If you can't trust your own computer, would installing Qubes on it do any good? Or is it already too late if your machine might be infected?
Asked
Active
Viewed 279 times
0
-
What do you mean by "machine might be infected"? Do you mean hardware level compromise or simple Windows malware? – multithr3at3d Jul 09 '20 at 22:59
2 Answers
1
In a theoretical sense, no, if you can't trust the computer then you can't trust Qubes. Just as an example of theoretical attacks the computer could record your keystrokes, your screen, mouse clicks, install infected version of qubes rather than the one you supplied, manipulate Qubes (via the same input channels you would use) and so on. On the practical side your biggest concern would be something like a hardware logger, where the keylogger is a piece of hardware rather than software. I have not personally seen malware that can survive an OS wipe and continue to monitor Qubes.
trallgorm
- 875
- 7
- 19
1
OS level malware will be gone after you have installed Qubes. Malware on firmware level like for BIOS or internal storage would still be there. Such malware has existed for a long time but is used mostly for targeted attacks.
ricccardo
- 11
- 1
-
And of course the [NSA RAGEMASTER bug](https://en.wikipedia.org/wiki/NSA_ANT_catalog) attached to your monitor cable will not be affected. – user253751 Jul 10 '20 at 10:34
-
Do you know if it's possible to create a trusted gpg keypair on an untrusted machine? I use git on my laptop, but I'm worried it's been compromised, so I want to sign my commits to make sure they haven't been tampered with. Or if you can't make a trusted keypair, do you know if there's a way to enable 2FA for git commits? I know you can enable it for logging in to Github, but I can't find a way to use 2FA for local commits. – jinkiesgort Jul 10 '20 at 20:13