Re: [qubes-users] important question about whonix gw/ws
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-03-15 21:04, joshuamennunipacass...@gmail.com wrote: > Someone could tell me why in the default qubes VM manager don't > tourn on whomix ws and whonix gw? I mean only sys whonix is tourned > on so could be a security tread? Should I tourn in those 2 whonix > gw and whonix ws? Or I have to let them off? So sorry about my > question I'm not expert. From what I read the gw and the ws are > either essentials for the whonix environment. > > Someone could tel pleas to me why both the gw and the ws they are > tourned off by default? Touring on those two will the security been > encreased? Or I have to left them off and use only the sys whonix? > Confusion > > (Sorry about English) > whonix-ws and whonix-gw are TemplateVMs. They don't need to be on unless you're updating them or installing software in them: https://www.qubes-os.org/doc/templates/ https://www.qubes-os.org/doc/whonix/ - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYyhSjAAoJENtN07w5UDAwZHMP/A0orptPobNc5ujm+zMVPP9x c+g0QVis7355ABs6d3LF0a9NXcldccFdJ51iNFRvB9oTGzBrPQ4NBO/iOEvMnJHX qeQ/U3ZcgeytjeAaZSkCY9oODVsgTt29RRbN2RDo8u9bdW419i5QBjfmw7FZKaei Zq3jPqoRqbkxgL7x4TG2ATHGRbUtVDO5B5V3eXDjyjlNPrPaeAPO2kJ4fBieU82w 6hkiqNZq7kMok16FwJgejk/SSGSNDdBwAspoXjaxiiYkoVkEmDCUjAJc0cRKnAks 9xgUVOb6neKG/egat6gOL590pF1V6L1squ4u2FuzwXTnSnOGADFa+Y9g+1MVOo8C 0VFlMGZf1zT0dUcW22PTDeSFlYzZzRMHcbGkM2fYTmfvk714pZYwtTPyZX/JtSb7 pUxIFjDaUpmygJpGNPQPhuhsI7nau9Tl/0DBq8Q/pDE//Le55BP6IHmv2i0Kz+Xi wGWdB6F2Rkdme1N1RfERW69LTx5LgARTdyVfOc/OX/SJ9fRIJK+LstH0bUSFPQz+ bZMxwgIxNLfiWc1fPCSzAEJ2eQoc7fj0O22qzWvPaZ9+tKAb2//PY4IzFc41lzVv 1bCY4XvwZrAvYmbctiaA/Xh37unAEYLtOult5Ts02BC2FY3VIgKIJO3y5FXz5+L3 czJVmMOVcrd31hpSa5Lk =A+jC -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f264c93c-db70-d125-2892-d324ea2412b6%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] important question about whonix gw/ws
Someone could tell me why in the default qubes VM manager don't tourn on whomix ws and whonix gw? I mean only sys whonix is tourned on so could be a security tread? Should I tourn in those 2 whonix gw and whonix ws? Or I have to let them off? So sorry about my question I'm not expert. From what I read the gw and the ws are either essentials for the whonix environment. Someone could tel pleas to me why both the gw and the ws they are tourned off by default? Touring on those two will the security been encreased? Or I have to left them off and use only the sys whonix? Confusion (Sorry about English) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/813a44da-abc3-44f7-bac3-d91a949e4f67%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Curious: https for yum repos
On Wed, Mar 15, 2017 at 03:39:04PM -0700, Andrew David Wong wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 2017-03-15 01:15, haaber wrote: > > Chris, > > > >> Fedora *unfortunately* is the blacksheep here. It doesn't sign a > >> repo file, therefore an attacker can hold back individual > >> packages withing what appears to the user as a stream of normal > >> update cycles. > > > > I read this as "fedora is less safe" since exposed to described > > attacks. Actually I never used it in my prequbes life, and I would > > still not if there were alternatives to fedora-minimal. > > > > Not sure I would read it that way. > > > So: Is there a debian-minimal available? > > The existing Debian template is already pretty minimal, so no > debian-minimal template has been created. > There is a debian-minimal available for build, of course. And the build is very straightforward. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170316013912.GD21254%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] changing private storage size don't work
