zlacker

[return to "Qubes OS: A reasonably secure operating system"]
1. snvzz+D3[view] [source] 2017-11-19 17:00:09
>>ploggi+(OP)
Their weakest point is the hypervisor, Xen, which while a better choice than Linux/KVM, is still extremely bloated and has a poor security history.

Thankfully, better designs such as seL4's VMM do exist, although it might need a little more work [1] until usable for the purpose.

[1] https://sel4.systems/Info/Roadmap/

◧◩
2. dijit+c4[view] [source] 2017-11-19 17:07:05
>>snvzz+D3
Could you clarify "Better choice"?

I've been using KVM/Xen/VMware for some time and always enjoyed it. And since Amazon and Google especially are going all in on KVM I'm surprised to hear the Xen is a better choice.

◧◩◪
3. snvzz+o6[view] [source] 2017-11-19 17:28:46
>>dijit+c4
>Could you clarify "Better choice"?

KVM is, like VMware, a Type 2 hypervisor. [1]

Xen is a proper Type 1 hypervisor.

[1] https://microkerneldude.wordpress.com/2010/10/14/much-ado-ab...

◧◩◪◨
4. theoss+08[view] [source] 2017-11-19 17:43:09
>>snvzz+o6
Why is a type 1 hypervisor instantly considered more secure though? I'd assume using Linux, instead of rolling your own code to interface with hardware, would make you more secure?
[go to top]