Qubes OS could be honeypot?

Interesting discussion.

Basically open-source software can be vulnerable to supply-chain attacks… so, when it comes to QubesOS you want to watch out for backdoors in Fedora, Xen and Qube-tools. Debian, Whonix and community provided distros are less critical as long as an attacker does not have a zero-day for Xen. For HVMs qemu increases the attack surface.

When you decide to download Tails your IP might be recorded without the tails-maintainer knowing.

Anyway… check your traffic with wireshark and let us know who talks to your backdoor or your backdoor is talking to.

Anything can be a honeypot if one doesn’t know what a secure version of a honeypot looks or acts like or what to look for but the only danger I can see would be to those who know nothing about what a secure OS and network connection looks and acts like but that would apply to any network security measure one might apply on a whim.

“Bad actors” don’t need honeypots because there are more than enough…shall we say, less-than-intelligent people(?) to satisfy any number of crooks.

Qubes-OS is currently and sociopolitically “popular” for reasons that have nothing to do with network security. As it is, it appears pretty secure but doesn’t qualify as a daily driver for me. At least, not yet. On the other hand, it could be useful, (though not necessary) along with other tools, if something should happen and I find myself in need of some sort of long-distance, snail-mail level privacy for something so I’ve installed it on a USB stick and will keep it up to date.

Traffic lights and crosswalk are given to you to securely cross the street. But you cannot ask from the givers to guarantee no car will hit you when crossing the street there. It’s up to you to ensure safe crossing.
Same with Qubes.

LOL
“Honeypot” or not, Qubes is brilliant and great fun!

I see the US Gov. coming up much regarding honeypots, which makes sense given they are seemingly at the forefront of the surveillance state vision (second maybe only to China???). Since that is the case, why don’t we all start a fund to pay a lawyer or someone familiar with Freedom Of Information Act requests that can help make such requests in relation to Qubes?

From my very limited understanding of FOIA at least, even if something were classified and thus heavily redacted or denied due to national security concerns for example - would that not then be some indication of a program? Further, I can only assume that such a vast honeypot program would have so many items involving various agencies and such, that there would have to be a hit somewhere along the line.

Idk, seems like a reasonable way to check some of these concerns? :smiley:

Interesting, I just did a search for “FOIA Qubes OS” and this popped up. Looks like someone had a similar idea:

Maybe something for everyone to follow. I still think it would be cool to fund additional requests going forward, like an annual FOIA or something. Or on more specific information regarding Qubes that would have the potential for more hits.

My thought from this came from a Netflix documentary series “Web of Make Believe” about Daniel Rigmaiden. He made FOIA requests about a technology he suspected was responsible for his capture and exposed the Stingray devices we all know today.

2 Likes

Looks like there are several actually. FBI and CIA have denied the request :confused: and can “neither confirm nor deny” such records exist.

1 Like