I’ve used hardware cards as a temporary container for the hdd, not gimmick or snake oil but developed solution for testing, malware etc etc (dev of hitmanpro turned me onto one brand) as one would imagine a lot of people have used or heard of. There are softwares over the years that had many roots such as internet cafés to that I think “shadow defender” now leads or,perhaps once trumped in the wild shared malware. I’ve searched, but has there been any conflicts, vulnerabilities if using this technology / should not be used together / or not necessary - as they are a solely valid security feature / just unnecessary. Obviously depends on what you want it to achieve.Simplified is there any problems or potential ones with this set up ? Edit I repeat the hardware is not the type that did the rounds to make a quick buck with floored technology but made for professional support and interested novices / security users, privileged users.
Well these devices are best for “clusters” of physical machines used by potentially untrusted or undisciplined users, somewhat monitored (e.g. intervene if user is opening the case). Cafes, hotels, etc.
They are shims that remap device access and (hopefully) block some of the more esoteric device calls that could bypass the shim’s remapping of the more common standard commands.
I think many cases (perhaps even some cafes) have “matured” to disposable VMs provided by Citrix, etc. displayed to either byod or “dumb” gui terminals sometimes w/ usb forwarding for storage or HID support.
With Qubes the idea is that the user is going to be disciplined enough (by defaults/guidance) to not expose dom0 to the daily onslaught of badness.
Disposable VMs can be exposed to badness with reasonable assurances of long term security (though depending what was going on in the disposable vm some privacy may have been lost).
Yes, I used cafe example for the difference between the ones there and ones used professionally. At one time we had problems with malware vm aware and other techniques. In fact amazingly, or not, malware some found in the wild leads straightforward to the source badly written and honestly made that way almost tagging the work just as an inserted string.Another problem that was said to be fiction still just only a few years ago that is more advanced system looks to be used infrequent but really is not. Examples, malware using partitions is an old idea yet helped malware, rootkits not so long ago, “undetected” upto a year!..but rediscovered? yes. Owned OSes, hardware comes with some problems to work out if new to this level…There are software solutions but at the time nothing coming through detected the card to keep it simple. So is worth test for lulz
Please excuse grammar and language please.just to be clear hardware usually used by av houses et al
Right, because some malware either remains inert or deletes itself if it detects a virtual environment. Hence the need for interposers in the storage path to revert changes during reboots (from the OS POV).
I already like this forum to learn more about qubes and users or enthusiasts that have some experience. Just a disclaimer I am somewhat involved in various parts of security but still learning since the 70s thanks for your reply .i think I should play with it edit time to get up to speed what is new !