Can Qubes protect user from backdoor, that resides in BIOS firmware and device driver?

Yes I did? Is your nick another alias, or this is indeed your very strong reason to make your first post here?

To sum up this marvelous thread: @newbie has been stalked by only one retard, but @nico is being stalked by an entire gang of perverts. :rofl:

Seriously, what makes you two that interesting? Why should NSA employees have to do overtime for you?

And while we are at it I would like to advice against the use of drugs once more.

https://journals.sagepub.com/doi/10.1177/0020764018801690

THC side effects are commonly underrated.

First this terrible interruption of supply chains, now the sock puppets are becoming scarce. These are desperate times. :wink:

I agree that the thread should be closed, it has wandered off-topic and is unlikely to generate any further Qubes specific value.

2 Likes

imo, my thread is not under user support, or bug fix category, that requires closing,
but under discussion category, which is in my opinion, as a discussion,
it can pause or continue at any time,

i saw freedom-roadmap in purism website that inspires me,
which make me think that, we all are on the same path,
Qubes, Purism, Insurgo, Heads, Coreboot, AOSP, FOSS, etc
all are on the struggle to freedom, privacy, & security.

In my opinion, maybe in this struggle, at least, we need 5 types of activist:

  • security expert, to do research & development,
  • educator / influencer, to educate people,
  • law activist, to fight for data privacy & protection law,
    & prevent any law that are against human right.
  • supportive user; ie use, feedback, donate, etc
  • whistleblower to blow up, ie Snowden, or maybe, newbie like me, to speak up,
  • etc

so maybe, although i can only speak up,
but at least, i can share information to other activist,
ie. for expert to develop solution, or for educator as reference,
or for user to be aware about how important the security is.

Besides, my adversary has provoked, a lot of people, to watch my privacy,
which means, maybe they can see too, I’m writing this thread,
therefore, maybe can help to promote Qubes.

Also, by helping solving problem,
maybe also can improve the knowledge, information, & the solution itself.

I read in diagonal the content of this thread and wanted to clarify a couple of simple things, following some random risk assessment, costs of exploits to target random users and some normal paranoia when someone feels targeted, loosing sometimes common sense (not attacking anyone here).

  • The easiest attack to see remote content of screen is binoculars, where having chain of exploits to obtain persistence to dom0 and grasp screen content and exfiltrate would make a user really targeted.
  • random mouse movements is normally consequence of Bluetooth mouse battery dying, precise movement with point and clicks are a total different story, and filming those would be an interesting proof of anything. Most of the time, those proof lacking raise cynicism, for a reason. There is no way someone could not film those in 2022. And when that happens, cutting network and having the behavior stop at the same time could be considered proof.
  • Qubes should not be able to write to system BIOS nowadays. Simply because writing to BIOS requires IO access that Qubes doesn’t have from qubes (the qubes have really limited access to real hardware) and where dom0 being compromised would also need to have access to SPI IO (that would be iomem=relaxed at the very least) or physical access, which would be more probable otherwise again talking about chain of exploits to gain persistence.
  • People mix a lot of concepts, including open source firmware and absence of binary BLOBS. On that I will be really succint here, but there is no such thing with recent hardware that is Open source firmware without blobs AND compatible with Qubes OS. Qubes OS is compatible with x86, and x86 requires ME/CSME+FSP on Intel side or AGESA+PSP on AMD, without talking of blobs on SSD drives and Graphical cards. I hear you being positive about freedom-roadmap, but it is important to differenciate marketing speech from reality and this is difficult to digest. There is user-ownable hardware (kgpe-d16 being the only one I know that can boot Qubes OS without any binary blobs in firmware nor co-processor nor AGESA) where other open firmware enabled hardware are not supported by Qubes (Talos II is such platform, but has yet no Xen support). There is G505s, but without TPM nor enough SPI available flash space available and to be honest, that laptop is rare to get any hands on. Outside that there is older hardware with open source firmware (everything natively initialized, like the thinkpad X200 and similar) but those don’t meet Qubes Requirements (no hardware isolation : vt-d2). So the point here, at least to me, is to raise consciousness on the state of the actual hardware being produced and sold, so that people can be angry (and take action) about that and start to realize that without a clear stance and demands, that will not happen out of the blue and new hardware will be less and less user-ownable, controllable, repairable and most importantly, auditable.

