On 10/25/20 10:24 PM, 'J.M. Porup' via qubes-users wrote:
One morning last week, I launched a disposable Debian 10 template with my preset
defaults of no netvm and a blank page preset--but instead a default page of
"https://www.youtube.com/"; appeared. It only happened once, but it was enough.

So to clarify, you launched a dispVM with no networking, and a youtube page was loaded and rendered on screen?

That seems highly unlikely to be an accidental input or glitch.

Does this rise to the standard of journalist proof I'm accustomed to? Of course
not. Would I risk my reputation by writing this email to the qubes-users list
if I was not confident in my assessment? What do you think?

So why am I writing this message? First, and most importantly, there is clearly
a great Qubes 0-day floating around that needs to be found and squashed. But 
if Five Eyes are prepared to risk a Qubes 0-day on a clown, who would they *not*
risk it on? There must be dozens, if not hundreds, of active Qubes implants out
there right now.

Maybe there are other explanations, but you won't know for sure unless you saved the contents of your system in that state.

However, if you're looking for plausible explanations and attack vectors, you should look at side-channels first (I don't think exploiting a side-channel against Qubes would count as a 0-day).

Chris Laprise, tas...@posteo.net
PGP: BEE2 20C5 356E 764A 73EB  4AB3 1DC4 D106 F07F 1886

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 

Reply via email to