Nov 19, 2017

Joanna's (Qubes OS Founder) blog [1] is a gold mine when it comes to hardware-software boundary security. Especially "State considered harmful" [2] and "x86 considered harmful" [3] papers are eye-openers.

[1] https://blog.invisiblethings.org/

[2] https://blog.invisiblethings.org/papers/2015/state_harmful.p...

[3] https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf

Oct 10, 2017

Please read x86 considered harmful by the security researcher Joanna rutkowska. It highlights the x86 flaws. https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf

Jul 11, 2017

I think the whole point of Qubes OS is t not trust hardware because of potential BIOS or ME backdoors.

Joanna Rutkowska, Qubes founder, is the person who brought up intel ME as a problem in her paper Intel x86 considered harmful (https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf).

May 03, 2017

https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf

Mar 07, 2017

The article is dated.

The game changed fundamentally with the introduction of the Intel Management Engine (or the AMD Platform Security Processor) on the x86 platform. The system is now "deep pwned" as described in point 3.1.1 of the article. The manufacturer has ultimate control of the platform, the user has been disowned.

https://mail.fsfeurope.org/pipermail/discussion/2016-April/0...

https://youtu.be/rcwngbUrZNg?t=17m41s

https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf

https://link.springer.com/book/10.1007%2F978-1-4302-6572-6