2014-11-26

#cyber #security @rootkovska #qubes vs @Bruce_Schneier @schneierblog

11.22: co.wired.com/cyb/sec/qubes/
comments @ wired.com/2014/11/protection-from-hackers/
in defense of qubes
what makes Qubes more secure than Virtualbox?
the Xen and Qubes Project employs a Type 1 Hypervisor
– a hypervisor that runs on bare metal
rather than within an existing operating system kernel.
Xen and Qubes thus have a smaller TCB (trusted code base)
and less code to break in than Virtualbox .
secman888:
This article made me cringe so much... Idiocy at its best!
This metahacker puts OS inside spyware... WHAT?!
Put notepad inside citadel... suuure...
Using virtualization to isolate infections
has been used for security (and malware analysis)
for more than 10 years already...
This metahacker should change careers and write cheap science fiction.
Perhaps then it wouldnt be so pathetic...
. And no, it does not protect you from NSA,
because BIOS implant will still work just as good.
. Such articles only spread disinformation,
and teach uninformed population of made up meaningless buzzwords.
If you ever want to tell someone this story, please dont.
It is pure nonsense written by someone who
just wants to sound smart,
without actually having knowledge on the matter.
.
P.s if you want to see good security advice / tech,
look up bruce schneier blog.
Schneier heard of badUSB?:
Schneier`how to beat the NSA/advice #3:
"Assume that while your computer can be compromised,
it would take work and risk on the part of the NSA
-- so it probably isn't. If you have something really important,
use an air gap.
Since I started working with the Snowden documents,
I bought a new computer that has never been connected
 to the Internet. If I want to transfer a file,
I encrypt the file on the secure computer
and walk it over to my Internet computer,
using a USB stick. [GOTCHA]
To decrypt something, I reverse the process.
This might not be bulletproof, but it's pretty good.
"
ALSO he says:
"And I'm still primarily on Windows,
unfortunately. Linux would be safer."
-- and linux is a monolithic OS full of holes;
Xen and Qubes are much safer than linux .

Schneier`air-gapped harder than I expected:
"Install the minimum software set you need to do your job,
and disable all operating system services that you won't need"
[ that is what Xen and Qubes do .]
" When you set up your computer,
connect it to the Internet as little as possible."
[ how about connect virtually not at all?
that is what Qubes does .]