There is now growing concern, partly due to current political developments, that the strong dependence of European and, in particular, German IT on non-European, especially American and Chinese, products may become a risk factor that can no longer be controlled.
As an open-source system with increased security, Qubes would definitely be an important building block for gradually freeing ourselves from the lock-ins of Microsoft and Apple. But first, you must know that the system exists and then know what you can achieve. I have therefore addressed the following points in the description:
Open source - availability and maintenance
Hardware requirements and installation
Operation by end users
Configuration and deployment
Administration during operation
Application scenarios
Use to strengthen digital sovereignty
I hope this is a little nudge to wake some people up!
I dont think it is possible to defeat state sponsored surveillance and other root kits embed within hardware. Why? Because even if you have the resources to match that of china theu are just going to pour more money as this is how they can monitor everything. The problem is even if you find a root kit in hardware wich is so hard because everything is written in low level, they will put another until the end of time. As of now there is no effective way to beat state sponsored surveillance in electronics in my opinion.
@Sks This is security nihilism. Even though hardware backdoors, if they exist, are almost impossible to detect or fix, they are also very, very hard to use against you, too.
You are right, but the capacities of state-sponsored actors are large but still limited. So, it comes down to whether you are of interest to them, meaning you have to build that question into your threat model. Suppose there is the possibility that you may be a target. In that case, your only hope is keeping everything valuable strictly separated from the internet, but, as Stuxnet has shown, even that may not be enough.
On the other hand, there are not only such adversaries. You still have to defend against simple criminal activities, greed, and such, i.e. against a lot of nasty operators sitting in the net. Here, anything that helps to further digital sovereignty might be helpful.
The best thing to do in my opinion is to somehow convince a government to support privacy(never going to happen) and funding an operation of searching for such root kits etc. The only way to defend against state sponsored attacks is by having state sponsored defence. But that could have problems as well since nobody trusts the government to protect them so it is always pros and cons.
Why? If you have a backdoor embedded in the hardware everything you do on that machine is vulnerable. But it all depends on who you are and what you have done. They wont waste such a good exploit on a random tax evader since they dont care. They are almost impossible to detect too because all the documentation of code is hidden from the public eye.
Fixing small time bugs or exploits is the best and only course of action. To protect less wanted people. However highly wanted people cant be protected.
Fixing small bugs won’t help if the system architecture is weak, like with Windows: You close one hole, but there are thousands of others. Building a system where such holes have less effect, like with Qubes, will improve your probabilities of survival, although they cannot guarantee it.
I totally agree with you here, they dont have unlimited exploits and back doors. If we close lots of them then the probability of an attack on an unimportant person is lower.
Either fix them or make them unimportant. This can guarantee a small time user decent security in this modern world.
Hi, I know the topic is software, but is there any interest in home grown open source CPUs and semiconductors in European countries? I think the ultimate digital sovereignty would be open source CPU cores like RiscV running on home grown FPGAs. America is making a big show of wanting to make chips on home soil once again. Looks like theater to me haha. I don’t trust the 5 eyes Taiwanese semis any more than I trust Chinas. I wonder what the German government thinks.
I’m afraid the German government has not really understood the problem. They tried to let Intel build a fab in Magdeburg, promising them a fund of 10.000.000.000 €. And now Intel seems to have canceled that project. Anyhow, such a fab would not have strengthened Germany’s digital sovereignty.
On the other hand, funding of Open Source projects first had been reduced to one-tenth of the original plans, and later canceled altogether. Instead, they are paying huge license fees to Microsoft, Oracle, and other big players, so the lock-in has even been increased.
The Indepence of any Political block will come when we return to the concept of locally produced - to avoid JIT problem highlighted during COVID
Moreover, there is the Legend (not for discussion) that Chinese chips could have a back-door for use by their government.
So owning a FULLY designed and produced computer / laptop / iot in Europe would be the only solution
Together with the software to make it usefull - sort of similar to the Chinese initiative of having their own brand of Linux.
@GWeck, good luck explaining that to the decision makers!