Re: [qubes-users] New Foreshadow exploits CPU bug
On 08/21/2018 11:39 AM, taii...@gmx.com wrote: > SGX is another ME service slash intel marketing gimmick invented for DRM > not security. > > If the person who purchased the computer can't examine the VM's running > on it then they are not owning it simply licensing it which is why SGX > is a bad technology and people shouldn't buy x86. Consider you want to deploy your things in the cloud, eg. because it's less expensive. Then I guess you would actually like to not have to trust the cloud provider :) You still have to trust Intel for actually doing what they promise, but you have to trust the processor manufacturer at some point anyway. Not saying SGX actually meets its promises, though, just reacting to your second paragraph. There are use cases for having the person who owns a computer not being able to examine VM's running on it. Whether you want or not to use or have them is a different question. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b3d6a5d2-215b-ac7e-28b5-d50b01ff77b3%40leo.gaspard.ninja. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Critical PGP bugs. Do they possibly affect Split-GPG in Qubes?
On 05/16/2018 11:20 PM, Ilpo Järvinen wrote: > On Wed, 16 May 2018, taii...@gmx.com wrote: > >> On 05/15/2018 01:22 AM, john wrote: >> >>> On 05/14/18 14:58, Ángel wrote: This paper is most interesting for the discovery of multiple ways email client leak information on visualization. (not clearly stated in the paper: some of them are already fixed, while in other cases the developers are still working on providing them) Luckily, with Qubes it is easy to set a firewall rule so that your email AppVM can only contact with your email server. NB that some of these leaks are dns-based, so ideally you would not allow it to perform any dns query, either. Best regards >>> can you give an example to the steps to make such a fw rule, if >>> it's that simple please ? >> I would suggest simply only allowing the ports you need for your email >> client. > > It's much less secure approach than blocking all but the email server > address. With a port filter, the attacker only needs to use that same > port for the attack to succeed. That's true, except HTML engines like the ones used by this attack should disallow eg. loading an image from port 25. For instance, firefox blocks at least ports 993 and 587, the only two that should be used by a reasonably recent and secure email setup. So that's not a solution against an arbitrary attacker, but that's a solution against the currently-spoken-about attack. BTW, if you really want to protect yourself from an arbitrary attacker, you'll want to protect against an attacker that has root on your email VM. And that means 1/ setting firewall rules in the FirewallVM, not in the email VM, as the latter could just be removed by the attacker 2/ all kinds of hardening against side-channels for compromised VM communication, that are currently not possible with Xen (and possibly not even with any widely-spread hypervisor, as that would likely entail a huge performance cost) Another solution for 2/ could be to never run the email VM at the same time as another potentially-compromised VM, but that very much restricts what you can do. And that can maybe (now that's all hypothetical) still be by-passed with side-channels through eg. LVM's thin pool allocator, as IIRC Qubes4 uses LVM thin pools as storage backend. (still haven't migrated…) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/436c6811-9ca0-bd0b-0c21-f2097248d43c%40leo.gaspard.ninja. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Critical PGP bugs. Do they possibly affect Split-GPG in Qubes?
On 05/14/2018 02:45 PM, mossy wrote: > embargo broken early, attack/vulnerability details here -- > https://efail.de/ > > (and yes it seems like disabling HTML will mitigate the most > reliable/least complex attacks) Incidentally, the GnuPG press release, that raises the point that the paper may not be totally correct: https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060334.html Also if I understand correctly the latest exchanges from the GnuPG ML, Enigmail 2.0 is safe from attack except for 3DES ciphertext, so the attack could there only turn enigmail as a 3DES-ciphertext-decrypting oracle. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e69a90c3-0c95-2ece-a356-d2e860b74276%40leo.gaspard.ninja. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Critical PGP bugs. Do they possibly affect Split-GPG in Qubes?
I can't tell for sure for not having read the paper, but it sounds like too much hype for vulnerabilities not so important: https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060317.html https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html (Werner being the maintainer of GnuPG) So I wouldn't worry about (but why not disable automatic decryption/verification of incoming emails in the meantime, doesn't cost much) On 05/14/2018 10:33 AM, magionemagi...@gmail.com wrote: > I know that right now details are sketchy but the advice of disabling PGP is > sound at least until we get to know more information, especially since it's > coming from reputable researchers and the EFF (links below but I guess > everybody here already knows about that), so obviously that there is ground > for worry. > > Do any of the Qubes users or devs know more at present about this issue or > have advice to provide, aside from waiting for the publication of the > research paper tomorrow morning (15th of May) and stopping using Split-GPG > for the time being as a precaution? > > https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now > > https://arstechnica.com/information-technology/2018/05/critical-pgp-and-smime-bugs-can-reveal-encrypted-e-mails-uninstall-now/ > > Thanks. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/55413b21-14d9-b470-37c1-55433c1db6cf%40leo.gaspard.ninja. For more options, visit https://groups.google.com/d/optout.
