Showing posts with label QubesOS. Show all posts
Showing posts with label QubesOS. Show all posts

2014-03-01

#privacy not the purpose of #Qubes

2.17: co.cyb/sec/qubes/privacy not the purpose of qubes,
[3.1: intro:
. the Qubes project provides sure isolation
with a hardening of the hypervisor Xen;
you can have several virtual machines (vm) at once
and can safely run a web browser in one vm
knowing it will not infect your other vm's .]

Peter Chin Sat, Feb 8, 2014 at 6:06 AM
Re: [qubes-devel] Digest for qubes-devel@googlegroups.com
This entire project is a total useless waste of time.
Please do due diligence in your research
about all threat levels that actually exist:
The very first compilers that were
created for the design of computers
were already compromised by the time they were used to
compile code for designing even rudimentary computers

2013-12-31

Dell Latitude E6430 #QubesOS #xen #security&freedom

12.31: summary:
. I feel secure on Chromebook with its verified boot;
but that is very limited in what it can do .
. the Qubes OS provides virtualization of linux
that is needed to isolate computer activities
into separate linux virtual machines .
. by providing this "security by isolation"
your web surfing of unsafe sites
can't be exploited to steal your bank's password
because they run on virtually separate machines .
. there is an hcl (hardware compatibility list)
to help you find a computer that Qubes works with;
and it says a Dell Latitude E6430 does work,
but doesn't work out-of-the-box
(it needs some sort of unspecified "tweaking").

2013-11-30

#badBIOS @dragosr vs Mac, Linux and PC

4: cyb/sec/#badBIOS/ 
30: summary:
. malware that spreads via usb devices
can infect other usb devices,
and the problem is not the os;
it is the hardware and usb standards
which expose the os to malware infection .
. Dragos Ruiu talks about a mac infection
which sounds like the one I got;
it prevented me from reinstalling the os;
and it started infecting my chromebook,
but the chrome os was able to clean it up .
. my 2005 ubuntu laptop was not so lucky .
. a laptop in my future that will likely do well
is one running the xen hypervisor,
hardened with the Qubes OS .
(see #Qubes #Xen vs Dragos Ruiu's #badBIOS).

#Qubes #Xen vs Dragos Ruiu's #badBIOS

6: co.cyb/sec/qubes/Xen vs Dragos Ruiu's #badBIOS:
me to qubes-devel 5:41am:
. reading about the #badBIOS infection,
blog.erratasec.com/2013/10/badbios-features-explained.html
I was surprised to learn that all computing accessories
(mouse, trackpad, hub, keyboard, and of course
 flash drives) could have a software-programmable firmware
and this could be infected with malware that could spread
to your next computer if attached to dom0 .
. I was also concerned that a new flash drive malware
-- Dragos Ruiu's #badBIOS --
could infect a next machine without even being mounted;
is this a new threat that xen has yet to adapt to?

2010-12-25

moving qubes`way on the mac

11.07: vm (virtual machine)-based security:
. an intro to security with virtualization
and a getting started manual for mac os x .
 .  this shows how some security experts have agreed,
vmware`Fusion can make the mac more secure .
[2013 update: my mac was destroyed while using
either vmware`Fusion/linux/pdf reader, or a usb stick.]

2010-11-07

before qubes there was mac vmware virtualizing windows


[at the ubuntu forum]/Setting up virtual machines

. I am so thankful this article was pointed out us;
for 2 years I've been using
mac.vmware`fusion to run ubuntu
-- worried about rootkits --
but since recently hearing about
Joanna Rutkowska's expertise in rootkits
I wondered how her setup differed from mine .

. I was suprised she did her online shopping
on a separate machine from her banking;
but she's right, once at macmall (a secure site)
I got my credit card "validated" by a scam;
who knows what else I got?
(I think macmall uses 3rd-party advertizing).

. as for linux having no 3rd-party drivers:
in security terms,
all open source is 3rd-party!
it's a lot of cooks in the kitchen;
complexity increases risk .
. did you know that most of
russia, china, the world,
are using bootleg microsoft?
when the world moves to linux,
the botnets will come for linux next !

