[qubes-users] Chrome update fixes "you're always logged out" bug
Hi, all: A chrome update came out today, and looks like it finally carries the fix for the annoying "you're always logged out of everything at the start of each session" bug: https://bugs.chromium.org/p/chromium/issues/detail?id=631171 The version of chrome you need is 55.0.2883.75. This should certainly make for a much more pleasant experience. -K -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20161203021653.GB2925%40gmail.com. For more options, visit https://groups.google.com/d/optout. signature.asc Description: PGP signature
[qubes-users] Re: anyone luck mounting an iphone 7?
On Wednesday, November 30, 2016 at 10:46:46 PM UTC-5, raah...@gmail.com wrote: > http://www.libimobiledevice.org/ according to here not listed. > > is there any other ways to mount it? or transfer files to a qubes machine? well finally got it working. Not sure what did it exactly. But had to clone a debian template and use unstable for the sys-usb. installing libimobiledevice6 update libimobiledevice-utils ifuse usbmuxdand I'm not sure what else unfortunately. packages are listed here I used also http://askubuntu.com/questions/812006/how-can-i-mount-my-iphone-6s-on-ubuntu-16-04 I used the command idevicepair pair. But Ifuse still refused to mount to manually created directory /media/iphone with chmod 777. so not sure if ifuse is really needed. but it works in the file manager. only after I installed pcmanfm first and w/e that pulls in. I now get a DCIM directory that contains the pics and videos, music of the iphone7 so this seems to be good enough. and it also works in default file manager now as well. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b2206446-83ad-4067-869d-aea77e83f6ba%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] console window manager
On 12/03/2016 02:50 AM, Marek Marczykowski-Górecki wrote: And additional question, how to get the new created window ID from qvm-run ? For KDE, there's kstart. For Xfce4, you'd have to install something, e.g., devilspie2. I believe that some other tool available that work with Xfce4. And it's already available at dom0. When this user wrote about it then I check and it was there (at dom0 already installeted) Oh, really? I would be interested in using that, as well. Please let me know if you find it. :) Is that about wmctl or xdotool? Yes, wmctrl :) thanks :) It can show all windows `wmctrl 0l`, but how to get id of last window opened with qvm-run to move it then to the specific desktop? Looks like very old tool, but hope it work. xdotool not pre-installed (maybe it's better?) -- Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ba6ab3be-3be6-427e-b80e-cac6bb73e5fb%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: [qubes-devel] Re: Announcement: Qubes OS Begins Commercialization and Community Funding Efforts
On Friday, December 2, 2016 at 6:55:18 PM UTC-5, pixel fairy wrote: > On Friday, December 2, 2016 at 6:13:35 PM UTC-5, Andrew David Wong wrote: > > > > So that's what I'm thinking, maybe it would be good for the > > > "evangelization" of Qubes to make some very simple, brief, and > > > to-the-point videos and howto's? > > > > > > > Yes, certainly. Would you be willing to help us with that? :) > > theres already a nice one in english linked from the front page of the > qubes-os site. and one in french. now we just need more languages covered. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4ae12034-1b34-4f09-9aed-ed14390c354a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: [qubes-devel] Re: Announcement: Qubes OS Begins Commercialization and Community Funding Efforts
On Friday, December 2, 2016 at 6:13:35 PM UTC-5, Andrew David Wong wrote: > > So that's what I'm thinking, maybe it would be good for the > > "evangelization" of Qubes to make some very simple, brief, and to-the-point > > videos and howto's? > > > > Yes, certainly. Would you be willing to help us with that? :) theres already a nice one in english linked from the front page of the qubes-os site. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/86c774c0-ed7b-4062-b9dc-5cd06f09f4b0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] console window manager
