On 11/21/2017 02:23 PM, [email protected] wrote: > On 11/20/2017 06:08 PM, Jean-Philippe Ouellet wrote: > >> On Mon, Nov 20, 2017 at 5:59 PM, [email protected] <[email protected]> wrote: >>> On 11/19/2017 07:17 PM, [email protected] wrote: >>> >>> Does this hold any water? Does the switch from paravirtualization to >>> HVM/SLAT degrade privacy by allowing easier hardware fingerprinting? >>> >>> It holds no water. >>> >>> There is no such thing as "hardware fingerprinting" >> Then what do you call checking e.g. clock drift, disk bandwidth, etc.? > I consider hardware fingerprinting to be something permanent, those are > not and are limited to finding out that two VM's are on the same PC.
Well, the clock drift in an intrinsic feature of your processor clock, disk bandwidth of your disks, etc. This kind of hardware fingerprinting is something permanent. And preventing it requires willfully slow things down, things I don't expect a general-purpose OS like Qubes to do. Actually this kind of hardware fingerprinting can even be done in javascript, thanks to all the optimizations performed. Basically, the faster (hence closer to the metal) the attacking program runs, the better it can fingerprint your hardware, usually. HTH, Leo PS: Yes, I'm making things look simpler than they are, I know, but it has to fit in an email. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cf7cb182-7a0d-bc4b-079f-cf6046be1de5%40gaspard.ninja. For more options, visit https://groups.google.com/d/optout.