So basically, there is multiple ways to deal with this. Some have been covered here and in so many other threads of this forum. I will retaliate some:

  • Your vault’s qube’s KeepassXC don’t have to show on screen passphrases that were generated. You could generate them and copy paste them without any visual of them ever being displayed. That is if your only threat is binoculars/shoulder surfing/recording and replay.
  • You could move around, hide yourself from plain sights and see if the threat is still present. Confirm that it is linked to a physical place or if it is linked to network access.
  • You should get a machine that permits you to own it yourself, learn how to flash that hardware and then externally verify the state of your own firmware and externalize proof of persistence.
  • Fresh install Qubes. Enable dom0 root volume snapshot on shutdown. Even multiple ones to keep multiple states you will be able to compare against from a filesystem content level. And report about them, and the content of scripts/binaries that were deployed without your consent.
  • Tightly monitor network traffic externally. “PCAP or it never existed” is still a valid saying even today. Having network traffic, even encrypted, while having only your vault vm open should be a real concern (that requires a bit of analysis and is not so easy to accomplish, but should be more then enough to show proof, outside of NTP traffic and repository related traffic from dom0 getting available updates from its defined updatevm).

Other than that, the only other path is to believe.
Believe you were hacked but not being able to prove it.
Or believing that by buying a new laptop you will be safer, for which UEFI proprietary firmware is the worst mess that ever existed in my opinion, and will protect you from your threat model.

Nowadays, firmware security is shifting toward attesting integrity of non-auditable blobs. Not really into open sourcing them anymore. Some open source EC controllers as part of their freedom-roadmap. Some continue to claim unattainable goals keeping their old roadmaps. But no-one can neuter ME/CSME, open source FSP/AGESA but AMD/Intel themselves, and they won’t.
I find this alarming, but to answer your OP question: Qubes should help protect users from backdoors that resides in BIOS and device firmware, yes. Even if Qubes can protect users against themselves, if you pass along untrusted content between computers, and execute/read such content in trusted environments, there is always a risk that some passed content exploited vulnerabilities in those trusted qubes can one day land where it shouldn’t. If you leave your computer unattended without having any security mechanisms in place to protect /boot and you are targeted, the lowest cost for an attacker is the evil-maid scenario. It is totally possible and quick to accomplish to replace /boot’s kernel xen and initrd files, as easy as it is to modify grub.cfg configuration to break Qubes offered security defaults, and even have something there that would get persistence on first run to compromise dom0. That would be, to me, the easiest way to compromise a target’s system and bypass Qubes security mechanisms: compromise Qubes boot process through physical access of unencrypted /boot content. Low cost, effective to gain persistence on next successful boot, compromising even qubes root volume (dom0) even after Qubes dom0 updates that would eventually remove tampered binaries, if not measured/verified prior of being executed.

2 Likes

@Insurgo thanks so much for your advice & information

if new hardware become less & less user-ownable, controllable, repairable, & auditable,
then what will be the future for Insurgo, Purism, Coreboot, Heads ?
what a pity if all the hard work become useless.

i use my laptop alone in my room, facing windows,
other sides are wall and cupboard,
checked many times, & could not find any binocular devices.

how about supply chain attack ?
in your opinion, is it possible that, compromised supply chain,
is able to give us, compromised version of Heads & Qubes,
while we download them, from correct source in the internet ?

But i had authenticated & verified, Heads & Qubes, before flashing / installing.
Although i read in Qubes documentation, saying that compromised device,
can give us correct authentication & verification, even if it is compromised.

if we have used Heads, can we be confident that,
there are no firmware backdoor anymore in the motherboard ?

last time i read in Coreboot mailing list,
saying that firmware can establish ad hoc connection,
with other firmware in other devices,
until it can find device with internet connection,
which is connected to other network,
then send data to internet via covert channel,
in your opinion, should i consider this vector since i have use Heads ?

