Thank you for the fast replies. As mentioned Patrick, kloak and tirdad are prime in the agenda. As I see the in-Kernel VM issue (which recently got a lot of traffic) is blocking progress. The parts of security-misc also make a lot of sense and I would like to see them happening too. LKRG I don't understand that much and maybe is out of scope given the restrictive timeline we'll have and the blocking 52xx issue.
Other things I would like to see and I think belong to the scope of this project are: - https://github.com/QubesOS/qubes-issues/issues/2350 -- An application firewall like the one on Subgraph (rip) - https://github.com/QubesOS/qubes-issues/issues/2724 -- Disabling the speaker output on Whonix (if relevant) - Hidden service repos by default - I know that Qubes/Whonix can run in a dedicated i2p mode which allows it to only build i2p connections. Creating by default such a template I would like to experiment on because of an idea of xmpp solely over i2p - https://github.com/NateBrune/silk-guardian -- And a personal favorite (which should *already*be in security-misc) There are a lot of ideas and all have a way of implementation. Sanitizers could be integrated as well. The timeline cannot be calculated precisely as blocking issues and calculated hacks have to take place; if we establish the scope though I think the timeline will follow along. Here is why I proposed you two as mentors; your experience and expertise is needed to calculate and judge the situation. Harry PS: In other very interesting news, better security could flow through a combi <https://github.com/QubesOS/qubes-issues/issues/4551> nation <https://www.hyperbola.info/news/announcing-hyperbolabsd-roadmap/>. https://www.hyperbola.info/news/announcing-hyperbolabsd-roadmap/ Τη Δευτέρα, 16 Μαρτίου 2020 - 2:54:16 μ.μ. UTC+2, ο χρήστης Patrick Schleizer έγραψε: > > This is great. Yes, please work on this. > > > https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581 > > was updated just today. > > You might want to to clarify the scope (explicitly naming which issues > you'd be working on) as this could be a quite big project. > > Marek Marczykowski-Górecki: > > On Sun, Mar 15, 2020 at 03:58:21PM -0700, Harry S wrote: > >> - Are there any interested mentors to bear with me? I would like > Patrick > >> Schleizer or Marek to mentor (both?) because of the scope of the > >> enhancements. > > > > Adding Patrick. > > I would be open to mentor for this project as well. > > > Many of these issues are Qubes specific issues that I couldn't be > solving myself such as > https://github.com/QubesOS/qubes-issues/issues/2558 - in that case I > can't help much. > > Though, I can help in my usual capability as far as Whonix integration > is concerned. (See my usual online activity.) > > Cheers, > Patrick > -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/4089b253-a3b7-4b2b-aed8-f80e4956bc91%40googlegroups.com.
