On Tuesday, March 6, 2018 at 12:23:10 AM UTC-5, Yuraeitha wrote: > On Tuesday, March 6, 2018 at 5:24:50 AM UTC+1, sevas wrote: > > Thank you both for this enlightening talk, and especially Yuraeitha for > > such a lengthy researched opinion! > > > > We speak of stability. Stability and vulnerability go hand in hand, dont > > they? > > > > I love the kde plasma desktop and I would like to have it. But it looks > > like a complicated GUI that probably is not as secure as something more > > simple. But again, the non-root GUI is not going to connect to the > > internet. > > > > My previous feelings were to use one template for internet access and one > > for background/desktop/personal use. But that may not be needed since > > applications available in a template are not necessarily used in the appVM. > > Is that correct or would there be some data leak? > > > > XFCE is something I havent used in a long time, but I will surely look into > > my customization techniques before I make a big move. > > About the stability going hand in hand with vulnerability, I view it the same > way too, though it's not always the case if it isn't possible to exploit it, > which also isn't always possible too. > > Qubes once used KDE btw, you can find the discussion that made the change > from KDE to XFCE5 here https://github.com/QubesOS/qubes-issues/issues/2119 > Some of these issues I believe have changed though, what is perceived as > "ugly" was back then a bit of an unlucky controversial statement due to > different subjective opinions and it caused a bit of a stir in the KDE > community. But I believe KDE also corrected some of those issues since then? > > It's a good idea to keep your critical offline app's and data in an offline > VM btw, keep doing that. You can also find multiple of official Qubes > recommendations suggesting this offline AppVM move. For example the Split GPG > guide in the Qubes doc's recommend this approach in order to keep your GPG > keys more secure from being hacked. For example if only one application makes > an outgoing opening in the firewall in the AppVM, then data in that AppVM > might be opened to risk through exploits and attacks to that established > connection. I have about 15-17 AppVM's which I use, not including the ones I > don't use or templates, and I'm probably a light AppVM user compared to the > more extreme ones. If it seems overwhelming though, try start with a set > smaller number of VM's, then as you get used to it, try expand with a couple > of VM's at a time. Think about what it adds to security or practical > use-cases, and keep reviewing your VM layout :) > > I believe there should be no issue switching between XFCE4 and KDE though, > since the guide to KDE doesn't mention deleting XFCE4, just disabling it (at > least it didn't at the time I read it). So presumably you should be able to > switch between them with 2-3 commands in the tty terminal. You mihgt want to > double-check that though, for example can you keep switching between them > multiple of times without causing any harm to the system?
Correct. I have had both on and functioned fine. For secuirty I see little difference other than maybe the amount of code. The more code ,all things being equal, the more possible holes errors surface area to attack. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5a9babef-ccf3-44d9-89f5-4b4b3640e745%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
