Joanna Rootkovska ☠️
I really like draw.io, a free Visio alternative, which also works fine in *offline* mode as a Chrome app (I tested it in offline VM).
But it would be even cooler if there was an easy way to package Chrome Apps as RPM or DEB, as then it could be easily installed in a template VM for use in many different AppVMs. Anyone knows how to do that?
(The diagram below is for an upcoming post on Qubes Compromises Recovery, BTW)
Joanna Rootkovska ☠️
About the Subgraph attack:
1. The main problem that @micahflee exploited is the unfortunate decision made by Subgraph OS to keep Gnome/Nautilus in the TCB *and* letting this complex software process *untrusted* files,
2. The specific Nautilus bug (handling of .desktop files) is just *one* example of what could go wrong in this case,
3. We can think of other potential problems (e.g. Thumbnails processing)
4. More details: https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/
Bobinas P4G is a social network. It runs on GNU social, version 2.0.1-beta0, available under the GNU Affero General Public License.
All Bobinas P4G content and data are available under the Creative Commons Attribution 3.0 license.
