-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 01/07/16 13:34, Alex wrote: > On 07/01/2016 01:46 PM, Duncan Guthrie wrote: >> >> I understand what Marek is saying. I'm saying that ideally we >> shouldn't let any proprietary software by loaded by dom0, because >> we simply have no idea what it does. For example, someone could >> pressure the people who write the firmware to put something nasty >> in it designed to attack Qubes and TAILS users, to exploit Xen >> and break out of the hypervisor. It is a distinct possibility, >> considering we are living in the age of Orwell. What I am >> proposing (nonfree repository turned off by default) means that >> we can have hardware support while ideally avoiding the >> proprietary software as much as possible. If it works for Debian >> and Ubuntu, then I am sure it would work for Qubes. For instance, >> this might be easier if dom0 was based on Debian, as I am aware >> this was discussed. > What you say is not wrong, but also not new, and that's exactly > the reason behind netvm and the planned (but harder, hence not yet > ready) guiVM. If everything goes according to the plan, with GuiVM > there will be no need for opaque binary blobs in dom0, and any > distribution may well be used - dom0 still does not have any > networking, so apart from not-yet-found malicious code in the FOSS > in dom0 there should be no security problem. > > The fact that it might be easier if dom0 was debian based is wrong: > it would be exactly the same. As long as someone needs support for > nvidia and chooses to install the official nvidia drivers, they > will have opaque binary blobs in dom0. With fedora it's exactly the > same: by default there are the foss nouveau drivers, but if someone > feels inclined, they may well install the official (opaque) nvidia > blobs. > > If that same person is happy with nouveau, they may use it both in > debian or in fedora. > > If you find any other unneeded suspicious package, you may just > remove it with the package manager; please report back what you > find, so that dom0 may be "purged" if these packages are actually > unneeded in every case. > >> I am also still confused about how I might install Linux-libre >> in dom0 and replace all the proprietary stuff with the packages >> from freed-ora repositories (or my own). I think a guide in the >> documentation for this would be good. Does anyone have any >> ideas? >> >> Thanks for your reply, D. > The problem with a custom dom0 is that it has to support being a > Xen hypervisor administration domain. If this pre-requisite is met, > then you may try to port the qubes tools to work in your dom0. > > I still don't see your point in doing that, anyway, apart from the > video card opaque blob (explained above). As an example, I do not > have any NVidia card as of now, so I don't have any opaque binary > blob in my dom0. Could you please list what other > non-just-removable "proprietary stuff" you found in your dom0 and > explain what would you replace it with? > Thanks for your reply! However, I think I need to clarify some things here. Freed-ora is a repository produced by the Linux-libre project which provides a kernel without the proprietary firmware programs, and a package which removes and prevents installation of non-free programs (mostly firmware packages for various devices, such as bluetooth dongles). It would not require any modification to Fedora in dom0 other than enabling and installing the freed-ora packages. I do not know if Qubes makes any modification to the kernel, or it just uses stock Fedora kernel. Regarding graphics, I am not talking about the Nvidia binary drivers - Nouveau works perfectly for most people, and can be used without proprietary firmware (although recent Nvidia cards require signed firmware from Nvidia, but the driver is open source). (The Nvidia binary drivers, if installed in dom0 are running in kernel space, which is utterly stupid. I can't see a way that people would be able to put them in a special GUI domain). It is their computer and they can install what they want. What I really want is for Qubes not to include the proprietary components by default. This is as simple as the installer saying something like: "The installer detected your computer requires proprietary firmware. Your computer may work fine without the firmware. As Qubes does not have access to the source code or is unable to modify these firmware programs due to license restrictions, we can make no guarantees regarding security, although we have taken steps to mitigate the problem through Qubes' design. Would you like to enable the firmware? [recommended: no]" Keep in mind this is by default. It is not as if we are saying these people can't use Qubes without the firmware, and indeed we are giving them an easy way to enable it at installation, and they can install it later through the package manager. Thanks for everything, D. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXdngqAAoJEPs8tiiQ8FTAch8QALbj7xkewSnBWxXZSBEeaJXJ XOS4JUxu7r7L5pHXANEo7jdW1/Pf6goZXjDQQlqCSdEwXiRBlcuDZU5pz//LrdFr BAtcdc71K7YRmusByRCfaVoRL8XsboKxob8d19oI1q6/AtKL5uY4dulbvHXzxT2P lwQECS3g+fNDZPLOYAH/p643zld8tFgE6LcyfG189krSM9JMI7R71terp30Vtyq1 WBILHWJJiy1fMphGKjS6Hc21JPi3NPJBG8SXEnyJcDyppaLgeFwRSvrz5M4BCROU H6XkvrZPNf73/OW9NAcxwRMzmaODsrnYg/yM/EjS+EppCZGj5AzALfAxOt61zGjV AE8hHWBXdbpenfVXdSKaJpGa44lVsw6pn/g7S3IQMI0ylabZxyWs6wAEm81LZOd/ QMENFJ65mz3xkjGspKv+rnIX671zZuHij9+93YBdXCYlygQ6CTq3i8aT5f2DrdNN kQsvLpwzFBPNKGLjXQBm83qtuM0Z2+R7eEdJsL/6pn1kkn41S2gdjDuGlNoFTu88 C5bXX0ksTXMKYxnYC4+Dw8nvp+qI+m/nBxPexn5Dye6sb4h17aAjglSWamB7+iYv A+tRMckxAmb5MAMpVw9f8Ay4YucZEUfN6A2QGnJLxEGYx9Njj6SVgdSK8bEAz5/i T1orv7cELhSjCK44FrlA =Qs68 -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/108a4e4c-e9da-6516-e5db-c0f9812df0d9%40posteo.net. For more options, visit https://groups.google.com/d/optout.
