help-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Combining Hurd and Qubes OS for security reasons? Possible?

From: David Renz
Subject: Re: Combining Hurd and Qubes OS for security reasons? Possible?
Date: Wed, 23 Dec 2015 17:25:08 +0100
On Wed, Dec 23, 2015 at 4:41 PM, Richard Braun <rbraun@sceen.net> wrote:
On Wed, Dec 23, 2015 at 11:56:23AM +0100, David Renz wrote:
> You can under no circumstances get a secure system running on one or
> multiple "system(s) of its/their own", because - as you have said it very
> precisely - you have no control over this.

That's not what I said. First, you don't run a secure system "on one or
multiple systems of their own". You run one system among multiple ones.

But the important thing about this is: Those other systems have access to your 'main system', as you also wrote in your last line - I don't believe that a protection would be possible, too.
 
Then, that system must have control over memory access because that's
where the data is and that's what you want to protect. Finally, you
need hardware that can actually restrict memory access from devices that
are external from the point of view of that main system and physical
memory.

After reviewing SMM a bit more, it seems to be an x86 processor operating
mode, giving access to normally inaccessible resources, hidden from the
operating system, which means firmwares using that mode actually run on
the main processor, and are subject to neither IOMMU nor MMU restrictions.

If I'm right, it seems you just can't protect an x86 system from firmware
interference. 

That's why I often asked myself why not trying approaches based on other hardware architectures - RaspberryPi might be worthy to look at for that purpose.
 

--
Richard Braun

reply via email to
[Prev in Thread] Current Thread [Next in Thread]