On 02/10/2017 05:02 AM, john.david.r.smith wrote:
On 10/02/17 11:53, '0xDEADBEEF00' via qubes-users wrote:
Interesting topic...
I would like to here more about how people handle this.
On my side, I'would never work on sensitive information in such a
situation.
To make just some surfing in public place, my laptop is installed
with a standard w10 that I use only to check a generic mailbox with
on sensitive information, do some nonsensitive work and surf. By the
way, the boot sequence of my laptop is set to boot this partition by
default with no menu or prompt of any kind. If I want to boot into
qubes, I have to do it manually by interupting the boot sequence.
This also serves as a decoy, if I'm forced to boot my laptop when
passing borders or so.
Best,
0xdeadbeef
dual booting opens a whole new attack surface.
is there a way to deal with this?
the other os may not be able to read/modify qubes due to encryption,
but it can write something malicious on the disk (e.g. some loader
running before qubes)
while i can't deny the utility of a decoy, dual booting does indeed open
a new attack surface, e.g. win10 gremlin rewrites the bootloader on your
non-win10 partitions in a way that caches your disk passphrase somewhere
win10 can access it next time it boots.
the best policy with windows is to never use it under any circumstances,
provided you can manage it.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/621ac601-b135-33f2-8e18-c455b9723e5f%40companyzero.com.
For more options, visit https://groups.google.com/d/optout.