On Wed, Aug 12, 2020 at 07:23:27AM -0700, [email protected] wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Hello guys, I would like to suggest a few changes and while you may not > have them in qubes by default, I ask you to give an option to the users > such that they be able to make it easily. > > With GUI VM coming in 4.1, I request you to have linux-libre in dom0. > Linux-libre for every template by default would be even better and > certainly my choice. (atleast Freedora instead of Fedora). KDE instead of > XFCE would be a better default option since it provides a better UI. It > provides a premium feel and is a level above XFCE. Shifting focus to GNU > recommended OSes like Hyperbola, Parabola, Guix is also a step ahead in my > view. > > I state this because GNU has also had an aim to make a completely free > software to be used on a computer. While they approach with security by > correctness and by actively trying to demotivate nonfree software, I feel > they might not get to the end. Also, they don't make it difficult for the > user to install a problematic software by mistake like Qubes does. If Qubes > combines such OSes (especially recommend Hyperbola, they are highly > critical of any contaminating packages) with it own security by > compartmentalization, it will be a step ahead. > > Thanking you > Sagar Acharya > > P.S. I dream of having a stateless computer (Joanna 2015) with > libreboot+Qubes having HyperbolaBSD in dom0 and Parabola, Guix and > Hyperbola as available template VMs, with plasma as a DE. That would be > ideal and a nightmare for malicious crackers. > -----BEGIN PGP SIGNATURE----- > > iQGzBAEBCAAdFiEEeMyXyyr6L/PtWnZUnZv6jjOfaEIFAl8z+voACgkQnZv6jjOf > aEJqFwv9Eb8RioP2sHOp91g2AtNxCRXcs88HvrJYwCBJWPuQBqAax+yWIcgB24F0 > bmYsHewPWPYzguOVZ565C1ma1PbmAjUi0UYriv4ddstEbWpKnX6I2VtfsTeCpP9s > j3NtDBXtbQXEAY+10soubiNm/CjLNNaCYidgkubnOXaXHAIgUukIchINA/Zxp/dz > aw8VNapGzoayCFDATiz8rJXYCI4eGe3mRngjAcsXVNwPoxPVnUlMlGAf8RzRUXle > /dsczJvk6jgyQoYETWgntfqG+er0dZm6D3whN4rVxqtqxO+9SR1rwi5Fi5Ly4AS3 > yEeWo7fum7x6stJnp1N5CnQENN0heqev2qEcsvMniq1MRuGnKit4AmP8H2mVSwtm > Oor2W6vZCivMB4dPkoeSBZ+zjjkPQwb5x3ljBoa3465BGeXnAGxblfW3RFM50Ml7 > yQsxN3G1FsrGOcwz5GpdSzDCm7sMF/0P77VYBqtTgBEkSvOI/gWLEIeIHWzi7oAT > enJPiihw > =61lG > -----END PGP SIGNATURE----- >
Nothing like reading someone's personal preferences. Unfortunately linux-libre is not something I could endorse - removing the tests and warnings about known CPU vulnerabilities, on the spurious ground that a user might just want to install microcode to enhance their security, makes it unfit for a security focussed distro. The same applies to libreboot, which has the added incoherence of advocating updating EC firmware, while blocking CPU microcode. As to the rest, I support KDE because it allows users to more easily control the Qubes Menu - a major pain point for many - and provides Activities, which meld perfectly with the use of Qubes security domains. The OS you recommend are interesting, but Qubes has to be as usable as possible with a wide reach, and I'm afraid a focus on free software alone wont help there. It would be simple to incorporate those OS into Qubes as templates, (with extra work for a BSD hyperbola), but what would be the benefit for most users, who need non-free blobs to get their machines working? Don't let me put you off: it's a worthy aim, and will hit a small set of users. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200813140334.GA9446%40thirdeyesecurity.org.
