On 1/24/20 6:07 PM, Demi M. Obenour wrote:
If an AppVM is compromised, is truncating its private volume (which is
documented) enough to restore it to a trustworthy state? Obviously,
this loses all data on that volume, but the cases I have in mind are
where a DispVM template was accidentally started itself, rather than
a DispVM based on it.
I'm not sure what the case is for a DispVM template.
For regular AppVMs check out my Qubes-VM-hardening project at my github
url below. It aims to make the initial startup state trustworthy by
removing and controlling any hooks malware could use to persist on startup.
--
Chris Laprise, [email protected]
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/d0889b14-6249-8ff3-1608-31327c505463%40posteo.net.
