Buster is the development codename for Debian 10.
Fri, Oct 4
It turns out, what I said only applies to the Debian package. The kernel patch and the package are actually two different things.
Jul 22 2019
Yes Zulucrypt included and functional on KVM 15. However fixes for both zulucrypt and tomb haven't made it into Buster from what I've tested. Zulucrypt has a tomb plugin to open Tomb files too.
Jul 3 2019
I can test it but I doubt lockdown will help at all.
Could you test this please by installing in VM and/or host please? @madaidan
Jun 27 2019
Jun 20 2019
Jun 14 2019
May 22 2019
His detailed reply:
May 5 2019
More kernel hardening:
May 3 2019
Related thread on general kernel hardening:
May 1 2019
Pass 10000 - Fail 0 - Rounds 10000
Apr 30 2019
Apr 24 2019
Apr 19 2019
Apr 18 2019
I also added the cli version to the non-qubes-vm-enhancements-cli section. It is a dep of a gui install but not vice versa. Zulucrypt plugin package was added there too since enchancements-cli is a subset of enhancements-gui.
Apr 17 2019
Could you please test https://github.com/smuellerDD/jitterentropy-rngd/issues/6#issuecomment-483191719 in Qubes / VirtualBox? @TNTBOMBOM
zulucrypt works in Buster. Tomb does not.
Apr 15 2019
Answer by jitterentropy developer:
Apr 14 2019
consider installing jitterentropy-rngd to improve entropy collection
ask Xen developers about Efficacy of jitterentropy RNG in Xen
Apr 12 2019
I don't see anything to do here.
Apr 6 2019
Apr 4 2019
This looks like focused on kernel protection from attacker having full user (or even root) access already. Something very desirable on server/multi user systems, but not so much meaningful in a single-user AppVM.
Also, disabling modules loading at all may break attaching devices (block, usb etc).
Other than modules loading, it shouldn't harm, though.
Any opinion? @marmarek
Mar 22 2019
Test the tomb LUKS container script as an alternative.
Feb 2 2019
Moved to xfce so past comment is irrelevant. Will test Zulu after moving to Buster and add if it works.