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Fri, Dec 02, 2016 at 03:44:35PM -0800, Andrew David Wong wrote: > On 12/02/16 15:32, Eva Star wrote: > > On 12/03/2016 02:10 AM, Andrew David Wong wrote: > > > >>> And additional question, how to get the new created window ID from > >>> qvm-run ? > >>> > >>> > >> For KDE, there's kstart. For Xfce4, you'd have to install something, e.g., > >> devilspie2. > >> > > I believe that some other tool available that work with Xfce4. And it's > > already available at dom0. When this user wrote about it then I check and > > it was there (at dom0 already installeted) > > > > Oh, really? I would be interested in using that, as well. Please let me know > if you find it. :) Is that about wmctl or xdotool? - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJYQgjIAAoJENuP0xzK19csZJwH/3Ee6LLlWi0hcST1iPLB20hc BGNlQNFswqzV0HNn+1Q7vGZhZ0LFnP+sdoWs3mPLIkygQKwdTmfbFHw2m/b2T7K0 8rJ/37YuBBiDbJE4G3n+QjC3+6FAvQREnQOiakePgmo5ycpRDNjVnCgCS+HCZE0Z 3kVxhdzn2Wo4I7yNXQk05vj/UzXVVrlED/oELUWehUFsGNuFpDW+R3gYR2sGnX6O zLd2OeknphavfbisR9XMPZrmNi7G3eHj9UXiBSIJkwds85F905/3kvzWuYbRWocy awSItkHdRkjn4Hrh3YKflMx66Wf2KXY28RSDRPl3X5wIl4idn56lDv482l8xVHk= =aHpQ -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20161202235032.GX1145%40mail-itl. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] console window manager
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/02/16 15:32, Eva Star wrote: > On 12/03/2016 02:10 AM, Andrew David Wong wrote: > >>> And additional question, how to get the new created window ID from qvm-run ? >>> >>> >> For KDE, there's kstart. For Xfce4, you'd have to install something, e.g., >> devilspie2. >> > I believe that some other tool available that work with Xfce4. And it's > already available at dom0. When this user wrote about it then I check and it > was there (at dom0 already installeted) > Oh, really? I would be interested in using that, as well. Please let me know if you find it. :) - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYQgdeAAoJENtN07w5UDAwFg8P/jmfNC7Ve0epWVCUXEZcnCtz 2uhKPvDsDr/aKPrOd3nj2plJLlHNFZrJW8+oGopQh/nCfIVNqnX+OO+MgjjZBroN 5Cfv0TkrZtpxr4VNmQwK0ZZQfyfxMxhVT4ov2T8UJA2TFPTIwU1xHXjdPiIPOcFB RGn4UmB4Xe7kq5OZ1Z9iZx5FAB9bCPZA7Pl6+QesL/1LwRWk/fM2Vja8JW7tzkL0 djqSWtOvEEFKBUVnWTjV6uXELbKZXRU72K9GnkSRf1mp8qb0iEgi7MB/kRiKwq9D mp0zhGGFeHswdnqmY5RThxuVMaMqYLfnxzt0vpdFGcJgJsfgdjjGwRVLQhpUChjJ umQFG1DDf0dlZxfl7N1yuL7SxlSQ2AwOFWKjeDgeN9q9axW385qa3Sl/BFNG6CFc 5/Ue18N1NdPuLSuRkdUn3PK/axvuZHiYrThGv3W1+kTIqbjv+xZhnqCRG7qUcrkh PjYn6AXQ3jIradBd/nmEKNEQQQfgI15DH8p1w/481gtS+WQx9cAdguE3LKiEqeUd k8Y3mDFtsq+jjRol40ziGmrwIJCG2Zlmf+KLNmcfgaB2GdZ5iK87iFHtsmiwvaYd aYzoqti0TIN43LNaORDaz1Mi1YYNf5OfE0qsS3lA3bYCFpHp0ssAJwmIUlyBrwBr ZB9iqHGcRCipyPMExAyP =VZ05 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c7c35a45-294e-534d-764a-eca56f51856a%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] console window manager
On 12/03/2016 02:10 AM, Andrew David Wong wrote: And additional question, how to get the new created window ID from qvm-run ? For KDE, there's kstart. For Xfce4, you'd have to install something, e.g., devilspie2. I believe that some other tool available that work with Xfce4. And it's already available at dom0. When this user wrote about it then I check and it was there (at dom0 already installeted) -- Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7685ff3e-5040-9ef2-21fd-d0cdc32d0791%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: [qubes-devel] Re: Announcement: Qubes OS Begins Commercialization and Community Funding Efforts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/02/16 11:17, Kopimi Security wrote: > On Thursday, December 1, 2016 at 12:56:11 AM UTC+1, Andrew David Wong wrote: >> Unfortunately, the financial necessity of shifting our priorities to >> commercial >> clients will mean that we have less time to work on features that benefit the >> wider, security-minded open source community, which has been our focus for >> the >> past seven years. This deeply saddens us. (We all use Qubes on our personal >> computers too!) However, the reality is that ITL can't afford to sustain the >> open source development of Qubes for much longer. We're running out of time. >> >> In an attempt to keep the open source development of Qubes going, we've >> teamed >> up with Open Collective [07], which makes it easier to donate to the Qubes >> project. Now, in addition to our