[Cialug] Qubes

Theron Conrey theron at conrey.org
Mon Dec 4 15:12:04 UTC 2017 

> It seems to me like if your OS gets compromised your files will be too,
> so as far as I know the hypervisor won't really help with security.

Ah. So, that's false. It's not the hypervisor ONLY that makes a security profile. I run kvm w/ selinux, and Redhat docs walk through why this is preferable. The reality is that a type 1 hypervisor doesn't have to run under every OS, but having a secure hypervisor avaible for a single VM does make sense in certain scenarios. On top of that, it can be done securely. 

-theron

> On Dec 3, 2017, at 11:18 PM, Pawel <pdarowski at gmail.com> wrote:
> 
> So what's the reason for running a type 1 hypervisor underneath a single
> OS? It seems to me like if your OS gets compromised your files will be too,
> so as far as I know the hypervisor won't really help with security. Type 1
> hypervisors do make sense to me if you're running multiple operating
> systems simultaneously.
> 
> Curious,
> Pawel
> 
>> On Fri, Dec 1, 2017 at 12:50 PM, Dave Hala <dave at 58ghz.net> wrote:
>> 
>> I'd choose Cubes because they have a cooler website and a catchier name.
>> <g>
>> 
>> :) Dave
>> 
>> On Fri, Dec 1, 2017 at 12:22 PM, Nicolai <nicolai-cialug at chocolatine.org>
>> wrote:
>> 
>>>> On Fri, Dec 01, 2017 at 06:23:12PM +0100, Claus Niesen wrote:
>>>> Why would you consider Qubes over OpenBSD?
>>> 
>>> As an OpenBSD user, I'm interested in Qubes because it does some things
>>> that OpenBSD doesn't do, or that OpenBSD does differently.  And I think
>>> that at least some of these capabilities can be massaged into OpenBSD to
>>> form a better system than either one alone.  I'm a big believer in the
>>> Bruce Lee quote, "Adapt what is useful, reject what is useless, and add
>>> what is specifically your own."
>>> 
>>> Nicolai
>>> _______________________________________________
>>> Cialug mailing list
>>> Cialug at cialug.org
>>> http://cialug.org/mailman/listinfo/cialug
>>> 
>> 
>> 
>> 
>> --
>> NIFCAP  -The Premier Client Intake System for Non-Profit Organizations.
>> _______________________________________________
>> Cialug mailing list
>> Cialug at cialug.org
>> http://cialug.org/mailman/listinfo/cialug
>> 
> 
> 
> 
> -- 
> *</Pawel>*
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug

More information about the Cialug mailing list