On 08/21/2018 11:39 AM, taii...@gmx.com wrote:
> SGX is another ME service slash intel marketing gimmick invented for DRM
> not security.
>
> If the person who purchased the computer can't examine the VM's running
> on it then they are not owning it simply licensing it which is why SGX
> is a bad
On 05/16/2018 11:20 PM, Ilpo Järvinen wrote:
> On Wed, 16 May 2018, taii...@gmx.com wrote:
>
>> On 05/15/2018 01:22 AM, john wrote:
>>
>>> On 05/14/18 14:58, Ángel wrote:
This paper is most interesting for the discovery of multiple ways email
client leak information on visualization.
On 05/14/2018 02:45 PM, mossy wrote:
> embargo broken early, attack/vulnerability details here --
> https://efail.de/
>
> (and yes it seems like disabling HTML will mitigate the most
> reliable/least complex attacks)
Incidentally, the GnuPG press release, that raises the point that the
paper may
I can't tell for sure for not having read the paper, but it sounds like
too much hype for vulnerabilities not so important:
https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060317.html
https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html
(Werner being the maintainer of GnuPG)
On 03/08/2018 02:12 PM, Ed wrote:
> [...]
>
> Are you passing the device through to another VM?
>
> The USB pass-through method has given me issues in the past for devices
> that use a lot of bandwidth (webcams), though you are saying data is
> lost after only a few bytes, I still might be
On 01/12/2018 12:45 PM, 'awokd' via qubes-users wrote:
> On Fri, January 12, 2018 8:59 am, Ph.T wrote:
>> . my initial motivation for ARM was that
>> intel seemed more prone to #spectre than ARM;
>> https://developer.arm.com/support/security-update
>> "majority of Arm processors are not impacted
Am I the only one to notice you brought up POWER/TALOS something like
five times in the last week, even when the thread originally had nothing
to do with it (like this one)?
I get it you're enthusiastic about an open processor getting actually
used (unlike RISCV) (and must say I am too), but it's
On 12/27/2017 07:38 PM, taii...@gmx.com wrote:
> On 12/26/2017 06:34 PM, Leo Gaspard wrote:
>
>> (disclaimer: I once was an intern for Mozilla, though I do not have any
>> bond with Mozilla right now)
>>
>> tl;dr: please do google for “looking glass” and “mozilla”
On 12/26/2017 03:25 PM, 'Tom Zander' via qubes-users wrote:>>
"Personally, I' d avoid thunderbird and anything from mozilla, but thats
>> just me."
>> Do they have a bad track record(I planned on researching my apps later
>> =p).
>
> Just last month they added an invisible plugin in their binary
On 12/03/2017 04:02 AM, Andrew David Wong wrote:>> No, a Google Account
is not required. Many people who use the
>> Qubes mailing lists never create one. If you're subscribed to one
>> of the lists, you should be receiving every message sent to that
>> list. (Of course, you won't retroactively
On 12/02/2017 03:11 AM, taii...@gmx.com wrote:
> On 11/23/2017 07:55 AM, Leo Gaspard wrote:
>
>> Can you please avoid ranting against secure boot once again?
>>
>> Secure boot is *not* useless. It *does* bring security benefits,
>> although not as good as measure
On 11/23/2017 03:35 AM, taii...@gmx.com wrote:
> On 11/22/2017 07:25 PM, xeph...@gmail.com wrote:
>> This is quite late, but now that UEFI is supported...is secure boot?
>> Wasn't quite sure what key or signature to import.
> Why are all the newbies here so obsessed with a microsoft technology?
>
On 11/12/2017 10:43 AM, Yuraeitha wrote:
>> As for quantum networks, they are slightly more obtainable than, say,
>> moon rockets.
>
> [...]
> Given the fiber internet network might be able to carry these signals, it's
> not farfetched to imagine we'll start to have portions of Quantum internet
On 11/09/2017 12:27 PM, blacklight wrote:
> On Wednesday, 8 November 2017 20:52:14 UTC, Guerlan wrote:
>> My computer complains about bad signature when I try to install qubes. Is
>> there a way to install it without disabling secure boot? Does qubes support
>> secure boot? Is there a way to
On 09/19/2017 02:23 PM, taii...@gmx.com wrote:> It is impossible to have
storage communication between VM's, that would
> be a separate security issue.
> On timing attacks or w/e - you may be able to avoid cross communication
> by putting every AppVM on a separate core of a many core CPU such as
On 09/18/2017 09:27 PM, jes...@gmail.com wrote:
> Thank you Micah and Michał, but I am not actually asking about a standard as
> strong as 100% bulletproof anonymity or anything. I really am just concerned
> about whether any of the methods on that list that I linked to would be
> enough to
On 09/08/2017 04:51 AM, taii...@gmx.com wrote:
> One can use coreboot with grub's kernel signing features on an owner
> controlled non PSP/ME PC such as the Lenovo G505 (laptop) or KCMA-D8
> (workstation), then after coreboot is working you enable the flash write
> restriction so that it can't be
On 08/29/2017 04:01 PM, cooloutac wrote:
> On Monday, August 28, 2017 at 6:36:08 PM UTC-4, Leo Gaspard wrote:
>> Just encrypting /boot would bring little, as it would still be possible
>> to modify the unencrypted part of GRUB (that decrypts /boot) to have it
>> overwrite the
Just encrypting /boot would bring little, as it would still be possible
to modify the unencrypted part of GRUB (that decrypts /boot) to have it
overwrite the /boot with malicious kernel images (or even to not use the
ones provided).
The options I know of are (from IMO strongest to weakest):
*
On 04/14/2017 06:00 AM, Reg Tiangha wrote:
> On 04/13/2017 09:33 PM, cooloutac wrote:
>> On Thursday, April 13, 2017 at 11:26:07 PM UTC-4, cooloutac wrote:
>>> So probably the kernels are not actually vulnerable, They fixed it a year
>>> ago with patches, and with Qubes you assume this sort of
20 matches
Mail list logo