On Tue, Mar 14, 2017 at 11:07:07PM +0100, evo wrote: > > > Am 14.03.2017 um 22:52 schrieb Holger Levsen: > > On Tue, Mar 14, 2017 at 10:50:05PM +0100, evo wrote: > >> there stands 500GB now (it was a mistake with a zero :D) and i don't > >> have more than 120GB. But the data on this VM is not more than 20GB. > >> So will it make any problems, if i have 500GB in the "max size"? > > > > create a new vm now, with 25gb private storage. copy those important 20gb > > over to that new vm, delete the 500gb vm. > > > > :) > > > > > > okok, it would be better :) I don't know if it's too late to save you some effort, but in fact it really doesn't matter - all you have done is reserved space for that 500GB - if you don't use it then the disk file will remain small. You can see this by looking at the files in dom0: look in /var/lib/qubes/appvms ls -lsSh will show you the true size of the files - you'll see that there's a considerable difference, so you can safely leave your 500GB file as is.(Unless you think that you might just keep writing to it until you fill the 120GB without realising, in which case you should protect yourself from foolishness by acting now.) unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170316013355.GC21254%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Cannot load graphical installer
I am trying to install Qubes, but cannot seem to get the graphical installer to launch; it always wants to fall back to the text installer. Unfortunately, there seems to be a bug with the text installer that prevents it from prompting for an encryption key, thereby breaking the entire installation. Any help on this would be very much appreciated. I apologize in advance if this seems immediately obvious, for I am still new to this. Sincerely, Khang Truong -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CY1PR0101MB14972BC868F6D461545B9FC895260%40CY1PR0101MB1497.prod.exchangelabs.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to set dns in sys-net
On Wed, Mar 15, 2017 at 01:05:02PM -0400, eldor...@riseup.net wrote: > I want to set dns in sys-net . > After installing dnscrypt-proxy in sys-net template i have access to > internet in sys-net > via new dns address with these commands. > "sudo dnscrypt-proxy --daemonize --syslog -R dnscrypt.eu-nl -a 127.0.0.2:53" > "dig txt opendns.com" > and dig command shows me i have access to new dns address(127.0.0.2:53). > > but sys-firewall doesn't have access to internet. > How can i fix this? Do you really mean that sys-firewall and qubes below doesn't have access to internet? Or do you mean that you have broken DNS resolution? You could easily check this by accessing a site by IP address rather than by name from sys-firewall. Usually, the NAT table rules in sys-net route DNS traffic outbound to the dns servers set on sys-net (e.g. those given out by DHCP.) While dnscrypt-proxy is running, look at the iptables rules in the NAT and filter chains and see what is happening. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170316010731.GB21254%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] feature idea: creat trusted office document
On Tue, Mar 14, 2017 at 10:39:34PM +0100, cubit wrote: > What would be possibility of getting a file manager context menu item to > create trusted office document like we have for PDF and img currently. > > I think make the document its self safe is hard while keeping the file type > but maybe "convert to trusted pdf" would be usable solution? > I tend to use tools like catdoc and docx2txt to extract text. You could, I suppose convert to RTF format, although I dont know if that is substantially more trusted. If you want to try converting to trusted pdf, you could insert this in to /usr/lib/qpdf-convert-server: you'll need to have libreofice installed in the relevant template. Below the lines: # Get the original (untrusted) PDF file... cat > $INPUT_FILE INSERT: if [[ $(mimetype $INPUT_FILE) == *msword ]]; then loffice --headless --convert-to pdf --outdir /tmp $INPUT_FILE &>/dev/null cd /tmp INPUT_FILE="/tmp/$(basename $INPUT_FILE )".pdf fi Make this change in the template you use for disposableVMs. use qvm-create-default-dvm to rebuild your DVMTemplate Now you should be able to convert msword files to PDF just as you convert PDFs. All it's doing is converting doc to PDF via libreoffice and then processing that PDF as normal - all in the disposableVM Using the mimetype isn't good, and you'll need to extend that to other forms for more recent formats, but it's a quick hack that works.