I really wish macOS implemented something like @QubesOS' netvm(s) at some point...
/cc @radian @XenoKovahhttps://twitter.com/SemmleInc/status/1057351261123739648 …
-
-
well - yeah, but that's only really useful if the user actually separates their data into multiple VMs already
-
I agree it's tricky to make full use of netvms, while preserving seamless UX.
-
But then again, if you're Apple you don't need to run full VMs -- rather you could containerize just parts of the stacks into VT containers, so no replication of attack vectors downstream.
-
i.e. in the "VM" connected to your "netvm" you don't need to replicate the whole low-level networking stack which you have in your world-facing "netvm" (like 802.11, lower parts of TCP/IP).
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.