-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Thu, Dec 22, 2016 at 05:16:15AM -0800, Grzesiek Chodzicki wrote:
> W dniu poniedziałek, 14 listopada 2016 21:25:32 UTC+1 użytkownik Marek
> Marczykowski-Górecki napisał:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA256
> >
> > On Mon,
W dniu poniedziałek, 14 listopada 2016 21:25:32 UTC+1 użytkownik Marek
Marczykowski-Górecki napisał:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On Mon, Nov 14, 2016 at 02:44:40AM -0800, Sec Tester wrote:
> > >
> > > Why not grsecurity/PaX? especially with Qubes 4 switching to HVM
On 11/12/2016 08:58 PM, Chris Laprise wrote:
>
> That was my first reaction, too. But years later, I am so, s glad
> ITL de-emphasized kernel-based security.
>
> If they had kept it as a supported security layer, the
> "security-in-depth" mindset would have dominated most of our
> discussions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Mon, Nov 14, 2016 at 02:44:40AM -0800, Sec Tester wrote:
> >
> > Why not grsecurity/PaX? especially with Qubes 4 switching to HVM (or PVHv2
> > or whatever it's called now), it will apparently work fine.
>
> Nice suggestion. I would certainly
>
> Why not grsecurity/PaX? especially with Qubes 4 switching to HVM (or PVHv2 or
> whatever it's called now), it will apparently work fine.
Nice suggestion. I would certainly welcome its implementation.
Actually looks like there were successful efforts to implement this back in
2013.
On Sunday, November 13, 2016 at 7:51:09 PM UTC-8, Manuel Amador (Rudd-O) wrote:
> On 11/12/2016 03:21 AM, Sec Tester wrote:
> > SELinux or AppArmor.
>
> SELinux would be absofuckinglutely great. Confined apps like Firefox
> would run much more securely.
>
> I got one DispVM owned by an attacker
On 11/12/2016 03:21 AM, Sec Tester wrote:
> SELinux or AppArmor.
SELinux would be absofuckinglutely great. Confined apps like Firefox
would run much more securely.
I got one DispVM owned by an attacker at Defcon in 2014. Isolation was
nice to have because the machine didn't get owned, but the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sat, Nov 12, 2016 at 08:40:26PM -0800, Sec Tester wrote:
>
> > > This might add significant time to the install, but could be a tick box
> > > option, with a note about extra time.
> >
> > I think a better practice along these lines is to
> > This might add significant time to the install, but could be a tick box
> > option, with a note about extra time.
>
> I think a better practice along these lines is to supply the additional
> packages needed to create a desktop-friendly template... alongside the
> minimal template. This
On 11/12/2016 07:48 PM, Sec Tester wrote:
Hi Marek,
On Sunday, 13 November 2016 03:33:50 UTC+10, Marek Marczykowski-Górecki wrote:
They have basically said, Elite hackers can gain root, so lets just not even
bother with this foundational layer of security.
The point is _if_ someone is able
Hi Marek,
>On Sunday, 13 November 2016 03:33:50 UTC+10, Marek Marczykowski-Górecki wrote:
> > They have basically said, Elite hackers can gain root, so lets just not
> > even bother with this foundational layer of security.
>
> The point is _if_ someone is able to run arbitrary code as user,
On 11/11/2016 10:21 PM, Sec Tester wrote:
So Im still new to Qubes, but after going through a bit of a learning curve,
building & customizing VM's to suit my security needs, I have a few thoughts on
its security.
Firstly I really love the direction Qubes has taken the future of operating
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Fri, Nov 11, 2016 at 07:21:18PM -0800, Sec Tester wrote:
> So Im still new to Qubes, but after going through a bit of a learning curve,
> building & customizing VM's to suit my security needs, I have a few thoughts
> on its security.
>
>
So Im still new to Qubes, but after going through a bit of a learning curve,
building & customizing VM's to suit my security needs, I have a few thoughts on
its security.
Firstly I really love the direction Qubes has taken the future of operating
systems, and its has definitely become my OS of
14 matches
Mail list logo