if an attacker does a quick check and thinks > they're on a standard debian desktop, memory attacks & dom0 are never a > target. > > Just an idea. >
In addition to what Marek and Unman have said, I'd just like to point out that, currently, there's no guarantee of privacy (in the sense of a concerted effort to achieve non-fingerprintability) in any VM that is not a Whonix VM. When you require privacy, use a Whonix VM. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJYKs//AAoJENtN07w5UDAwhEEP/3pzpBhQVSSmPlkVtSLngNb5 zF1jk2pSEuxkdm1pmguc9MnCERqqyjpaE9xWZAASE1l2+d1ra4CeL4hi0gdN4RC2 AFp2CPOLT6QcAVzmJX6g+GS/nmv0eseeSPxKAwYdfEWgbC0dNXAya+45lalSX07R 1nBonpZKaKqq2nXVuCt3DoDbiCv7g8ko3BeC59loJreizGLpqDaxv63O8nsQBEfR ylKYUkarVWHKFjv59gRyc7BI5LFa9uc09CW7AkIODsVWAeVUkPvu+54wZKjuChIf kfaz+PsMrhTeCqUftl9ldsXKoUltDfWOoZX/nTlGR4pkLmwOEm4bZuWHFD4fEnUW uX/5ou/xs0ZEeHbnd51/4i0yQeIeb1cnskuEMnKHL8aSRwLvdOCYbYuwcEis124v TCRRwY9j1F6MDdO/owvJaBIwM9UbXWszLWDe/lELRt5C4AdUNyWPzL3jyH3o8aqi SAk6gd3PM0Q0uVkKARpDIK95KiGvI/fY3MbQYDEKu84aORysPBUdCANW1jZTl4rD Lln5xrDZHVPSIOFWmh8fk+8xKrDMb7R16BWvK8i2QGNbKs60DFxkl+yOgwAk9u8Z dy6pNI8LompgzctlMastFGs0KObx+k00w6qWQQ2Z3JcafTnVXkxL8EedOUikEcwH h0xhozZvhDreRPSYPydJ =4exQ -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bdd34ebe-7dcc-794a-3814-1000fff77482%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
