-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 2017-03-13 10:37, Unman wrote: > On Mon, Mar 13, 2017 at 08:13:31AM -0700, hib0...@gmail.com wrote: >> I only skimmed the thread so I apologize for my laziness up >> front if I missed something but I think a few clarifications need >> to be made about my experiences thus far. The following >> statements are with reference to the fedora-24 template which was >> downloaded 05/10/17. > > It's a shame you've only skimmed the thread you kicked off, because > there is a good deal of interesting information there, and many > interesting perspectives. >
I agree. Kicking off a discussion thread, then sending very verbose replies without really reading the thread to which you're replying sends a certain kind of message, something like: "What I have to say is more important than what you have say. Therefore, it makes sense for me to spend little time reading what you have to say and instead spending more time writing what I have to say." Sometimes, this is right. For example, if one is a leading expert in a certain field, it might make more sense for that person to focus on disseminating his or her knowledge. But that's generally a position that has to be earned first. > Over at qubes-issues, Joanna commented on the dom0 control, (NOT as > password as Chris rightly stressed, but a mechanism in dom0 for > requiring user acknowledgement before granting root rights in a > qube: > > "I'd worry more about sending a false-sense-of-security signal that > (presumably) Dom0 is able to strictly control user -> root > escalations within VMs (which it really cannot 100% as explained > in the linked page)." > > Of course, hers is just another voice, but it's one worth > listening to. > In the sense that we should not blindly accept arguments from authority, I agree. However, in every other sense, I disagree. Regardless of whether one shares Joanna's opinions, one must admit the facts: Joanna founded Qubes, she sets the road map for Qubes, and she controls the Qubes Master Signing Key. In this sense, hers is clearly not "just another voice," but a very special one. > [...] > > Look at something like Bromium, which uses the equivalent of > disposableVMs in a working desktop. It's a viable model and works > right now. > I think we should be very careful with such comparisons to Bromium, lest we start giving people the wrong idea. Bromium "micro VMs" are definitely not the equivalent of Qubes DispVMs. (Perhaps the most fundamental difference is that Bromium itself has to run on top of Windows.) - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJYx5CVAAoJENtN07w5UDAwJ6AP/2KV4FXFpAIqpEc5Z+nwKCIP bpnfKOzktWbxmflCWvZoT2ByTDU2BAW+KXxjm1/kZAkG3q2FPIBt1+Uj2/QaZwX0 M2r0rSFuq0O+6peIbFwniPmz0dGVk4h4Z5cSj6WWAiA5RKwA84DHDaNRvikmK8kU 9T85r2LgV9zUJDK3s4NLJP5SXqxnt72KHBe9waArmGLi1SPL5ishYIlBGyKQ0tJ9 IqWdweVJJ07lqCC6hG0fEpGOrYs3wx2rj2w7ygBYPNd23xB65u0vTfbi6Rj9Tztm CbXDFuUOu68HgLoFVYXcZ3eYybVLsaNWtjO3VytMZniIG5pXN3V0XxCA9KsoziTv EflwAoBo0joqjXCd/lQwgMnbIzHcFb2cRCqS+Gcyon0p/a3cScI/z/x0yHC3OkC5 /llNxKgMW/MFGdvxVQYWneDjIltOKuNbw4a6ypCDcHZhj0fuRi/gr4eOcnJ8A/p4 cJKwYlW6mIvyIKzXapYYY/tTxvbYKzq/PVtjdmClIDGIJAyD+izp5lhhoShAE0W1 cO5t+FiuXwpw3YWsSnzPlwgO9mRKSMy7D1AOlCygfyypUXj4Ze6iZ/lJzBnNqB/c wgF5izlgdIdwpNPOmn4Ch7NceeA9f+n64EWl5EkHhsQFGyxgIEuUOl8+Mexmo1Sl gwopXtu5fPRHwnhEMhE6 =y1uh -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/47e296e8-09fd-d2cd-027a-f42331ea8b32%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