Bitcoin fund [08], we can also accept >> donations via credit card. ITL will not benefit from of any of the money >> donated >> through Open Collective. Instead, the funds will be paid directly to >> individual >> developers who have been hired to work on the open source edition of Qubes. > > I'm excited about this, and wish to support Qubes. > My first thoughts are "How can Qubes reach a broader community", and "Can the > HOWTO's be made more approachable?". > For example, the section 'assigning-devices' on the /doc/, didn't get into > how to actually use a mouse with a sys-usb qube, before at the very end. > And there, the way it was written gave the impression of giving the answer > almost as an afterthought, as if it should have been obvious to everybody. > As such, it reads as it was written by somebody "too close to the problem". > Somebody being so familiar with the system that outsiders' inability to grasp > the "obvious", escapes him. Or her. > This is not a unique issue for ITL though, the same problem pops up > everywhere when highly technical minded people try to convey something to > people who just wants to be *users*! > > So that's what I'm thinking, maybe it would be good for the "evangelization" > of Qubes to make some very simple, brief, and to-the-point videos and howto's? > Yes, certainly. Would you be willing to help us with that? :) - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYQgAXAAoJENtN07w5UDAw9cYP/1iv81S1ooD5g3nyqyXbJXHE mI//1hR4aK1lw1dn4vqssWUUoUN1yuNKcVsRFxXZsWchWYp5p6rFkAanB5muMxfv /kLUK/OwE/+Y0AqgZ8xlQfqfpemF7WgOkQNb8tCVZtFGu/sVykFb+oH+r5gu2zES PJQ3K2giK01xBCnP7JRlsO9/Ywq1KocEzHBSF1JcU7gwfWkuZLMJyAiVLpMxv9wK jqS2ywFEMxr44/33+1EFKE4YZeDVBjHkcK4jhaENZMRaDA3vXr3KIk9gPSzXf58/ /f0BgUvB2zO2BoCXiAUwethTVEjK9lQh7Wu3b0/e81pe4ioQBcW/jTCok7FyNfDu yItNm24iBf06pcHUAdX5ZiR0vkH+H9prtGKKA/WZDOzV7KST0Fm2a1yqfnxnMzi9 oVsMq4SJ5wKpc4jGwRK3kNcXHwdVeebEzqaKVH1CxeHQnkJzer7Zc6IgwHxI4Tmu ENEnIoiAhukCIvGr1gvw3xM2DxUb03M+M9WhvBc+NYc92x8h7i5fPHA9vTSuUz9f x8+IdIc/ohhKXCN7LC+Wxn5IUqQk+TVcCBeglmGK5cAsWyUEAM2IrBgcxYMyn4ff dkiUOBpRcPloBrtDCbsED8Uk6hi4/Eo7exsw0kRCw0V0ZSeLlV52HiUhEE+qA88w 7YmI9P0h3CmJJF4SVkXc =iLi5 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fa274aa4-0d34-b1ec-841a-78851275e68b%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] console window manager
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/02/16 12:29, Eva Star wrote: > On previous month some user ask question about console utility at dom0 to > move new windows to special virtual desktop. I loss this info :( > Unfortunately, it's impossible to find this utility. As I remember the name > have four-five chars :) > > And additional question, how to get the new created window ID from qvm-run ? > > For KDE, there's kstart. For Xfce4, you'd have to install something, e.g., devilspie2. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYQf9cAAoJENtN07w5UDAwYBEQAJf8fsPFuQVz22we+9h4YHzo 3WBV+Wiv4LZ/iQAXUgTWiv9PJVlAMPXRRQk0l7Kzoi8mM5JQMUScsP5oyUGPDKJY S7sCai0DFF/JZJdryBukFfWuHXDSxl8zs5erGILqy/cYQvkNJPhoaDpZUvnRLkLH m445xdzlUqdWj2rWGPmBepsKXQ7ZnQLH6YaVnJYggij0SxNuNqRLMjJuovBKoAAa kR/4OlxhtcJHrsy3c4M7zb8J+7Dh3oLmBjzawiDR9GJ5esfBBU9gXXu1GHF1xxY4 Je8q98uPZcM0xXWCY0znWeAyu4lb+UXhYsHJIKVTk+7L44dGxQMASBtv19zKyEZV NrypBUyCLqEW+zaFGktSMWOGgl00Pcqj2NibU7JO6zwQaMZCV+nw82ORyvM7CZKn F/rcE9/QDRjTi/t4fYO8voN6vfhBo7APWFvgS12Rciq+VFsBSRIZRryqOBuFd0LQ XQM5OeGFOZmORbisaqFed9z70HBs+OLMEAn/spHUZzpyqZT33sbNlAuKIfZJNnsc tYT0brMIwbED8pgpVjdETzhWhSdwb1F3qudZkYgp2mvFJQ5jkxujsC7wzCbFEFSU 9hMJYOrINjHDQrypZDHnaYdJbGZZobDDWUdE9f8mJBSIRtayG03WJXF8tBwhNr/N xqFLvBc20Y+kvwVBEj5y =OKgw -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2ba42be0-b7ed-bebf-65d8-0f1625817836%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] console window manager
On previous month some user ask question about console utility at dom0 to move new windows to special virtual desktop. I loss this info :( Unfortunately, it's impossible to find this utility. As I remember the name have four-five chars :) And additional question, how to get the new created window ID from qvm-run ? -- Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/be9308c7-2d27-b4eb-4ec5-d9c9af880956%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Announcement: Qubes OS Begins Commercialization and Community Funding Efforts
