Patch Qubes to prevent pwnage via Xen bug Xen has a critical bug that means Qubes 3.1 and 3.2 need an immediate patch, for Xen packages between 4.6.4 and 4.6.26. A recent patch introduced the bug, which according to the advisory is an insufficient check on the XENMEM_exchange input, “allowing the caller to drive hypervisor memory accesses outside of the guest provided …
The mention that Qubes 4.0 would change how it did virtualization encouraged me to do a web search for more details.
It turns out that HVM simply means full virtualization, standing for "hardware virtual machine", with PV being paravirtualization. Also, I found a page on the Qubes site, dated November 30, 2016, noting that the Qubes development group was experiencing a funding crisis - and a posting by Marek Marczykowski-Górecki from December 5, 2016 noting that the status of Qubes 4.0 was fairly good, with most of it working, and only a few things needing to be cleared up.
>noting that the Qubes development group was experiencing a funding crisis
Considering its use case is for the security conscious some enterprises should be stepping up. It is a neat project but sacrificing any kind of 3D graphic performance for security means probably not a huge amount of home users. Honestly with all these Xen breakout bugs I wouldn't be surprised if you got better desktop security from a properly configured Solaris Trusted (Extensions) Desktop.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
