Idea: password prompt before starting a VM

So I was thinking and maybe this could be another security feature.

Let’s say i wanted to (run/launch) another “appvm or template” and before it would (launch/run) you would get a “password” promp asking for password to open or unlock “appvm or template”. Like loging in to it…Once done you could then do whatever you needed and shutdown.

Is this possible or just a waste of time feature?

1 Like

Hi @B_ryr! I edited the title of your post to make the topic clearer. Please feel free to change it if you feel I didn’t get it right! :slightly_smiling_face:

1 Like

No, it’s all good anything to help.
But i really think it would be a great idea to have this feature!

I believe it would help out in hindering a attacker,data miner or speical interest groups from accessing any appvm or template if they found a way in or pass dom0 or found a way to jump from one appvm to another inspecting your system,layout,apps installed in appvm’s or sensitive intel. Thus then blocking access to any and all. With each appvm “domain” and template having its own unique and private password to enter that domain,template and appvm and no one is connect to each other to share the passwords between each.

You start up the template,appvm,domain…password promp popups before entering or i guess “starting” said area. Then it loads and runs.

This password for the said above could also be used as a “intrusion” alarm.

Lets say you online on one of your appvms doing whatever and lets say “attacker,data miner or speical interest group” has access to your qubes system without you knowing. Working in the background. And all of the sudden you get the “password” popup from one of the other template,appvm,domain asking for password to access. You would then know right then and there you have been infiltrated because some party other then yourself is trying to get in to it.

1 Like

There is an open proposal which would allow for per qube
encryption - this will require a password to access the qube.
Being worked on.

It’s just my opinion, these attacks are performed by malicious peripherals that make read or write accesses to DRAM memory or to memory embedded in other peripherals, through DMA requests. Some protection mechanisms have been implemented in modern architectures to face these attacks. A typical example is the IOMMU, several years ago qubes team has succesfully attacked xen with an active iommu.

If only the attacker could perform what you said, at minimum i will at least grab all vm private.img

This is GREAT unman, can’t wait!!!
But would this feature be available for Us qube users who have and use 4.0.X???

While yes the IOMMU attack could happen. Really think about it. It’s not really pratical this attack and time consuming outside of the bandwidth it would take. I beleive people would notice. And then there are people who do not leave their qubes sysyem connected to the internet.

In fact it’s turmed off most of the time. I get in, do what i need to do, get off, shut down.

My windows systems dont even touch the internet. In fact all forms to access it are REMOVED. My Win 10 hasn’t been updated in years AND works just fine… Side load what I need for them. And if by chance “side loading” brings a little nasty with it. That’s ok reimage!

Cell phone…factory reset alot
Android tablets…ROOTED
Social media…nope (it’s dangerous) who doesn’t see this?!

Problems solved!!

Linking it here:

I think this feature would be nice too. Especially for the tomb encryption script package suite, which warns about swap being a danger. I have to force it every time.
While this proposal may not get rid of tomb’s error message, it would effectively reduce my worries in seeing it.

1 Like