zlacker

[return to "Qubes – Secure Desktop OS Using Security by Compartmentalization"]
1. mrotte+Bl[view] [source] 2014-10-08 22:29:46
>>tete+(OP)
While I am all for virtualizing, it doesn't help security. It just moves the exploit from your OS into your hypervisor. Even worse, you add a whole new level of exploitable code.
◧◩
2. na85+Mm[view] [source] 2014-10-08 22:47:52
>>mrotte+Bl
I take it you've not heard of the phrase "defensive depth".
◧◩◪
3. mrotte+0p[view] [source] 2014-10-08 23:31:40
>>na85+Mm
The difference here is, you might feel safer but you are still in the exact same position as before, a bug in your hypervisor/Meta-OS screws you. I'd argue that is a harmful comfort.
◧◩◪◨
4. Elhana+HG[view] [source] 2014-10-09 06:35:46
>>mrotte+0p
The idea is that hypervisor is significantly smaller than the OS/kernel, so there will be less bugs. Not that they never happen, Xen had one recently.
[go to top]