Attacker can use either a vulnerability in the card (if they know a suitable one), regardless it is Ethernet or wlan, or they also might try to exploit a legitimate feature. However, if you have VT-d supported by your CPU, motherboard and BIOS, you should be safe against such attacks.
When Qubes is compromised, attacker can: * Learn something from your timezone and DST mode (which is also partially leaked by your activity over day). * Learn potentially pretty much from what you type etc. * Record audio (including your voice) from microphone if connected * Abuse any wireless capabilities for geolocation. Most usable seems to be WiFi (Google location services) and mobile networks (even if there is no SIM inserted), but others (e.g. Bluetooth) might be also abused. This list is not complete, but it indicates that compromised Qubes can be easily game over even with your separate Tor setup. This is true especially for laptops, where it might be hard to remove all the bad input devices. Note that you would also have to manage security of the Tor bridge, including security updates. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9c74bd59-07cc-4eb5-bbdb-959be26182e2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.