I use network monitoring apps, such as net analyzer, network scanner, fing, etc,
to monitor modem, so i can see all devices currently connected,
then, when i disconnect my Heads Qubes laptop,
i can see that my device naturally disappear from the modem.

then i put all other devices inside signal blocking bag,
so now only my Heads Qubes Laptop & router modem,
then i disconnect laptop from wifi, & use vault VM, with no net VM,
to type several things,

but still they can see everything,
so i really cannot figure out where is the gap / backdoor,
do you have opinion, what can be the gap / backdoor ?

thanks a lot

@Brainhack @unman thanks a lot for your suggestion

if i understand it correctly, maybe, in short,
you suggest me to hide from supply chain attack / man in the middle attack ?

but in my opinion, we should be able, to find a way,
to protect ourselves, from supply chain attack, without hiding,

because, if we have to hide, from supply chain attack,
then how Purism, Insurgo, & Qubes developer, etc, also its server / repository,
protect itself from supply chain attack, in their development process ?
Assuming that everyone involved, in the development,
are working remotely, or maybe not at the same location,

in example,
Librem & Insurgo also need supply chain, to download Qubes & Coreboot / Heads,
Qubes developer also need supply chain, to download / deliver their work to server / repository,

Maybe by using authentication & verification,
we can protect system from supply chain attack,

but i read in the Qubes documentation,
saying that the compromised devices,
also can give us correct authentication & verification,
regardless the fact that it has been compromised.

Also, many famous people (ie. artist & politician), who cannot hide,
since everyone involved in the supply chain, also know them, wherever they go,
how do they protect themselves from supply chain attack.

before, i had tried to keep it simple, similar to what u suggested,
but then people naturally asked me, “how ”, “elaborate”, etc.
Therefore, since it has happened several times,
so now, i elaborate first, before being asked,

because, big possibility, that new computer,
will not be compatible yet, with coreboot / heads & qubes,
2 main solution for privacy & security,

also, the price of new computer is much higher,
& there is no guarantee, that it can survive from targeted attack.
So, i cannot waste, a lot of money, for something that is uncertain.

Besides, my income is not in a good shape,
because, i cannot allocate, all free time, energy, & focus,
on anything related to my job,
since, they have flood me with problem & trouble,
for almost 5 years, since 2018,
& the digital privacy invasion itself, since 2020.

yes, anyone know the name for this kind of attack ?

sometimes, i have the same assumption too,
but not sure how to describe it,
since maybe it cannot be categorized as,
side channel attack, covert channel attack, nor supply chain attack.

i know there is term “near field communication”,
but not sure, whether there are attack using NFC,
also, maybe not all devices can do NFC.

i read too, that it is technically possible, for firmware, in one device,
to establish ad hoc connection, with firmware in other devices,
until it can find device, with internet connection,
then use it, to send data to internet, via covert channel.
So maybe, it is a combination,
between secret adhoc network & covert channel attack.

But, since i have used heads,
then maybe we can eliminate this vector,
but, Heads still require ME,
also, there are other firmware in motherboard,

yes, correctly. in my opinion, nobody have time for revenge.
either me or my adversary, have wasted a lot of time, for not sure what reason.
rather i give them chance to fix mistakes, if they are okay, i just want:

  • give me back my privacy, to all of my electronic devices, which is basically my right, but definitely they have to tell me what backdoor they use to invade, so that i can apply solution. they can easily use any anonymous name & share in this thread for example.
  • stop stalking me either digitally or real life.
  • complete explanation what, when, how, who, why they do this to me
  • compensation for all disadvantages they do for almost this 5 years

but apparently they don’t want to, it looks like will be very hard for them,
if they can give me the 1st one only, actually good enough already,
although the rest are also make sense, in my opinion

@newbie why you say this? Think this on-topic but :confused:

You misunderstand.
I was giving you suggestions for small experiments to identify what vectors
of attack might be in play.

the question of protecting the supply chain from component to end user is
a different question,not relevant in this thread.

1 Like

The reason I said this, is that I don’t think it does anyone any good to use this thread as a ‘journal’ of sorts for various suspected indications of compromise that isn’t accompanied by anything else. I think the baseline of what the extent of believed compromise is has been established, and to keep a running tally & commentary of these instances actually serves to lessen your credibility.

