On Saturday, 11 March 2017 05:09:26 UTC+11, cooloutac wrote: > On Friday, March 10, 2017 at 1:14:47 AM UTC-5, Drew White wrote: > > On Friday, 10 March 2017 15:36:49 UTC+11, cooloutac wrote: > > > My problem with Qubes is that i'm still noob. I don't even know what > > > alot of system processes are or what they do. Qubes is more complicated > > > then a normal os even just to monitor network traffic. I'm mostly in the > > > dark compared to on bare metal os. > > > > > > > I know more about qubes than the developers do by now. > > monitoring is easy, just have a proxy that does it after the netvm. > > NetVM -> Firewall/Proxy running WireShark or similar -> AppVM/HVM > > > > > > > I'm basically at mercy of a default setup lol. But I think thats part of > > > qubes goal. It has the misnomer of being called for nerds or > > > enthusiasts. But its really for noobs. The hard part is just taking a > > > step in these waters of a new world, even for most security experts. > > > > > > > I wrote my own applications for qubes because the developers wouldn't fix > > things and didn't change things to use less RAM. > > I wrote my own manager that uses only 200 MB VRAM, instead of the current > > one that uses over 1 GB VRAM. (Approximations) > > > > Qubes is built for end users, not nerds or developers or anything (or so > > they claimed, will post reference later). > > > > > The hard part is just accepting the fact you will be compartmentalizing > > > diff aspects of your daily activity on your pc. Its a different way of > > > thinking. > > > > > > > it is a different way for many people. Those of us that are like me, and > > are developers and such, we use virtualisation every day just to do our > > jobs. > > > > > > > Its about accepting the fact you are never 100% secure and its just a > > > matter of how persistent your assailant is. No matter what OS you are > > > using. Everyone gets compromised imo, even most security experts. The > > > only people that don't are people that use their computers like monks. > > > All we can do most of the time is mitigate it. > > > > Accept you aren't secure. Accept that you are compromised. Then try your > > best to prevent things from going wrong. > > > > It's always good to prevent what you can. > > > > I have a way of doing things that permits me to protect myself up the > > wahzoo. > > > > More advanced than the way qubes initially did it. > > It involves me doing different things with the iptables rules, but it's > > workable. > > > > I've done things and tested things, even the vulnerabilities that they say > > there are that makes qubes super duper easy to break, and mine hasn't > > broken or had that vulnerability. > > > > Default setups, they can cause issues. > > SystemD, issues. > > > > Hopefully one day, things will be back to being better, but until then, we > > just have to try to protect ourselves as best as we can. What else can we > > do when people like Google and Microsoft and all those others are trying to > > steal your data and take over your life and your pc and everything about > > you, then sell your data to the everyone.... > > true. Why not just use wireshark in sys-net, since its considered unsafe > anyways? because I keep the data and logs separate. I have a proxyMV with it. That way, I can restrict the VM, and pass everything to something else, thus providing another layer of security by having the data come into the monitor, but go no further. So I can see what's going on, and then release or halt things myself.
> The problem for me is identifying what vm and what process is causing the > traffic. To use baremetal methods on every vm is impractical. true, but that's where certain things come in handy. That's one thing I will look at adding, thanks for the thought. > I still never figured out how to make the firewall scripts to control > everything outgoing. I still don't even believe its possible for some system > processes. Sure i've made iptables rules file on baremetal linux no probs. > But I have to be honest, with Qubes its too complicated for me. > It's easy, use the firewall editor for the VMs. > another issue for is monitoring hdd activity in similar manner. On Dom0, use disk monitoring software. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/01585f73-b385-47bc-ab54-1c82821c358d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
