Yuraeitha skrev den 22.11.2017 20:27: snip---
I can see from your screenshot that you're trying to install Qubes 4, and you commented that you have no VT-D. You mayde sure its not just disabled?
I have VT-x ,but not VT-d : https://ark.intel.com/products/75460/Intel-Core-i7-4500U-Processor-4M-Cache-up-to-3_00-GHz
Write "lscpu" in your dom0 terminal, and find the CPU processor name. Then you can yourself, or put the name here and we can do it for you, quickly check if your CPU supports VT-D or not.
Thank you. Output is the above CPU.
Qubes 4 is much more strict towards missing hardware support than Qubes 3.2. Specifically the security/privacy hardware support features. Qubes is meant to be about security, by making it only install on security enabling hardware, falls within reasonable so that no one install Qubes on unsafe hardware, and thereby falsely believe to be "safe".
A very solid point. A mere mention of the implications should suffice in my book, then the choice could be mine and my choice to compromise, evaluating the risk involved. Then I would not think to be 100% safe, but actually be safer than running a non qubes-OS.
The most dangerous kind of lack of security around, is ironically not technical of nature. The most dangerous one, is the attitude, or belief, that you're safe, when you in fact are not. Think of it like ancient humans sleeping on the havana, and lions sneak around in the grass. Because you're not on watch, i.e. build a house or barricaded a cave entrance, then you'll likely die pretty darn fast. The same applies to Qubes, this move, in my view, is the developers kindly pushing us all to buy VT-D (and similar) security enabling hardware.
And that is a really good idea. Nudging works, but pushing works better ;) I believe that I'm never truly safe, but only "safer" using Qubes, than if running another setup. Being a 100% safe is utopia in my book. Just want to go as far as my brain and hardware takes me. Apparently that is not far enough in version 4's case.
However, you can probably still install Qubes 3.3 and sleep on the hanava just fine. The type of attacks that affect you, are rare enough, to justify Qubes 3.2. on a no VT-D (or similar tech) machine. And it's more likely to work on a non VT-D machine, than Qubes 4 which require VT-D instead of just recommending it.
I'm waiting for my new notebook that has actual VT-d support(https://ark.intel.com/products/88194), so it seems that my pre-training on version 4 collapsed with the above setup :)
Also Qubes 3.2. should be updated for a while yet, https://www.qubes-os.org/news/2016/09/02/4-0-minimum-requirements-3-2-extended-support/`
thank you very much for your time and feedback. Sincerely Max -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d0a2ff4a1312b0dbd98b2c0a42d93a82%40militant.dk. For more options, visit https://groups.google.com/d/optout.