On Thursday, December 1, 2016 at 12:56:11 AM UTC+1, Andrew David Wong wrote: > Unfortunately, the financial necessity of shifting our priorities to > commercial > clients will mean that we have less time to work on features that benefit the > wider, security-minded open source community, which has been our focus for the > past seven years. This deeply saddens us. (We all use Qubes on our personal > computers too!) However, the reality is that ITL can't afford to sustain the > open source development of Qubes for much longer. We're running out of time. > > In an attempt to keep the open source development of Qubes going, we've teamed > up with Open Collective [07], which makes it easier to donate to the Qubes > project. Now, in addition to our Bitcoin fund [08], we can also accept > donations via credit card. ITL will not benefit from of any of the money > donated > through Open Collective. Instead, the funds will be paid directly to > individual > developers who have been hired to work on the open source edition of Qubes. I'm excited about this, and wish to support Qubes. My first thoughts are "How can Qubes reach a broader community", and "Can the HOWTO's be made more approachable?". For example, the section 'assigning-devices' on the /doc/, didn't get into how to actually use a mouse with a sys-usb qube, before at the very end. And there, the way it was written gave the impression of giving the answer almost as an afterthought, as if it should have been obvious to everybody. As such, it reads as it was written by somebody "too close to the problem". Somebody being so familiar with the system that outsiders' inability to grasp the "obvious", escapes him. Or her. This is not a unique issue for ITL though, the same problem pops up everywhere when highly technical minded people try to convey something to people who just wants to be *users*! So that's what I'm thinking, maybe it would be good for the "evangelization" of Qubes to make some very simple, brief, and to-the-point videos and howto's? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bae42017-164b-4bf3-93b4-373a6ea4c00f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Yubikeys in Qubes
On 12/01/2016 04:37 PM, Marek Marczykowski-Górecki wrote: > The tool run by qvm-usb does support alternative device identification > - using product and vendor ID. Also to specify which device to attach. > This isn't exposed by qvm-usb tool, because it may be ambiguous, but may > be useful here. See README for more details: > https://github.com/QubesOS/qubes-app-linux-usb-proxy > I acknowledge that your solution is better in some aspect: it exists and > works :) It seems, from my brief testing, that all Yubikeys of the same version have the same product and vendor ids. That still might be preferable to grepping for "Yubikey" though. > Is communication with YubiKey encrypted, or at least somehow > authenticated? Otherwise malicious USB VM could easily perform some kind > of man in the middle attack and for example sign document you really > didn't want to sign. Or decrypt arbitrary data. It's possible even when > physical confirmation (button) is required - by simply waiting until you > perform *some* operation. It is authenticated, but unfortunately I don't think in a secure way. When you use any OpenPGP smart card you have to set a PIN to use it, and you have to authenticate with the smart card using the PIN. In the case of Yubikeys, you type the PIN using the gpg pinentry program (some smart card readers have physical keypads to type the PIN, so software keyloggers on the computer can't steal the PIN). But I'm pretty sure that the PIN you type in, in plaintext, gets sent to the Yubikey, so your usbvm could probably log the PIN the very first time you use your smart card, and then use it as much as it wants after that without you knowing. Also, I'm pretty sure none of the communication is encrypted. To decrypt a message on a smart card, you send the ciphertext (and a PIN, if it isn't cached) to the smart card, and it decrypts it responds with the plaintext. So likely, the usbvm could spy on the plaintext of decrypted messages. Unfortunately Yubikeys don't support pressing the physical button for secret key operations. Those are preserved for 2FA and static passwords. > This is general problem with USB devices, which are hard to solve with > the current USB infrastructure (USB VM can do anything with any device > connected to it). Without some fundamental USB rework - probably at > hardware layer, I think the only alternative is protecting the data at > individual device protocol level (like you do with encrypted USB sticks > for example). Sad, but reality. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6c322b41-e60f-d577-d15d-6cf7884ee8cf%40micahflee.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Yubikeys in Qubes