. but by the time they do,
we will be saved by ...
# intel's VT-d, TXT, TPM,
# linux (or anything) on the
okL4 verified microvisor
# and using Joanna's system of
5 vm's for each security domain,
-- or Joanna's Qubes

5 vm's for each security level:
# red: browsing random sites, no privacy;
-- expected to get infected;
. I revert it to a known snapshot every week or so.
# yellow: semi-sensitive tasks,
. uses firefox.NoScript to only allow
scripting to a trusted few sites:
online shopping, blogging, etc.
Sure, somebody might do a
man-in-the-middle (MITM) attack against
a plaintext HTTP connection
that is whitelisted by NoScript
and inject some malicious drive-by exploit,
but then again,
Yellow machine is only semi-sensitive
and there would not be a big tragedy
if somebody stole the information from it.
[unless credit cards are used?
maybe that's for green vm?]
# green: https-only, bank's account
. it is quite important to make sure
only HTTPS is used for this machine
to mitigate potential MITM attacks;
for example, on any hotel Wi-Fi.
. don't use the host's browser as a Green machine:
[the host is a huge attack vector;
and, all the attacks are coming from online;
so, take it offline .]
# where to keep one's email client:
[with separate personal and work vm's;
both have mozilla mail;
work needs a noscript browser]

other tips:
#handling updates:
[getting prompt updates for each guest vm
dramatically reduces the number of attacks .]
# clipboard:
[every guest can be logging the clipboard .]
transfer of files between vm's and host:
[more networking is more risk .]



2010-06-01

SOA-style security for linux

news.addn/security/soa for linux:

5.6:
OpenVZ is container-based virtualization for Linux
. this is what could make linux
more secure than mac ? 5.13:
another layer of security wouldn't hurt,
but openVZ is just the open engine for
for a closed product from Parallels .
. Qubes has a complete open betaware isolation solution .

5.13: web:
Qubes is an open source operating system
designed to provide strong security for desktop computing.
Qubes is based on Xen, X Window System, and Linux,
and can run most Linux applications
and utilize most of the Linux drivers.
qubes-os.org/trac/wiki/SourceCode
qubes-os.org/gitweb/
qubes-os.org/trac/wiki/InstallationGuide
In the future it might also run Windows apps.
. critique at threatpost.com .

5.13:
Secure Virtualization Using SELinux (sVirt):
"(Crackers have already broken though the xen hypervisor,
as I documented in one of my previous blogs.

Adventures with a certain Xen vulnerability (pdf)
was just published which contains a Xen vulnerability
which allows a process in a virtual machine
to attack the host machine,
and SELinux is pretty much a speed bump in his way.
3.4
What actions are available for an uid 0 process
running in thesystem u:system r:xend t:s0 context?
It turns out that default SELinux policy allows very few.
For instance, we cannot write to system configuration files,
nor load kernel modules.
However, qemu-dm processes also implement
virtual block devices for HVM guests,
and these devices can be backed by raw disk partitions.
In order to make it possible,
the default SELinux policy grants xend t domain
the read-write access to all disk partitions.
The relevant lines in the SELinux reference policy
(from the default selinux-policy-3.0.8-44.fc8.src.rpm)
are: storage_raw_read_fixed_disk(xend_t)
storage_raw_write_fixed_disk(xend_t)
Particularly, qemu-dm (so, the shell executed from it as well)
can write to the blocks on the root filesystem.
Through the use of fixed disk the attacker
is able to trick the host operating system
into loading kernel modules that can take over the machine.
If we had forced the users to label the physical disk partitions,
this vulnerability would not have been exploitable.
Lesson learned.
When it comes to virtualization going forward,
I plan on forcing the user to apply the correct labeling.
KVM/QEMU have nice process separation
and make confinement easier.
virt_manager and libvirt are being built with SELinux
understanding in them.
virt_manager will setup the labeling correctly
when virtual images are installed
and libvirt will make sure they run in the correct domain
when they are launched.
In the future we want to protect not only the host machine
from the virtual machines,
but the virtual machines from each other.
Watch for information on in the future

In conclusion,
as we move towards more widespread use of virtualization,
we should avoid making compromises in security
for the sake of usability,
but work toward making security usable.) .
Want to know how to make Linux really secure?
http://www.linuxsecurity.com/content/blogcategory/171/167/
Security Enhanced Linux (SE Linux),
a system of security policies developed by the NSA,
lets you secure Linux at every level from the kernel up.
Find out how EnGarde Secure Linux and others
build and maintain a truly secure server environment.

secure virtualization with MAC
selinuxproject.org/page/SVirt