How to read Qubes OS' website
@espectalll @micahflee Hmm, yes, I suppose it's possible some Qubes users will actually do that.
But, more generally, it does show a rather gaping hole in standard web infrastructure in that there's no general mechanism to convey and check the original author's signature on web pages.
@edavies @espectalll @micahflee wellllll... there's SSL...
this basically allows end-to-end encryption to the hosting server.
But you're right that this doesn't validify the contents.
@upshotknothole @edavies @micahflee I certainly was going to address that. Keep in mind you have to rely on COMODO's certificates and not be fooled by the TLS certificate being replaced in some form of MiTM. But it is a rare issue, just one to be aware of when needed.
Otherwise, I absolutely agree, but keep in mind marketing has a huge role here. I mean, they claim to do "a reasonably secure OS". It better be reasonably secure... for the target audience.
@upshotknothole @espectalll @micahflee Exactly, the hosting provider could fiddle with the documents easily.
Toots ought to be signed, too.
@edavies @upshotknothole @micahflee Can't wait for Mastodon to become a federated keychain
@edavies @espectalll @micahflee this assumes user generated content. That's impossible to properly manage from a server side
@upshotknothole @espectalll @micahflee Yes, of course the signing needs to be done on the user's machine. It needs to be part of the web protocols and browser functionality.
(Which brings us back to Qubes - the VM you toot from needs access to at least a low-grade signing key so probably ought to be separate from the one you do most of your browsing on.)
@edavies @espectalll @micahflee that's not hard. You can separate the subkey from the master. The master can invalidate the subkey but the subkey itself can't harm the master.
Haven't used it for various VMs tho.
@edavies @micahflee @espectalll as a Qubes user I can tell you that there are definitely people in the community that would do that.
Qubes has a lot of benefits that are not directly security related and a lot of people would probably have a better time using it compared to something else (as long as they don't need GPU support).