zlacker

[return to "Qubes – Secure Desktop OS Using Security by Compartmentalization"]
1. mrotte+Bl[view] [source] 2014-10-08 22:29:46
>>tete+(OP)
While I am all for virtualizing, it doesn't help security. It just moves the exploit from your OS into your hypervisor. Even worse, you add a whole new level of exploitable code.
◧◩
2. vidarh+eo[view] [source] 2014-10-08 23:19:20
>>mrotte+Bl
That's nonsense. It doesn't automatically help security.

But compartmentalization does mean that barring a hypervisor exploit, each exploit can potentially be prevented from affecting more than a small part of the system.

I care a whole lot less if Chrome is exploited if it can't access my ssh keys, for example (not that I wouldn't still care, but the potential damage would be limited).

[go to top]