Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upNeed a secure core, outside of "The Matrix" #3448
Comments
ReasonablyAnonymous
referenced this issue
Jan 7, 2018
Closed
Qubes 4.0rc2 allows installation on unsupported hardware. #3208
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment
Hide comment
adrelanos
Jan 7, 2018
Member
ReasonablyAnonymous:
If we had a way to build a dom0 which definitely is secure from cache-based attacks as it's physically separated with its own memory and had a non-von Neumann core, would Qubes be able to build that OS on top of that and would that restore the "resonably secure" status of it?
Qubes is currently based on Xen, a hypervisor. Given skills, Xen can be ported to other hardware. The Qubes team as far as I understand has the skills to do that, as well as the skills to be the lead in this, but is far from having the required funding for that. It would most likely require hiring more developers.
Qubes architecture based on the Qubes Odyssey Framework. It means, given skills which the Qubes team has, even Xen could be thrown out and be replaced by a better hypervisor.
Of course it would have to be open-source'd, ideally including the hardware needed for that.
Of course.
I am asking because I see a way to do that (the core, I mean) and might be able to fund it (and/or get it funded by industry which *should* be interested even if only for monetary interests of their own), including the hardware. I need to assess the viability in terms of building an OS on top of that as I don't have any significant experience in actually building an OS.
Such discussions can get get time consuming, theoretic with no outcome. I mean, if you could back up the likelihood of getting this funded with approximate sums, you are significantly more likely to be taken serious.
adrelanos
commented
Jan 7, 2018
•
edited
Edited 1 time
-
adrelanos
edited Jan 7, 2018 (most recent)
edited
Edited 1 time
-
Jan 7, 2018 (most recent)
|
ReasonablyAnonymous:
If we had a way to build a dom0 which definitely is secure from cache-based attacks as it's physically separated with its own memory and had a non-von Neumann core, would Qubes be able to build that OS on top of that and would that restore the "resonably secure" status of it?
Qubes is currently based on Xen, a hypervisor. Given skills, Xen can be ported to other hardware. The Qubes team as far as I understand has the skills to do that, as well as the skills to be the lead in this, but is far from having the required funding for that. It would most likely require hiring more developers.
Qubes architecture based on the Qubes Odyssey Framework. It means, given skills which the Qubes team has, even Xen could be thrown out and be replaced by a better hypervisor.
Of course it would have to be open-source'd, ideally including the hardware needed for that.
Of course.
I am asking because I see a way to do that (the core, I mean) and might be able to fund it (and/or get it funded by industry which *should* be interested even if only for monetary interests of their own), including the hardware. I need to assess the viability in terms of building an OS on top of that as I don't have any significant experience in actually building an OS.
Such discussions can get get time consuming, theoretic with no outcome. I mean, if you could back up the likelihood of getting this funded with approximate sums, you are significantly more likely to be taken serious.
|
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment
Hide comment
andrewdavidwong
Jan 7, 2018
Member
Based on our issue reporting guidelines, this does not appear to be suitable for qubes-issues. Please move the technical part of this discussion to the qubes-devel mailing list and the more general discussion to qubes-users. Please send any serious business proposals to business@qubes-os.org. Thank you for your understanding.
|
Based on our issue reporting guidelines, this does not appear to be suitable for |
andrewdavidwong
closed this
Jan 7, 2018
andrewdavidwong
added
the
invalid
label
Jan 7, 2018
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
ReasonablyAnonymous commentedJan 7, 2018
•
edited
Edited 1 time
-
ReasonablyAnonymous
edited Jan 7, 2018 (most recent)
The context is the Meltdown/Spectre announcements.
Being a hardware (electronics-) engineer, I have looked at the von Neumann architecture and the desperate attempts to keep this stone age Zombie "alive" in the presence of Moore - namely cache and cache coherency - with major suspicion for more than 20 years now.
Now "they" (that's Intel et.al.) had to finally admit that it's dead (and consequently Intel's CEO sold all of his shares except the ones he's obliged to keep - of course BEFORE the announcement has been made public...) and humanity has to finally upgrade computing to 2.0, post von Neumann, if we don't want to turn AI, self-driving cars, military robots and IoT into a real nightmare.
If we had a way to build a dom0 which definitely is secure from cache-based attacks as it's physically separated with its own memory and had a non-von Neumann core, would Qubes be able to build that OS on top of that and would that restore the "resonably secure" status of it? Of course it would have to be open-source'd, ideally including the hardware needed for that.
What else would be needed? Would it make sense to include Tor/Blockchain access directly in that core, utilizing open source hw and sw?
I am asking because I see a way to do that (the core, I mean) and might be able to fund it (and/or get it funded by industry which should be interested even if only for monetary interests of their own), including the hardware. I need to assess the viability in terms of building an OS on top of that as I don't have any significant experience in actually building an OS.