Genode Tails?
Nobody III
hungryninja101 at ...9...
Mon Jun 15 04:59:12 CEST 2015
Well, as far as I can tell, I shouldn't have any hardware implants, but my
computer may very well be compromised by the NSA. Basically, if the Tor
browser is compromised and sending data to the NSA, it isn't protecting
your privacy.
On Jun 14, 2015 8:19 PM, "Jookia" <166291 at ...9...> wrote:
> On Mon, Jun 15, 2015 at 12:48:38AM +0000, Nobody III wrote:
> > Basically, it looks like Genode is about the only way to be NSA-proof.
> Yes,
> > the NSA will likely be able to tell that you're using Genode, but they
> > won't be as able to hack it as with Tails.
>
> Let's not assume there's a silver bullet for security. It's all about
> threat
> modelling, which in turn is all about resources and data. No operating
> system
> will protect you against hardware implants, not even Genode.
>
> Tails' threat model is designed to avoid unwillingly giving off
> distinguishing
> data about the user in communication sessions or to storage. It does this
> quite
> well I think. I'm not sure how Genode could help here.
>
> If you haven't read up on Qubes, you should. It's a brilliant system that
> has a
> design I think Genode is suited for, and perhaps what you're looking for.
> Using
> that design I'd run a desktop with isolated workspaces, mostly offline.
> For the
> small amount of applications that I connect online with, I'd give them
> access to
> Tor as their only network source and a limited file system. If the
> applications
> are compromised, they wouldn't be able to do much aside from thrash about
> before
> I force them to quit.
>
> Qubes OS separates its applications in to a number of partitioned domains
> which
> doesn't really seem that optimal. In the above example with Qubes I'd
> probably
> have all the net applications running in a single domain meaning if my web
> browser was exploited then my other applications such as my instant
> messenger
> and email could be compromised too. Luckily it wouldn't compromise my other
> domains containing things like my personal documents and programming
> projects.
>
> I think Genode could replace the idea of partitioned domains with some
> kind of
> per-process resource policies, meaning I wouldn't have to decide what
> applications shouldn't share but instead what they should. In this case
> they'd
> all have access to the Tor daemon and their own per-process file system
> but not
> each other, further reducing the TCB. From a user's point of view there's
> still
> partitioning, but it's at the resource level rather than domain level.
>
> Of course if you wanted to run GNU applications you could use virtual
> machines
> as domains in a similar manner to what Qubes OS actually does, though you
> lose
> the benefits of reducing the size of your TCB to the necessary parts. This
> would actually be a good stepping stone until Genode has more applications.
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genode.org/pipermail/users/attachments/20150615/e7264382/attachment.html>
More information about the users
mailing list