On Friday, February 8, 2019 at 7:07:53 PM UTC-5, Chris Laprise wrote:
> On 2/8/19 5:12 AM, Francesco Frassinelli wrote:
> > > The issue you mention is more about trust in employees, the trust
> > model, than about selected OS in usage.
> >
> > The problem is that there are cryptolockers, phishing email, and so on,
> > and some users are more vulnerable than others (a developer has a
> > different background compared to an accountant), but it has been decided
> > that is better not to differentiate between users ("your colleague can
> > install whatever you want and you cannot") and keep a stricter security
> > policy allowing only pre-approved OS on the internal network.
>
> Thinking about the threat model, qubes-fan's advice makes a lot of sense.
>
> With a regular Windows laptop the company admins are already trusting
> you with physical access. That is a lot of power. So the question is why
> wouldn't this trust extend to a Windows VM on Qubes, which has superior
> protection from any remote attacks?
Because the company doesn't control dom0.
Typically Management/admins:
a) trusting you with physical access
b) expecting you to limit your behavior, contractually limiting your use of the
device and contents (e.g. "do not install non-approved software", "do not
connect non-approved devices", "do not sell customer data to third parties",
c) sometimes also monitoring certain logs and/or events that trigger on
breaches of some of these demands (as well as on malware), logs that the user
are generally locked out of modifying and sometimes even accessing.
d) enforcing at-rest data security policy (e.g. centrally-administered full
disk encryption), for corporate or regulatory reasons (E.g. HIPAA).
** Much of the above only reliably works for the company if they control dom0.
**
If the *user* controls dom0, the user may become an adversary from their
perspective. dom0 can pause/inspect the windows VM, extract/inject data/code,
etc., even if the VM has centrally managed encryption within the VM.
That's why OpenXT/XenClient XT/NxTop seems like a better fit for enterprise
use, at least from the perspective of the computer/data owner (not the
perspective of user freedom, of course).
Brendan
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/482bb706-c114-46cc-82bc-41531a1a1549%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
