On Tuesday, September 27, 2016 at 9:14:51 PM UTC-4, Jeremy Rand wrote:
> raahe...@gmail.com:
> > On Tuesday, September 27, 2016 at 5:11:27 PM UTC-4, Jeremy Rand wrote:
> >> raahe...@gmail.com:
> >>> or just only allow https in the vm firewall settings.
> >>
> >> I assume you mean whitelisting TCP p
raahe...@gmail.com:
> On Tuesday, September 27, 2016 at 5:11:27 PM UTC-4, Jeremy Rand wrote:
>> raahe...@gmail.com:
>>> or just only allow https in the vm firewall settings.
>>
>> I assume you mean whitelisting TCP port 443? If so, be aware that while
>> this will stop most non-HTTPS traffic, ther
On Tuesday, September 27, 2016 at 5:11:27 PM UTC-4, Jeremy Rand wrote:
> raahe...@gmail.com:
> > or just only allow https in the vm firewall settings.
>
> I assume you mean whitelisting TCP port 443? If so, be aware that while
> this will stop most non-HTTPS traffic, there is nothing that prevent
On Tuesday, September 27, 2016 at 5:11:27 PM UTC-4, Jeremy Rand wrote:
> raahe...@gmail.com:
> > or just only allow https in the vm firewall settings.
>
> I assume you mean whitelisting TCP port 443? If so, be aware that while
> this will stop most non-HTTPS traffic, there is nothing that prevent
raahe...@gmail.com:
> or just only allow https in the vm firewall settings.
I assume you mean whitelisting TCP port 443? If so, be aware that while
this will stop most non-HTTPS traffic, there is nothing that prevents
other protocols from using port 443. It's a fairly well-known attack on
Tor's
>> Especially if you did the sharing via a separate vpn or ssh tunnel. But
>> in general, I don't think Qubes security should be considered much if
>> any benefit to adjacent non-Qubes systems.
>>
>> Chris
>>
>> > The benefits far outweigh the risks, as long as you don't do most of
>> your
>> > cri
On Sunday, September 25, 2016 at 7:32:34 AM UTC-4, Chris Laprise wrote:
> On 09/25/2016 07:08 AM, johnyju...@sigaint.org wrote:
> >> Let's say I have a Qubes machine connected to a 2nd laptop by Ethernet.
> >>
> >> The Qubes machine is sharing its Internet connection.
> >>
> >> Let's say the Qubes
On 09/25/2016 08:12 AM, johnyju...@sigaint.org wrote:
Chris wrote:
Especially if you did the sharing via a separate vpn or ssh tunnel. But
in general, I don't think Qubes security should be considered much if
any benefit to adjacent non-Qubes systems.
I'm curious as to why you would say this.
Chris wrote:
> Especially if you did the sharing via a separate vpn or ssh tunnel. But
> in general, I don't think Qubes security should be considered much if
> any benefit to adjacent non-Qubes systems.
This is one of my favorite implicit features of Qubes:
Setting up multiple layers of network
Chris wrote:
> Especially if you did the sharing via a separate vpn or ssh tunnel. But
> in general, I don't think Qubes security should be considered much if
> any benefit to adjacent non-Qubes systems.
I'm curious as to why you would say this.
Any additional firewall between a Laptop and the ne
On 09/25/2016 07:08 AM, johnyju...@sigaint.org wrote:
Let's say I have a Qubes machine connected to a 2nd laptop by Ethernet.
The Qubes machine is sharing its Internet connection.
Let's say the Qubes machine gets hit with a DMA attack.
The 2nd laptop is not a Qubes machine, and therefore doesn
> If the Qubes machine is hit by a DMA attack, it is compromised and could
> thus tamper with the forwarded Internet connection however the attacker
> desires. (As well as scraping any credentials you might use in common on
> the Qubes box, and carrying out aggressive attacks on anything on your
>
> Let's say I have a Qubes machine connected to a 2nd laptop by Ethernet.
>
> The Qubes machine is sharing its Internet connection.
>
> Let's say the Qubes machine gets hit with a DMA attack.
>
> The 2nd laptop is not a Qubes machine, and therefore doesn't have VT-D for
> DMA protection.
>
> Can th
On 09/25/2016 02:34 AM, neilhard...@gmail.com wrote:
Let's say I have a Qubes machine connected to a 2nd laptop by Ethernet.
The Qubes machine is sharing its Internet connection.
Let's say the Qubes machine gets hit with a DMA attack.
The 2nd laptop is not a Qubes machine, and therefore doesn'
Let's say I have a Qubes machine connected to a 2nd laptop by Ethernet.
The Qubes machine is sharing its Internet connection.
Let's say the Qubes machine gets hit with a DMA attack.
The 2nd laptop is not a Qubes machine, and therefore doesn't have VT-D for DMA
protection.
Can the DMA attack be
15 matches
Mail list logo
