VM sigkill-at-will, d-bus broker service and qubesd fail to boot, attack disables Qubes Updater

After total system failure, found that the VM sigkil-at-will still can happen even after a fresh install.

Thought there was a difference between kernel latest and stable. There is not. Same vuln.

Attacker has always been able to eventually disable Qubes Updater mechanism for the past several years. Qubes have to be individually updated and salt is bypassed (but repos aren’t onionized by default anyway). Doesn’t matter, though, because then the attacker just sigkills if individual update is attempted.

Now it looks like systemd won’t boot. Tried rescue.

dbus-broker.service
qubesd.service

1 Like

Connected to these attacks on Qubes Updater

Has anyone used the Ignite .onion repodata?

1 Like