zlacker

[return to "QubesOS – A reasonably secure operating system"]
1. legran+Bf[view] [source] 2023-07-11 19:15:18
>>TheFre+(OP)
What kind of threat model requires someone to use Qubes? I know Snowden uses it and there's even a testimonial of him on the Qubes site recommending it. Is this for people on 'lists' or are high value targets because they visited the wrong site or said something the authorities didn't like and their machines are now being targeted?
◧◩
2. Syonyk+3j[view] [source] 2023-07-11 19:31:14
>>legran+Bf
> What kind of threat model requires someone to use Qubes?

"Not trusting modern software to be correct nor secure" is sufficient.

I do almost all my web browsing in disposable VMs with no access to interesting things like my password manager, email, SSH keys, etc. I also run JITless (disable Javascript JIT engine), because those are a common attack point on browsers.

If you compromise my browser from a random site, you get nothing of interest. Even if you pop the kernel. You still have to get through Xen to get to anything I consider of value.

[go to top]