(I think) It occurs to me that you could use the same trick for all sorts of "trusted pdf" conversions. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170316005304.GA21254%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Feature request: "HDD Airbag" analog
i see. well, at least helping info on how one can implement this. the idea is not only to have one device for multiple tasks. large SSDs are still not so affordable. regarding practical scenarios for things like 2x2 TB HDDs: local Wikipedia dump. or/and huge Squid cache. imo, it is better to use local storage than online, even if TOR is used. local KBs like Wikipedia means almost 100% no one can trace what user researching and for how long, assuming HW and system has no backdoors to net ofrourse. low security settings of many TOR nodes turning TOR usage into a joke, not mention other known attacks. i recall news article about 3 or more governments pursuing readers of wikileaks. imo its impossible for observer to determine which articles person is reading and when (on airgaped PC), by only having fact of person's monthly wikipedia dump downloads (few hundred of gigabytes in compressed state). by observer right now i mean nonhuman software observers, active 24/7/366, having access to ISP traffic and possibly to target KB server via backdoors. of course this is more like anonymity than security matter. On 16/03/2017 03:39, Andrew David Wong wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-03-15 13:11, thinkpad user wrote: Feature request: "HDD Airbag" analog overview: https://support.lenovo.com/nl/en/solutions/ht003517 list of supported devices: http://support.lenovo.com/nl/en/downloads/ds015000 is it possible to add this feature to Qubes? or atleast provide some interface to poweroff/park HDD? yes, Qubes requires SSD for good operation, but imo most users like to have SSD + large HDD for media or other content. i believe qubes can be really friendly for not so geeky user, by having such features or atleast providing support so user could write such soft. Realistically, the probability of Qubes implementing this is approximately zero, IMHO. (Not Qubes-specific, not security-critical, already not enough time/resources to pursue actual Qubes goals, missing expertise, world moving away from HDDs, etc.) It should be implemented somewhere upstream, if anywhere. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYydC5AAoJENtN07w5UDAw+D4QAIUQouwKMye7CeIuUeW9VGpY CGLCJuvVTBIdAYugZ/EuA6zojz0p0/xMmZEvLcTwrabf9Mbw5IrtotWcxVeZIjE/ n78nWfNp6Z4hrr3RdoUr4Go7svJ2WCkiPrzv2f6sC7LEwF3GEK1ZZIjAODOabFos yc9BwsovthNCvf+6eTnljMPVq0Om6jiCLX+PmDvxm8z1rFxRCOnFFWqKTUpmIHW5 k/Z9z6u89zoJ1IyT9I/x0XIJH2EpZTMbKFcQf/1m59UCcTBdckcDhdaYKdBHDXFn m2CW1knetBta3ubocd5rKn6DR6SwYFJWxa7ZPIwNs//7WT47qHZHu/2SsBukuI3F qZxThA1GHVbVKDXLYR49VAtQVRzzDbK6jjgZvwRLHilaGh41r6klX8Af019hHfRk eYEDK8ngkNosT+ZsgqhxDNOh+viEONOI0StCwKbUw+y7QRhzuadnD4V1dba4ece9 I360QOavzxR8c0ECnwP0ry2dI6TM+6+ru1UMsP0om37l86g/mxd3QBd/6XkIgbjI 2O7Gs8MMZOHkCjwIrZF0aukCrlSEIhOYMc627l941Gk36b8JSDGALgtpXgY5rk7i lXrve4aZd/TCAcnoHR3pEME3/iVuvJ0F4rvM29v35kLueC2PhCiyejTRFJI5TVIa BOVvACwZMHDCefLcivGt =70kE -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/650a89fe-353a-717a-6248-4952952cb50f%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Kicking the sudoers dead horse