I am aware that exactly what you have described happens, and I tend to believe you, but you have to spend more time considering the gap between what you have experienced and how another will perceive it. One of your biggest battles is in communicating and not losing people, and I don’t think you have considered this enough. Your communication also influences how people in the future will be perceived with similar complaints, so you aren’t just speaking for yourself in a sense.

Great response @Insurgo what is the most robust way to monitor traffic that is resistant to tampering? What should we be looking up to learn how to analyze this information and not self-report false positives.

Really the foremost point is, unless you have some highly sensitive activity you need to conduct online, you should remove your attachment to needing a digital vault, if your reports are accurate you are far behind the technical power curve in terms of resisting, and it might be more expense to you than gain to try and play cat and mouse in this way, where simply accepting your devices are compromised (which is a reality anyway on a certain level) and that in all reality it isn’t actually costing you much is a better place to land.

In the modern world you can’t really be invisible, you are just getting a direct experience of this, where most will live in a ‘blissful ignorance’.

2 Likes

Edited: contained part of a reply to another post. Deleted unrelevant part, sorry about that.

What I would do there is install tcpdump in the netvm that is receiving the traffic prior of encrypting it (there is no point really into capturing network traffic that is going upstream encrypted). It would not make sense either to capture traffic into vault since that machine is not having netvm normally.

So running tcpdump into sys-firewall or sys-net directly, recording file locally would be a start. Then qvm-move that file to a disposable vm where you install wireshark and then inspect the packet trace from it. The only assumption we can do here is that the traffic is going out of sys-net, but it would most probably be encrypted, and if many other connections are happening at the same time, it won’t be so easy to isolate either. It requires some kind of flattening of what is normal to find what is abnormal here… There might be covert channels at play. If “lucky” there would be a stream that is continuous when data is exfiltrating. But that might also be screenshots, everything is possible here, really… Down to data being exfiltrated by speakers…

As said previously, my way of dealing with this is by comparing states. Ideally having a point in time where things were good and compare what state we are in now to isolate source of compromise.

This thread is convoluted. The assumptions are that something is grabbing vault’s screen content somehow, and that content is somewhat exfiltrated by network. If we consider that vault has no netvm associated to it (as it should) then its screen content needs to have greater system compromise to exfiltrate content, so we imply dom0 compromise as well.
But to go on simpler possibilities again, there is nothing under Qubes that would prevent, as in any other monolithic OS, to capture vault’s “desktop” and sends its screen content online if vault has a netvm associated. First thing first, we take for granted that its not the case here. Then, if vault’s screen content is to be exfiltrated somehow, then dom0/sys-gui needs to be compromised somehow. And for that content to be exfiltrated, it needs a way to exfiltrate it. If its on the network, then in the present case, we also know that Heads is at play, and if Heads maximized builds were flashed, there is no ME at play (but a 98kb BringUP+RUMP payload that keeps the laptop functionning without AMT etc). So AMT binaries cannot be used to exfiltrate content on the network either. So there needs to be either network traffic happening when the exfiltration happen, or the laptop screen itself is filmed somehow. the other replies in this thread are going into isolating if the behavior is localized to the house (house compromised), or if the laptop is compromised. This is an important step into isolating what is happening here.

Anyway. Without other AppVM running, we expect a minimal of sys-net, sys-firewall to be running. In such circumstances with sys-whonix being shutdown (qvm-shutdown --force --wait sys-whonix from dom0 terminal), we expect the network traffic going through sys-net to be pretty low and limited. We expect sys-net to do some NTP traffic to sync time, appvms to check for updates after 5 minutes of uptime, after which nothing should really happen on the network. Making sure vault has no netvm should be verified first.

sys-net assuming we are under Fedora based sys-net

sudo dnf install tcpdump
sudo ip addr #Get the name of your upstream interface, mine is wls7)
sudo tcpdump -nneti wls7 -w ~/packettrace.pcap #Ctrl-C when done
qvm-move ~/packettrace.pcap #send to a dispvm or trusted appvm

If using a disposable sys-net, I have nothing against installing wireshark there temporarily instead of tcpdump above, and running wireshark directly on the uplink interface instead, this will show the traffic as it happens which might be of interest to understand visually what is happening. Note that installing applications on appvms will only be available through that session and will vanish when the vm is shutdown.