On 12/01/2016 05:14 PM, Chris Laprise wrote: > What is an acceptable / secure way to obtain a Yubikey fob? Unfortunately it's kind of hard to find Yubikeys in retail stores. You might check here to see if you can find one close to you: https://www.yubico.com/store/resellers/ Otherwise, you kind of have to order them online. It might make sense to have one person do a single bulk order and pay for the fastest shipping (to reduce the window for interdiction), and then distribute them to in person to friends who want them. But of course it's not perfect. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2cda7f76-87c2-a192-c59c-dcd3f68a8837%40micahflee.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] TemplateVM Best-Practices?
On 12/01/2016 10:32 PM, Chris Laprise wrote: > One precaution I usually follow is not putting development tools like > compilers in systems that are meant for non-development use. That is the reason it is separated right now :) But in case of the actual Devel AppVM is network enabled (it is in my case) so an attacker free to download any shit - including the missing compilers. So it is only a very thin layer of added security - if any. In contrast I have a huge the upgrade and backup overhead. > If I were to merge any of those categories you listed, it would be Work and > Regular. In my case the work VM contains real work related apps that is only for internal use, coming from an internal repo. So it is no way to mix with any of my other templates. -- Zrubi -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cff51c52-65f3-0555-53cd-334739dfc403%40zrubi.hu. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
[qubes-users] Re: Yubikeys in Qubes
fredag 2. desember 2016 17.19.29 UTC+1 skrev Grzesiek Chodzicki følgende: > W dniu piątek, 2 grudnia 2016 10:57:48 UTC+1 użytkownik > You can use mouse attached to the usb-vm which has usb input proxy installed > to avoid switching devices around. Thank you very much Mr. Chodzicki, that was enough to push me in the right direction and hunt down the instructions here: https://github.com/QubesOS/qubes-app-linux-input-proxy I worked my way through it from the section "Manual usage", starting at "Alternatively you can allow USB VM to initiate the connection whenever you attach your device. For that you need to ..." Works like a charm, now I even have two mice attached! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/78386de6-c016-469c-ac66-e5c4f5c070e2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Yubikeys in Qubes
W dniu piątek, 2 grudnia 2016 10:57:48 UTC+1 użytkownik vegard_p...@fastmail.fm napisał: > fredag 2. desember 2016 00.54.55 UTC+1 skrev Micah Lee følgende: > > I just wrote a quick blog post about using Yubikeys in Qubes. > > Specifically, I wanted to share a script that will use qvm-usb to attach > > your Yubikey to your gpgvm no matter what USB port you plug it into. > > Thank you very much for this, Micah, it great to see usability scripts for > Qubes popping up! > > That said, I tested this and it turns out one needs to have a USB Qube set up > (aka USB-VM, sys-usb). > I followed the receipe here: https://www.qubes-os.org/doc/usb/ . > > My problem now is that I have a single PS/2 port, and have to switch between > using either a PS/2 mouse or a PS/2 keyboard, by plugging and unplugging the > connector. > > Is there a simple way to completely disable the USB-Qube? > The command: "qubesctl top.disable qvm.sys-usb" in dom0 doesn't do much. > And rebooting the Qubes OS causes system hang; it does not boot anymore. > > Currently I have taken out my SSD-disk and mounted it on a different machine, > by: > --- > su - > cryptsetup luksOpen /dev/sdb2 sdb2_crypt > lvchange -a y qubes_dom0 > mount /dev/qubes_dom0/root /mnt/qubes_rescue > --- You can use mouse attached to the usb-vm which has usb input proxy installed to avoid switching devices around. