zlacker

[parent] [thread] 3 comments
1. mike-c+(OP)[view] [source] 2012-09-04 11:42:17
It doesn't seem to support using full disk encryption during installation. I like the way it sandboxes things, but I'm not giving up full disk encryption for it.
replies(2): >>mike-c+dw >>signif+Fw
2. mike-c+dw[view] [source] 2012-09-04 19:27:41
>>mike-c+(OP)
I left a comment on the blog about this 7 hours ago. Seems it hasn't been approved but other comments have. Strange.
3. signif+Fw[view] [source] 2012-09-04 19:33:22
>>mike-c+(OP)
Look again.

LUKS is used for all filesystems. Qubes was specifically engineered to block the Evil Maid scenario and similar vectors for notebooks. See pg. 31 from http://qubes-os.org/files/doc/arch-spec-0.3.pdf:

"There are several things that all together make the storage secure in the Qubes architecture:

1. Confidentiality, understood as preventing one VM from reading other VMs data

2. Confidentiality, understood as preventing access to the data when the machine is left unattended (full disk encryption, resistance to Evil Maid attacks, etc)

3. Integrity, understood as preventing one VM from interfering with the filesystem used by other VMs

4. Security non-critical role: a potential compromise of the storage subsystem doesnʼt result in other system components, like other VMs, compromise. Storage subsystem is not part of the TCB in Qubes OS."

See also, Section 7.1 System Boot Process, and 8.5 Resistance to Physical Attacks (or just search for "disk encryption").

replies(1): >>mike-c+kC1
◧◩
4. mike-c+kC1[view] [source] [discussion] 2012-09-05 17:23:56
>>signif+Fw
Strange. I went through the install process in a VM and quit out when it started writing a filesystem without making any mention of disk encryption.
[go to top]