In disposable vm/trustable appvm, install wireshark and open the file
sudo dnf install whireshark
wireshark
Open the pcap from ~/QubesIncoming/sys-net/packettrace.pcap

Hope this helps a little into investigating network traces.

I documented elsewhere how to get dom0 multiple snapshots, but that is useful only to compare prior/after compromise. It is also to note that it is totally possible to clone qubes/templates and compare states through volumes snapshots, where Qubes keeps 2 states by default (lvm snapshots named *-back where * is epoch time (number of seconds since 1970), which can be passed to disposable VMs in read only to be compared through basic tools like meld.

Edit: dom0 snapshots also discussed under Dom0 backup/snapshot?

4 Likes

This was tackled in other forums posts and I won’t reiterate here once more. We collectively need to take a stance on what we accept and don’t, what we need outside the lesser evil of what is available. Search the forum for FSP(Intel)/AGESA(Amd), PSP(Amd)/ME/CSME(Intel) and blobs presence in firmware that exists nowadays and look for UEFI vulnerabilities or look at Low Level PC/Server Attack & Defense Timeline — By @XenoKovah of @DarkMentorLLC

This is another tricky question where nothing is totally perfect unless one is totally in control of the supply chain, which is something that doesn’t exist today, unless we go back in time and accept a regression into our user experience and go back to design board and apply concepts like what is brought by projects like precursor. On highly complex systems we daily use like a computer or a smartphone, supply chain attacks can happen at each layer of each component if they are not locked in and tamper evident seals are not apposed/similar idea is not apposed directly at the assembly line, and yet again, who can prevent someone on the assembly line to not swap one component with another without being noticed.

But if you talk about integrity of software, which firmware also is (software is everywhere, even in hardware) then Heads tackles the issue for the hardware it supports in the sense that it can be externally backuped for inspection and parts can be individually reflashed from within as well (A firmware image is an assembly of components, where the BIOS itself is just one region of it, ME is another etc). A little more can be found here on Heads matter: Upgrading Heads | Heads - Wiki

On Qubes+Heads, the recommended installation method is verified detached signed ISO.
To have been misled into downloading a wrong ISO, this would mean interception of HTTPS connection, or compromise of rsynced ISOs across mirrors of Qubes OS, and then having your own Heads installation compromised so that Qubes distribution signing key (which validates integrity+authenticity of ISO.asc/ISO.sig against downloaded ISO just like Qubes documents how to verify signatures. Heads simply automates the process and permits to boot directly from a downloaded iso, only if the iso is accompanied with a proper detached pgp signature (current iso file, current detached signature). Short version: to have Heads install a wrong iso (ISO supply chain issue alone here. Otherwise look into git commit signature for your other question on how to make sure developers working remotely are not having heir work intercepted on untrusted infrastructure, for which github is not trusted), Heads,downloaded iso and downloaded iso.asc would have needed to be compromised for it to be possible. Highly improbable.

But to go back to this thread once more. Can Qubes protect from backdoor in BIOS/devices?

Is my only relevant answer to this thread outside of how Qubes prevents compromise, permits auditability of compromise and recovery. That is on top of a firmware that can be audited and auditable. On top of a reasonably secure computer, that is. You computer has EC controller firmware, which Heads cannot reprogram (Lenovo BIOS updater can), SSD drive firmware. Of course, there is firmware as well into other peripherals in your computer, one of which is recommended to be replaced, which is your wifi card.

I would also second opening other threads then having this one being a mixed pot of everything FUD related, not truly addressing the numerous points you raised.

Qubes implements proper compartmentalization mechanisms for prevention, implements proper auditability base mechanisms and proper recovery bases through the technologies that it relies on. Each of those sub-sub-sub-subjects would deserve individual threads, otherwise this thread is becoming everything and nothing all at once and its pertinence is tending to none.

