How much is a threat installed software you don't use? * If the package install script is malicious, it is a threat. * However, if you are concerned just about vulnerabilities, they are often not applicable if you don't use the software.
So, it depends on your threat model. Regards, Vít Šesták 'v6ak' On Tuesday, March 14, 2017 at 9:23:25 AM UTC+1, evo wrote: > Hi! > > i consider about the VM-strategy for the personal and other areas. > till now i have just AppVms for this purpose. > > But isn't it better to have just standalone VMs, because of the > installed software on each VM? > > For example i need openoffice on work-VM, but i don't need it on banking > or personal or whatever VM. Thunderbird i just need on my e-mailVM. If I > install everything on the template all software will be on every > AppVM.... so it's less secure. > > How do you think about it? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ce51afac-ce5c-4fa1-bb5e-7f25e5416f0c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
