I have an old analog headset. There are no microphones or computers in it whatsoever. Is this safe to connect to my system (I would assume dom0, but I am very new to Qubes) without needing to make an audio qube? It connects via a 3.5mm jack and is my sole headset I use, so the risk of plugging in anything else to that port is minimal.
Not a security professional here, but as far as I know the whole point of an audio qube is to:
- Protect audio from everything else (talking about your mic of course), therefore there is not much difference between smart audio and analog stuff, especially when your audio qube is not connected to the internet.
- Make it convenient to control your audio setup through somewhat centralized combination of dom0’s pulseaudio and audio qube’s loopback modules.
It is not as hard as it seems to set up an audio qube, and there are community guides for that:
USB audio device ← this is not really about USB, it will work with other devices
External audio
P.S.
If you want to “raw dog” it, you will need to connect your audio device directly to the source (and/or target) of the sound, not the dom0.
1 Like
There could be different types of attack, not only by the devices you attach to your audio card.
For example, the audio drivers/software in dom0 could be malicious and could leak your keyboard key press using speaker like described here:
Qubes Architecture Next Steps: The GUI Domain | Qubes OS
1 Like
The whole point of sys-audio is to avoid doing audio processing
in dom0. In your case, how you connect the headset to your system is
orthogonal to how ‘secure’ audio is.
Your question asked if this is ‘safe’, and the short answer is
“It depends”.
If you want to trim down Qubes’ attack surface, then it is best
to use the sys-audio qube as one poster linked to.
1 Like