It goes to mouses moving alone, to housing compromise doubts to network monitoring, now leads to disk forensic, hardware choices, supply chain reality, desires for better, Heads, UEFI, alternatives, past/current/future hardware offering, coreboot terrain losses, Open firmware reality, ME/CSME neutering/deactivation etc. I am interested into those discussions, but I doubt this thread is the place to do so while many others are already existing and more specific to discuss those individually and the ones not existing would be the place to discuss those subjects instead of this thread.

1 Like

I would invite the OP (@newbie) to open other threads, pointing to the parts of discussions that were unaddressed/partly addressed. I would also invite the whole community, as Qubes OS forum participant, to open as many individual threads as needed and to try to stay on topic as much as possible to them. (Learning myself to stay on topic here, and I get it is not always easy.)

Otherwise, everyone wanting to help actually doesn’t and if the discussions slide to the point where it is absolutely impossible from a moderation perspective to efficiently split those discussions into relevant sub-topics for others to find relevant information easily, which is ultimately the goal of a forum like this one.

It might serve original posters alone, but doesn’t help the community as a whole and forces repetition from participants in other threads. It requires additional work from people who want to serve the forums goals to eventually quote themselves in other thread, more relevant being in topic, which unfortunately doesn’t happen often enough and pertinent information is lost since that actual work requires additional energy, some reply only by email (should be possible for all as a goal), etc.

Aho!

4 Likes

okay guys, deeply apologize for the mixed topics.
for next discussion, i will open new thread, or continue at related existing thread.

@KarlinQubes @Insurgo thanks for advice
@Insurgo thanks for all information, i need some time to digest.

So, basically we could’ve concluded the topic with such a subject in post #2 containing: No, it can’t.

@enmus maybe temporary, can’t

Hey Newbie,

Veteran investigator, researcher, and survivor with over a decade experience.
Questions for you, do you live in an apartment with close neighbors? Also, on the screenshots that they post of your screen you mentioned before, are they black and white or in color?
I would suggest you also take a look at tempest sdr as a threat vector just in case. Best way to describe it here would be as a wireless hdmi grabber but for any screen with emissions with some limitations but it does work on laptops and smartphones to some degree depending on their equipment.
In majority of cases social engineering with the goal of physical access to compromise your devices is also used in conjunction. Lock your devices up when sleeping or away.
The low hanging fruit thing is definitely a thing here however the caveat is you seem to be live streamed to many other random criminals and random people that may have stumbled upon a persons live stream hacked link as i have personally seen. Hence why some of them seem really slow in how they communicate with you while the attacks seems sophisticated, because its not one person… And some of those people may be inclined to join in and find their own low hanging fruits using the provided stream or join in with other objectives. Never was there a better way to empower criminals.

If you need more assistance you may get simplex chat and we can use that to communicate more anonymously just in case they can still see. You can send me your invite code when ready and i will confirm back on here its me.

And for those i briefly passed over skim reading this thread thinking who would bother just to do this to a random or “but they would just do the five dollar wrench”, know that this is organized crime utilizing random people for free labor that tries to present itself as anything else but. I recommend you watch some “fictional” movies like Welcome Home, Ratter, and Devils Due to familiarize yourselves although even these still don’t show the entire story. I have some victims that they were told its a serious hacker gang like Anonymous or a three letter agency doing good after framing their target however this not the case in the many times i have seen victims. Most cases ended up being corrupt private investigators or criminals that make a living framing people to further their careers or something on the side like black mailing, selling streams or revenge for hire on easy targets. They then use the general public as human shields to hide themselves so their crimes cannot be easily linked back to them while the random general public ignorantly join in. They may even have a connection to a corrupt cop or two in some cases.
You the victim, are the product. And they are not there to do anyone any favors or to protect anybody in any community. Always keep that in mind.

hi @Devils_Due0
it’s your 1st post, welcome to the community, thanks for your post.

do you know, how to protect from TempestSDR / wireless hdmi grabber ?

imo, they don’t prefer “five dollar wrench”, because,
their primary aim, is not my data, maybe that’s secondary,
but the primary aim is, to put me under surveillance, gang stalking, trolling, bullying, etc.