Yuraeitha skrev den 22.11.2017 20:27:
snip---

I can see from your screenshot that you're trying to install Qubes 4,
and you commented that you have no VT-D. You mayde sure its not just
disabled?

I have VT-x ,but not VT-d :
https://ark.intel.com/products/75460/Intel-Core-i7-4500U-Processor-4M-Cache-up-to-3_00-GHz

Write "lscpu" in your dom0 terminal, and find the CPU processor name.
Then you can yourself, or put the name here and we can do it for you,
quickly check if your CPU supports VT-D or not.

Thank you. Output is the above CPU.

Qubes 4 is much more strict towards missing hardware support than
Qubes 3.2. Specifically the security/privacy hardware support
features. Qubes is meant to be about security, by making it only
install on security enabling hardware, falls within reasonable so that
no one install Qubes on unsafe hardware, and thereby falsely believe
to be "safe".

A very solid point. A mere mention of the implications should suffice in my book, then the choice could be mine and my choice to compromise, evaluating the risk involved. Then I would not think to be 100% safe, but actually be safer than running a non qubes-OS.

The most dangerous kind of lack of security around, is ironically not
technical of nature. The most dangerous one, is the attitude, or
belief, that you're safe, when you in fact are not. Think of it like
ancient humans sleeping on the havana, and lions sneak around in the
grass. Because you're not on watch, i.e. build a house or barricaded a
cave entrance, then you'll likely die pretty darn fast. The same
applies to Qubes, this move, in my view, is the developers kindly
pushing us all to buy VT-D (and similar) security enabling hardware.

And that is a really good idea. Nudging works, but pushing works better ;) I believe that I'm never truly safe, but only "safer" using Qubes, than if running another setup. Being a 100% safe is utopia in my book. Just want to go as far as my brain and hardware takes me. Apparently that is not far enough in version 4's case.

However, you can probably still install Qubes 3.3 and sleep on the
hanava just fine. The type of attacks that affect you, are rare
enough, to justify Qubes 3.2. on a no VT-D (or similar tech) machine.
And it's more likely to work on a non VT-D machine, than Qubes 4 which
require VT-D instead of just recommending it.

I'm waiting for my new notebook that has actual VT-d support(https://ark.intel.com/products/88194), so it seems that my pre-training on version 4 collapsed with the above setup :)

Also Qubes 3.2. should be updated for a while yet,
https://www.qubes-os.org/news/2016/09/02/4-0-minimum-requirements-3-2-extended-support/`

thank you very much for your time and feedback.

Sincerely
Max

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d0a2ff4a1312b0dbd98b2c0a42d93a82%40militant.dk.
For more options, visit https://groups.google.com/d/optout.

Reply via email to