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0b9e6665-d999-4cfe-86e8-40ebc310bb4d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Any plans for a CCC meeting?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Fri, Dec 02, 2016 at 01:10:02AM +, Manuel Amador (Rudd-O) wrote: > I have a couple friends who are huge fans of Qubes OS and they are going > to CCC. Since they are not subbed to this list, I'd love to know if > there's a meeting of Qubes OS devs and users planned for CCC, so I can > tell them and they can go. > > Any plans? Not exactly a plan, but there will be Qubes OS assembly, a subassembly of Secure Desktops[1]. It should be easy to find us there. At least Wojtek, Michael and me will be there, so come and talk! [1] https://events.ccc.de/congress/2016/wiki/Assembly:Secure_Desktops - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJYQWyOAAoJENuP0xzK19cssBIIAIslLjEmXUzE/Jms4OIC17GT 6LJK1SkiFjVCDoqRaP5nhfT8Zos+kQAoztEEbP+dv/pWJibPJofrQF6eJHE9AuPm fxK0ZgfYJmA9NQ08IR8cxl/cn7uvpdNdaP+QizmG1G0oLafrWbgiRbrObSh+/lIH IaMf1PlyHjmr+40x5DisacZDBGjI029n+k53Ifi92/mP06N0f5/Qr0VXBefUoBKm q00zlFJihIo/ErIDkcJyKJnK8zlB35JOMV+/hLtEFzpKg8Dsp6d2Xr5g4bbzOy2w 1msuZ8iEsGTPC1tWdqPoPR2bR0SEwokVLXY9nAf/dW9pcBvwlWBxN5EO7IYTCjA= =LwWO -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20161202124358.GU1145%40mail-itl. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: TemplateVM Best-Practices?
On 12/02/2016 12:29 AM, Chris Laprise wrote: Exceptions to this routine may emerge out of necessity. For example, it generally isn't a good idea to add new software to Whonix templates. Some also feel that service VMs like sys-net and sys-firewall should be run with a minimal template without regular apps present... this makes them more like router installations and theoretically more secure. Is there other advantages of using minimal template for sys-net etc. ? Maybe fast boot? Less memory usage? What size of minimal template? -- Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/41101f8f-f9fb-c20a-1a8a-9d4947c8f4e4%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] fedora-24-minimal and WiFi: Shows network, but does not connect
Am 12/01/2016 um 11:07 PM schrieb Andrew David Wong: > Are you sure it's a missing package? I pretty sure I installed only those > packages and haven't run into that issue. > > Does it work correctly if you try switching to the full template? > > As said before using the full template in the same VM works. Further testing showed that WPA Enterprise seems to be supported (not my network, but i am asked for authentication details) but not unknown WPA with a pre-shared key. An already configured WP2 PSK works and open networks are working, too. nm-applet Stderror revals that libnotify cannot connect to a proxy -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6b2609bf-c51b-b33a-1c6d-fce90a231a8a%40digitrace.de. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
[qubes-users] Re: Yubikeys in Qubes
fredag 2. desember 2016 00.54.55 UTC+1 skrev Micah Lee følgende: > I just wrote a quick blog post about using Yubikeys in Qubes. > Specifically, I wanted to share a script that will use qvm-usb to attach > your Yubikey to your gpgvm no matter what USB port you plug it into. Thank you very much for this, Micah, it great to see usability scripts for Qubes popping up! That said, I tested this and it turns out one needs to have a USB Qube set up (aka USB-VM, sys-usb). I followed the receipe here: https://www.qubes-os.org/doc/usb/ . My problem now is that I have a single PS/2 port, and have to switch between using either a PS/2 mouse or a PS/2 keyboard, by plugging and unplugging the connector. Is there a simple way to completely disable the USB-Qube? The command: "qubesctl top.disable qvm.sys-usb" in dom0 doesn't do much. And rebooting the Qubes OS causes system hang; it does not boot anymore. Currently I have taken out my SSD-disk and mounted it on a different machine, by: --- su - cryptsetup luksOpen /dev/sdb2 sdb2_crypt lvchange -a y qubes_dom0 mount /dev/qubes_dom0/root /mnt/qubes_rescue --- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a455286d-9ab4-44a2-992d-0f2178488404%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
