Category Archives: InfoSec

On the Risk of Connecting and Collecting it All

The past has shown and the present demonstrates in an impressive way that protecting sensitive assets is hard – if not even impossible. Too many companies fail to protect their customer’s information properly and this situation will continue in the future. Normally, after a breach, the InfoSec community preaches that additional security controls need to be implemented: strong passwords should be picked by users and hacked ones need to be changed, 2-factor-authentication should be used, patches need to be implemented, data needs to be encrypted and many more.

Continue reading On the Risk of Connecting and Collecting it All

Accessing a usb-sys blocked and encrypted Qubes OS Partition

Since a USB controller assignment survives reboot, you may find yourself unable to access your system. (link)

Qubes OS does consider all USB devices by default as potentially evil. So in case you are serious about USB-based attacks on your Qubes-OS environment, you might want to install an USB qube such as sys-usb. Continue reading Accessing a usb-sys blocked and encrypted Qubes OS Partition