On Thu, May 26, 2016 at 8:17 PM, Chris Laprise <[email protected]> wrote:
> > > On 05/26/2016 06:42 PM, Franz wrote: > >> >> >> On Thu, May 26, 2016 at 6:16 PM, Chris Laprise <[email protected] >> <mailto:[email protected]>> wrote: >> >> >> >> On 05/25/2016 05:13 PM, Franz wrote: >> >> >> >> On Wed, May 25, 2016 at 2:00 PM, <[email protected] >> <mailto:[email protected]> <mailto:[email protected] >> >> <mailto:[email protected]>>> wrote: >> >> On Wednesday, May 25, 2016 at 1:24:04 AM UTC-4, J. Eppler >> wrote: >> > Hello, >> > >> > >> > >> > >> > If there is another web conferencing app that works >> better for >> qubes I would be happy to try it. >> > >> > https://tox.chat/ >> > - you will find the clients here: >> https://tox.chat/download.html >> > - I would use qTox or uTox for desktop systems >> > >> > or another one: >> > >> > https://jitsi.org/ >> > >> > Best regards >> > J. Eppler >> >> Does TOX have video? if so how is the quality of the >> connection? >> >> >> qTox and uTox do have video, but for using them in Qubes we >> have to deal with the usual webcam issues, which means that a >> USB controller should be assigned to a conference VM. I find >> this even more difficult now that the current Xen version does >> not let me to assign one USB controller to sys-usb and the >> other to a conference-VM anymore, because the two controllers >> share some resources, which is a security issue. So both >> controllers must go assigned to the same VM. >> >> Otherwise one may think of making a script to hot assign USB >> controllers form sys-usb to conference VM and then back again, >> but I have a feeling that it would not work that way, rather >> need a reboot, then conference, then a reboot again to come >> back to the starting setting, which seems too much for me. >> >> I also thought of putting an additional USB controller into >> the expresscard slot, bought two of them rated as working with >> linux, but none really worked with my Qubes. >> >> I reverted to using another non-Qubes computer for >> conferences. But obviously this is a very serious limitation. >> >> So, writing this I wonder if it may make sense to use sys-usb >> as a conference VM. Sys-usb is red and should be considered >> compromised, but it may be better to have a compromised >> conference than nothing. Certainly my sys-usb is much more >> secure than the other non-Qubes computer that I am using now. >> What do you think? >> >> Best >> Fran >> >> >> Mixing usb isolation with the network? I would avoid that if possible. >> >> >> Why? what may happen in your view? It is only some encrypted conference >> software that uses the network to communicate with people you trust. >> > > > A usb webcam could attack the host vm used for conferencing, stealing the > keys or contents of the streams and sending them to an eavesdropper. It > could also receive updates to its own malware, and maybe even find some > wireless mice and keyboards to infect. > > Best to keep USB and network completely separate. > > Chris > So the only solution seems to wait for the possibility to "attach" a webcam to a VM as if it was a block device. I am sure our developers will be able to get it some day. Best Fran -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPzH-qA-BSSp%3D%3DhJ6cvb%3DjhscEBFhjU7Kun--5K-ZMBnxCVc3g%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
