Comment by MORPHOICES 1 month ago [dead] 4 comments MORPHOICES Reply fsflover 1 month ago > To what extent do you trust "well-tested" code?I don't, which is why I use Qubes OS providing security through compartmentalization. hun3 1 month ago Then the question becomes: to what extent do you trust Xen and Qubes RPC? fsflover 1 month ago I do have to somewhat trust Xen, but Qubes' isolation relies on hardware virtualization (VT-d), which statistically has much less security issues than Xen itself. Most Xen advisories do not affect Qubes: https://www.qubes-os.org/security/xsa/ saagarjha 1 month ago > Undefined behavior-related bugs are permanently hidden.No they are often found and fixed.
fsflover 1 month ago > To what extent do you trust "well-tested" code?I don't, which is why I use Qubes OS providing security through compartmentalization. hun3 1 month ago Then the question becomes: to what extent do you trust Xen and Qubes RPC? fsflover 1 month ago I do have to somewhat trust Xen, but Qubes' isolation relies on hardware virtualization (VT-d), which statistically has much less security issues than Xen itself. Most Xen advisories do not affect Qubes: https://www.qubes-os.org/security/xsa/
hun3 1 month ago Then the question becomes: to what extent do you trust Xen and Qubes RPC? fsflover 1 month ago I do have to somewhat trust Xen, but Qubes' isolation relies on hardware virtualization (VT-d), which statistically has much less security issues than Xen itself. Most Xen advisories do not affect Qubes: https://www.qubes-os.org/security/xsa/
fsflover 1 month ago I do have to somewhat trust Xen, but Qubes' isolation relies on hardware virtualization (VT-d), which statistically has much less security issues than Xen itself. Most Xen advisories do not affect Qubes: https://www.qubes-os.org/security/xsa/
saagarjha 1 month ago > Undefined behavior-related bugs are permanently hidden.No they are often found and fixed.
> To what extent do you trust "well-tested" code?
I don't, which is why I use Qubes OS providing security through compartmentalization.
Then the question becomes: to what extent do you trust Xen and Qubes RPC?
I do have to somewhat trust Xen, but Qubes' isolation relies on hardware virtualization (VT-d), which statistically has much less security issues than Xen itself. Most Xen advisories do not affect Qubes: https://www.qubes-os.org/security/xsa/
> Undefined behavior-related bugs are permanently hidden.
No they are often found and fixed.