I have always considered sys-net to be the weakest link, and I think this
is in line with Qubes philosophy.
It’s reasonable to treat sys-net as part of the untrusted
infrastructure. Nothing valuable should be passing through sys-net in
the clear.
1 Like