Has it ever been considered a feature the fact that all of the activity of a user in Qubes OS happens in a VM, from the point of view that a lot of malware has anti-debugging features that usually alter their behaviour when they detect they are run in a VM?
I don't have any statistic data for malware having such protections, and I believe that some anti-debugging features just compare hardware cpu timers to better discern an actual debugging session from a running VM (otherwise, this could prevent the malware from running on vps platforms). But it could be a nice side effect... -- Alex -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b7415225-ab81-2cfa-13f1-98757dc651a2%40gmx.com. For more options, visit https://groups.google.com/d/optout.
