Reading across the Qubes documentation, several articles and the hacking section of the forum, I started wondering how common it is to be compromised, for the average person who is not a high profile target. For example, someone who reads a lot of pdfs, or downloads and opens files from reasonably trusted sources. I am trying to find a balance between reasonable caution and paranoia, and admittedly all this reading has made me pretty paranoid. Considering, from what I’ve understood, it’s impossible to know in many cases if you have been compromised, how can we ever know if our hardware should be trusted at all? Is the only solution to buy a new PC for a Qubes installation? Would love to hear your thoughts!
It depends what you are doing with your computer. If you just stick with an up to date web browser on two legit websites, it’s unlikely you ever have an issue.
The more you interact with the Internet at different level, the more it is likely to have a security issue.
There is also the value of data to consider. If you moved your whole money to cryptocoins, you may want to secure it the best you can, while if you have a picture of your dog on your computer and use the computer to look at the weather, you would not care much about being compromised.
Any x86 PC built after 2013 is guaranteed to have IME/PSP spywares installed at the hardware level, guaranteeing that we’re all compromised. The NSA and friends probably have an AI running scanning regular screenshots of every networked PC in the world by this point. Older PCs cannot be trusted either because of the 11+ years and counting of potential exploit discoveries.
Welcome to the end times, friend.
they would need to have a way to get the data out of the network
You could run a firewall using an unaffected CPU and see the traffic.
“See the traffic”? I don’t even know if these connections are incoming or outgoing, what they even look like, or how frequent one should expect them. It’d be like looking for a needle in a haystack without knowing what a needle looks like
This is highly speculative and unrealistic. We wouldn’t need to run firewalls on individual networks (EDIT: not saying this is a bad suggestion if you have a concern, I just want to emphasize how unrealistic the specific concern in question is), the amount of traffic it would generate would be obvious to the many different organizations that collaborate to maintain the infrastructure supporting the internet (the government might be able to compromise some of these organizations, but not all of them; the more people involved the harder it is to keep secret). Don’t forget that Netflix accounts for 15% of all traffic and that’s only from a small fraction of all x86 machines. The plausible backdoors you’re referring to would be used for targeted attacks, not mass surveillance.
Lots of things to think about here, thank you all for your responses. This makes it feel a bit hopeless to even try to enforce security though, as if the possibility of compromise is inevitable.
It’s the opposite for me. Knowing that never mind what I do with Qubes OS, there is an inherent possibility of compromise is what makes it fun! It keeps me away from computer for some activities, force me to be more confident in my self and less in technology, etc.
Would you trust a human saying “You can tell me anything, nobody could force me to talk” or “Don’t tell me things that you would not like me to repeat under circumstances.” ?
Really good point! For me, it is not that I have something in particular, that is essential to remain uncompromised, but rather that I want privacy. It’s not incriminating for a stranger to see or know what book I’m reading, or what I ate for breakfast, but why should they be able to? I’d like to have control over who can access my private machine and what can be accessed on it, and it seems ultimately impossible.
You are heavily underestimating the enemy. How many of these people are involved, exactly? Do you check up on them regularly yourself? How do you know they aren’t already compromised, and what makes you think the enemy doesn’t have the capacity to compromise them all at once? They want us to think they are less technologically advanced than they really are. Don’t fall for it. Think of the worst, and then assume reality is 100x worse.
Why? Because the corrupt illuminati elites are trying to establish a world order where privacy doesn’t exist even as a concept that people can understand. They want to have 100% control over the tiniest that happens anywhere in the world. They want to be able to do corrupt things and get away with it. They want nobody to stand in their way of global oppression so that they can turn us all into slaves to their genetically modified offspring. They hate humanity so much that they are willing to split the species into a super-strong, super-smart variant… and then a worthless slave variant that has no human rights.
They regret giving us a free and open Internet. They inadvertedly gave the people way more freedom than they intended, and now they are slowly trying to roll it back. Once they take it back, we will never have it again, at least not for the next thousand or so years. Once they re-gain full top-down control of information, then it will be over for our entire species as we know it.
If you embark on the path to glorious righteous crusade to personal digital privacy, be ready to be mocked by the sheeple around you. Be ready to watch your closest friends and family turn on you in real time. They are programmed to obey and to capitulate, and to subconsciously despise those who have seen the truth. You must resist them. You who see the truth are infinitely more useful to humanity and its future than a dozen of them zombies put together. Pray for liberty or for a fruitful death.
Sorry to interrupt the discussion, but this is a bit too broad for the forum. I would ask that the discussion focuses on how being compromised relates to one’s usage of the system. Thank you!
It’s common. There are closed source exploits from software companies (some by design) and 0 day exploits that hackers use to steal information all the time.
That’s why you use a DispVM to avoid persistent malware although it still may not matter if you look at a page that loads javascript that uses an exploit and immediately log into something.
You’re much safer in Qubes however.
I’ve done this by the way and seen IP addresses and gone “what is that?” and when I look up the server there is no information, just a random location with no indication of ownership.
What do I do with that? If there were exploits like that, they would likely not send a lot of data out, it would be small amounts, like CPU serial number date of first use last IPv4 address used for networking. They would save the exploit for when really needed.
Even if what I saw was something malicious that was based on some secretive exploit- and it’s much more likely it was just some software update or telemetry- what then? Do I start analyzing packets with wireshark?
An exploit like that would probably use a type of non-public encryption to avoid detection. Do I take my suspicions to security researcher and seem crazy? Who has time for that?
I don’t think it’s as easy as you think to detect these sorts of things.
Has anyone bought a new laptop and let it sit for a year and did a wireshark capture of every packet?