On 06/22/2017 11:40 AM, Ryan Tate wrote:
I am perplexed by the challenge of containing Twitter use in Qubes.
With Twitter, you must be logged in to effectively read or write.
On the read side, it is a wildly promiscuous experience exposing the
user to various untrusted sites. Indeed a key goal of using Twitter
is to discover new sites and media.
On the write side, it is very sensitive, containing private messages,
the ability to post public messages with significant personal
reputational risks, and even to do lightweight out-of-band
authentication for other channels.
If I had to pick from the default VMs, I would probably put Twitter
in “untrusted” due to the risks on the read side, even though the
account itself is sensitive and ideally you would not put such write
capabilities in a "wild west” environment like “untrusted." Perhaps
better is to just make a “twitter” vm to keep the damage of any
compromise contained to the Twitter account itself. Most ideal, in
the future, would be to combine this last approach with a Qubes
browser add-on and force each non-twitter link to open in another VM,
either disposable or the “untrusted”.
(Has anyone figured out a better approach?)
I do two things:
* Refrain from clicking links; copy to untrusted VM browser instead
* Turn on https everywhere addon in https-only mode
The latter means that even if I click on a link, the site visited will
at least have some verification (or else it won't load).
--
Chris Laprise, [email protected]
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/67fd0087-3eee-cd29-debd-eb909bd91027%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.
