Comment on Safely exposing services to the Internet
hirihit640@sh.itjust.works 1 week agoNobody believes virtualization is perfect, it’s just the best we got because:
- smaller attack surface
- security is the priority over adding new features (the opposite of most other development cycles)
- in practice we have seen how secure it is relative to other systems like the kernel
And anyways, even a separate physical computer can be hacked. If it has networking, there could be a vulnerability in the networking stack. Just making an outbound tcp connection can be enough to be pwned.
I think the closest thing we have to an “invincible” system is seL4, but I rarely hear about amybody using them
Jean_le_Flambeur@discuss.tchncs.de 3 days ago
Why is a hypervisor the best we got? Why would better than a dedicated bare metal server? Why would the attack surface if a hypervisor be smaller than the attack surface without one?
Honest question
hirihit640@sh.itjust.works 3 days ago
“best” is of course subjective. Bare metal could be better, but imo the marginally smaller attack surface isn’t worth it. If the Qubes project trusts that a hypervisor is secure enough, then I trust it as well.
I run 10+ VMs all the time, no way am I going to buy 10 bare metal servers. The ability to create new secure environments on-demand is unbeatable.
Jean_le_Flambeur@discuss.tchncs.de 2 days ago
Well, i never argued against the clearly powerfull capabilities, those are obviously huge, my point was that as a hobbyist you should consider having the important stuff (finances, official documents, biometrics) in cold storage or on a separate machine as well as stuff like security cameras or doorlocks if you do stuff like this out of it until you fully understand the risks, which are not that easy to grasp for people without experience.
Ofc proxmox and qubes are incredible useful tools of technology, but their high versatility and customizability gives you a lot of tools you need understand and use properly on top of what you are already doing.