> Since the lions' share of Qubes installs are Intel based, I think a > side-channel attack would be the most likely way to breach a Qubes > system.
I thought Spectre and Meltdown have been dealt with by shutting off hyperthreading and updating microcode? Also, the latest CPUs have Spectre mitigation built-in, though this only deals with the earlier variants of the attacks if I remember correctly. > DDR4 memory offers a big attack surface as well Does this refer to the RowHammer (HammerRow?) attack? > OTOH, a state actor wishing to attack a Qubes system might have better luck with the RPM MITM against Fedora that we discussed in another thread. Pretty much my biggest concern right now, though I'm procrastinating on writing the damn script Relevant to the thread: https://arstechnica.com/information-technology/2020/08/nsa-and-fbi-warn-that-new-linux-malware-threatens-national-security/ P.S. I'm not liking this new Google Groups look On Friday, 14 August 2020 at 00:06:42 UTC+8 Chris Laprise wrote: > On 8/13/20 10:59 AM, fiftyfour...@gmail.com wrote: > > If you were tasked with remotely hacking into a default but updated > > Qubes OS system (installation configuration of 4.0.3, but with updated > > templates and dom0), how would you do it? What would you attack? The > > precise objective (e.g. retrieve a PGP key from a vault, read a text > > document, achieve persistence, modify the system) is open--I just want > > to see how people might generally approach this question so I might > > better plug potential holes. > > > > Sorry for the extremely broad question--please think of this as > > something like a 'red team' exercise. > > Since the lions' share of Qubes installs are Intel based, I think a > side-channel attack would be the most likely way to breach a Qubes > system. But also its not just Intel CPUs that are weak here; DDR4 memory > offers a big attack surface as well. Such attacks can be carried out > with javascript from websites. > > OTOH, a state actor wishing to attack a Qubes system might have better > luck with the RPM MITM against Fedora that we discussed in another thread. > > -- > Chris Laprise, tas...@posteo.net > https://github.com/tasket > https://twitter.com/ttaskett > PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/495b0cac-fbee-4a45-93a6-2e56c4ef44a4n%40googlegroups.com.
