[Cialug] Qubes
David Champion
dchamp1337 at gmail.com
Mon Dec 4 16:10:02 UTC 2017
It seems like the trend is moving in KVM's favor, not Xen. For example, AWS
recently announced they're moving to KVM. Looks like Qubes runs Xen?
I've been running KVM for a couple of years for my personal stuff, seems to
be very solid.
-dc
On Mon, Dec 4, 2017 at 9:12 AM, Theron Conrey <theron at conrey.org> wrote:
> > It seems to me like if your OS gets compromised your files will be too,
> > so as far as I know the hypervisor won't really help with security.
>
> Ah. So, that's false. It's not the hypervisor ONLY that makes a security
> profile. I run kvm w/ selinux, and Redhat docs walk through why this is
> preferable. The reality is that a type 1 hypervisor doesn't have to run
> under every OS, but having a secure hypervisor avaible for a single VM does
> make sense in certain scenarios. On top of that, it can be done securely.
>
> -theron
>
> > On Dec 3, 2017, at 11:18 PM, Pawel <pdarowski at gmail.com> wrote:
> >
> > So what's the reason for running a type 1 hypervisor underneath a single
> > OS? It seems to me like if your OS gets compromised your files will be
> too,
> > so as far as I know the hypervisor won't really help with security. Type
> 1
> > hypervisors do make sense to me if you're running multiple operating
> > systems simultaneously.
> >
> > Curious,
> > Pawel
> >
> >> On Fri, Dec 1, 2017 at 12:50 PM, Dave Hala <dave at 58ghz.net> wrote:
> >>
> >> I'd choose Cubes because they have a cooler website and a catchier name.
> >> <g>
> >>
> >> :) Dave
> >>
> >> On Fri, Dec 1, 2017 at 12:22 PM, Nicolai <nicolai-cialug at chocolatine.
> org>
> >> wrote:
> >>
> >>>> On Fri, Dec 01, 2017 at 06:23:12PM +0100, Claus Niesen wrote:
> >>>> Why would you consider Qubes over OpenBSD?
> >>>
> >>> As an OpenBSD user, I'm interested in Qubes because it does some things
> >>> that OpenBSD doesn't do, or that OpenBSD does differently. And I think
> >>> that at least some of these capabilities can be massaged into OpenBSD
> to
> >>> form a better system than either one alone. I'm a big believer in the
> >>> Bruce Lee quote, "Adapt what is useful, reject what is useless, and add
> >>> what is specifically your own."
> >>>
> >>> Nicolai
> >>> _______________________________________________
> >>> Cialug mailing list
> >>> Cialug at cialug.org
> >>> http://cialug.org/mailman/listinfo/cialug
> >>>
> >>
> >>
> >>
> >> --
> >> NIFCAP -The Premier Client Intake System for Non-Profit Organizations.
> >> _______________________________________________
> >> Cialug mailing list
> >> Cialug at cialug.org
> >> http://cialug.org/mailman/listinfo/cialug
> >>
> >
> >
> >
> > --
> > *</Pawel>*
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
More information about the Cialug
mailing list