The security of different virtualization systems, specifically comparing Qubes hypervisor with separation kernels like INTEGRITY-178B and LynxSecure

I’ve often heard that Qubes is considered one of the most secure virtualization options because it uses a small Xen hypervisor, which is only about 150KB in size. However, even Qubes isn’t immune to side-channel attacks, such as the Spectr… Continue reading The security of different virtualization systems, specifically comparing Qubes hypervisor with separation kernels like INTEGRITY-178B and LynxSecure

The security of different virtualization systems, specifically comparing Qubes hypervisor with separation kernels like INTEGRITY-178B and LynxSecure

I’ve often heard that Qubes is considered one of the most secure virtualization options because it uses a small Xen hypervisor, which is only about 150KB in size. However, even Qubes isn’t immune to side-channel attacks, such as the Spectr… Continue reading The security of different virtualization systems, specifically comparing Qubes hypervisor with separation kernels like INTEGRITY-178B and LynxSecure

Microsoft fixes actively exploited Windows Hyper-V zero-day flaws

Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) are being actively exploited. The exploited Hyper-V vulnerabilities The expl… Continue reading Microsoft fixes actively exploited Windows Hyper-V zero-day flaws

Microsoft fixes actively exploited Windows Hyper-V zero-day flaws

Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) are being actively exploited. The exploited Hyper-V vulnerabilities The expl… Continue reading Microsoft fixes actively exploited Windows Hyper-V zero-day flaws

Kata Containers: Open-source container runtime, building lightweight VMs

Kata Containers is an open-source project dedicated to creating a secure container runtime that combines the performance and simplicity of containers with the enhanced isolation of lightweight virtual machines. By leveraging hardware virtualization tec… Continue reading Kata Containers: Open-source container runtime, building lightweight VMs

What is the difference between enhanced container isolation projects like runq, Kata Containers, Firecracker and gVisor?

I’m diving into different solutions to use (virtual machine based) isolation for containers. I found these promising projects: runq, Kata Containers, Firecracker and gVisor. I think that runq, Kata Containers and Firecracker are in essence… Continue reading What is the difference between enhanced container isolation projects like runq, Kata Containers, Firecracker and gVisor?

Proxmox Virtual Environment 8.3: SDN-firewall integration, faster container backups, and more!

The Proxmox Virtual Environment 8.3 enterprise virtualization solution features management tools and a user-friendly web interface, allowing you to deploy open-source solutions in clustered, highly available setups. This version is based on Debian 12.8… Continue reading Proxmox Virtual Environment 8.3: SDN-firewall integration, faster container backups, and more!

What is the easiest way to have a standalone implementation of Passkeys on generic hardware with backup?

In previous question I asked about simple login systems, and WebAuthn was the answer. From a brief read of the web pages I THINK it is possible to create a standalone GPL implementation of Passkeys that can be freely backed up/duplicated … Continue reading What is the easiest way to have a standalone implementation of Passkeys on generic hardware with backup?

Best Practice for Creating and Accessing an Encrypted Database with a Strong Threat Model

Goal:
I’m seeking feedback on the most secure setup for creating and accessing an encrypted database (KDBX4 format) that minimizes exposure to potential remote attacks. This database will contain highly sensitive information, and my primar… Continue reading Best Practice for Creating and Accessing an Encrypted Database with a Strong Threat Model