On Wed, Feb 19, 2020 at 04:19:07AM -0800, A wrote: > How well does Qubes OS actually protect against key lockers ?
Through compartmentalization: this means if someone has a successful exploit and installs a key logger only that qube will be affected. Example: - web qube - email qube - project 1 qube (offline) If by clicking on something in the web qube, you end up having a keylogger there, everything you do in the email and project 1 qube should still be invisible for that keylogger Of course, if you got somehow tricked into installing tainted software in dom0 the game is over. An additional level of defense can be achieved by having e.g. your web qube be disposable (not storing state through reboot). That way if you get infected in one session, after you stop/start the qube you are clean again. /Sven -- public key: https://www.svensemmler.org/0x8F541FB6.asc fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200219152445.GA1130%40app-email-private.
signature.asc
Description: PGP signature
