[qubes-users] New type of secure encryption is open sourced
There is a new type of secure encryption developed by IBM that has been open sourced. It will soon be available for Linux. Unlike other encryption types, this one allows users to query data and receive info from it without having to decrypt it or reveal the user's details like location, etc. It can also encrypt certain parts of data to keep it from prying eyes. It seems to be most suited to sensitive data kept in the cloud, and for group developer work. But it might also be useful for protecting sensitive data within a security-focused OS, like Qubes. https://developer.ibm.com/blogs/new-open-source-security-tools-let-you-develop-on-encrypted-data/ https://devops.com/ibm-releases-fully-homomorphic-encryption-toolkit-for-macos-and-ios-linux-and-android-coming-soon/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d9156f20-9352-434b-baab-3d0604f76eaao%40googlegroups.com.
[qubes-users] Re: "Qubes Air: Generalizing the Qubes Architecture" by Joanna Rutkowska
some considerations: * Raspberry Pi, beagleboard, USB armory, etc are very low-powered devices (in both CPU & RAM). So running Qubes software on them at a productive speed will be a challenge. * You're saying that laptop hardware specs are a problem for users. But remember we had the problem of wireless modules still broadcasting after being turned "off". So we needed laptops with wireless hardware switches to be more certain that we couldn't be hacked. But now you are asking us to again trust ordinary laptops and tablets that may not have hardware switches. * In reality, you are also changing from "deployment and virtualization" as a single point of failure to "wireless" as the single point of failure. For example, WPA2 has been declared insecure (hackable), with WPA3 being necessary as a replacement. But, amazingly, WPA2 is still being "patched" by manufacturers who think it's still acceptable - so how long will it take for WPA3 to become ubiquitous? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/14b5f8d3-8807-442c-8a88-9a2685ec4fde%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Uber privacy tool for databases
Uber has released an open source privacy tool for databases that could be of interest to Qubes users. https://www.gizmodo.com.au/2017/07/uber-unveils-new-privacy-tool-that-protects-individual-user-data/ https://github.com/uber/sql-differential-privacy https://arxiv.org/pdf/1706.09479.pdf -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/453df546-3fba-4400-a839-0651bb08eb2d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] malware targets CPUs with VPro
Microsoft has found malware that targets Intel's VPro technology: https://www.bleepingcomputer.com/news/security/malware-uses-obscure-intel-cpu-feature-to-steal-data-and-avoid-firewalls/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/11041178-9a37-4138-8569-23a7a16d0d97%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] USG - AFirewall For USB's
If you remove the wireless module from a laptop, then connect a USB wifi adapter (or bluetooth adapter) to a USG and plug the two into the laptop, could a (future?) USG act as a hardware firewall for the wifi device (or bluetooth device)? For example, Deter MAC address scanning? Deter portscanning and rogue packets being sent to ports? Deter man-in-the-middle hotspot attacks? Or deter bluetooth hacking attempts? etcetera. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e2bf54b7-8d48-4e96-9317-c0579d049429%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] new air-gapped security distro
There's a new air-gapped security distro that is just CD-sized and loads into RAM. It also recognises the threat of wirelessly leaked data. Unfortunately, it's only bitcoin-focused, but it is Debian-based and has a web browser, so it could be useful. https://bitkey.io -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fd42a790-b2a6-43bb-9c02-d11e8963249c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Snowden plans a wireless hardware security device
"Isn't a laptop wireless hardware switch simpler?" No, it only provides one-third of the functionality that is required to fully secure the radio: This is the situation at the moment: 1. A hardware switch for the motherboard. 2. A software combo switch which you must engage after bootup to fully turn off the radio. 3. Then you have to install software like "rfkill" to check the wireless status. This is insufficient because sometimes you forget the key combo, which leaves the wireless broadcasting. Some computers don't have a hardware switch at all, while some have a fake hardware switch, so the wireless is always on in some capacity. And on some computers it's difficult to turn off bluetooth via software. A hardware device provides all the appropriate functionality for all wireless devices (wifi, bluetooth, etc.) in one product - including feedback, kill, and the security of tamperproof hardware. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/aa2ab5a0-055c-4559-b882-999e8d7d74dc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Snowden plans a wireless hardware security device
Edward Snowden and a hardware hacker have developed plans for a hardware device to monitor wireless signals on the iphone6. This lets the user know whether the phone's radio/s are actually on or off as it can be hard to tell otherwise. (He even mentions an anit-evil maid aspect to the design.) Wireless hacking / malware ain't no joke, as a female journalist was recently killed in Syria by having her phone wirelessly tracked to facilitate a strike to silence the media. What we need now is a version to fit on a laptop / netbook / PC - and since the design is open-source, that might be possible. https://www.wired.com/2016/07/snowden-designs-device-warn-iphones-radio-snitches/ http://boingboing.net/2016/07/21/ed-snowden-and-andrew-bunnie.html -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cef39eeb-944f-4a84-86ed-cdccf2f8f911%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] security app suggestions if some coders are interested
There are some people - like Eva Star - developing some apps/scripts for Qubes. I would like to make a couple of suggestions for coders who might like a development challenge. * A GUI applet for the CLI program "rfkill", that is enabled on the desktop (or management console) by default to easily show the on/off status of network devices. (I don't think this would be too difficult.) * An app to scramble or obscure the network ports, which can be set to automatically start on bootup to give immediate protection. There a few such (CLI) apps available, but an improved GUI-based one would be even better. Any help in this area for victims of wireless hacking would be appreciated. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/140d14bb-20d4-4a12-91bb-051c27b0ecd4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.