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-03-14 19:04, 7v5w7go9ub0o wrote: > On 03/14/2017 06:08 AM, Andrew David Wong wrote: >> On 2017-03-12 15:09, 7v5w7go9ub0o wrote: >>> On 03/12/2017 12:45 PM, Andrew David Wong wrote: On 2017-03-11 19:41, Unman wrote: > On Sat, Mar 11, 2017 at 08:47:05PM -0500, Chris Laprise > wrote: >> On 03/11/2017 11:56 AM, Unman wrote: >>> On Sat, Mar 11, 2017 at 04:43:41PM +, sm8ax1 >>> wrote: 7v5w7go9ub0o: > Yep! And ISTM this is an argument for using dispvms > to handle mail (or any other WAN-exposed > client/server): start a dispvm; copy mail client > and mail "file" into it; do your mail; copy out and > save the updated mail file (which is text); flush > away the dispvm - all handled by a script(s). How do you figure that's less of a pain in the ass than typing a sudo password? >>> You're missing the point - that procedure is trivial to >>> set up in Qubes and addresses real security concerns. >>> Just putting a password on root access, or requiring >>> some dom0 interaction doesn't. >>> >>> This is important - security IS a pain in the ass. >>> Qubes can make it less so. >>> >> Yes, sm8ax1 got you there. :) >> >> DispVMs are nice to have when we think that certain >> operations carry threats. But its ridiculous to expect a >> typical user to do a majority of their tasks in them. >> > No, it isn't ridiculous to expect a typical user to work > in disposableVMs. I've set up a number of users with a > range of experience, and they are very comfortable with > this. If the implementation is kept hidden generally > speaking everything goes fine. Some scripting to make > things easier, and support is probably no greater than > usual ,except for "that funny copy thing". I've said this > before. > > Set up right I don't think that Qubes is outrageously > difficult to use, even with disposableVMs doing most of the > heavy lifting. But that's a separate issue. >>> >>> >>> Agree with all of this. Working in a DispVM (e.g. browser, or >>> mail) is the same experience as working in a VM. Only >>> difference is clicking a script to start it up; inform the >>> script of the DispVM to work in; and telling the script to >>> shutdown (copy updates) at the end - in my case by entering a >>> >>> >>> I'd be interested in hearing more about this (in a separate thread, perhaps). In particular, no one has, to my knowledge, attempted to rebut the arguments I advanced against the "doing everything in DispVMs" approach here: https://groups.google.com/d/msg/qubes-users/nDrOM7dzLNE/Kr5W3BUkcG4J >>> RATS! I missed that. >>> >>> Granted, that was almost two years ago, and some of the things I wrote there no longer apply. However, I still haven't seen a strong case made *in favor* of this approach to begin with. I would like to see one. >>> This is the first I've seen your 4/1/15 note - sorry - wish we >>> could have discussed it then. >> I also forwarded that message to you directly and invited you to >> have an offline discussion about it (shortly after receiving no >> reply from you on-list), but no worries. > > Dang! Sorry again!! > No big deal. :) > >> >>> You have the basic idea except for the vital point of what >>> happens at end of DispVM session (copying as few as possible >>> user files back to a VM or Vault). I take your point 4 on >>> space, and point 6 on RAM and CPU usage. >>> >>> I disagree on critical point 5. >>> >>> For example running a browser in a VM is indeed "more secure" >>> than running it in a VM because only specific updated files >>> (bookmarks - places.sqlite) are retained and copied back to the >>> vault at end of session; no other user-land files (and surprise >>> relics) are copied back; this is contrary to what is presumed >>> in that write up. If if the bookmarks weren't changed, simply >>> flush the DispVM away. >>> >>> Doing mail in a DispVM is also "more secure" for the same >>> reason - only specific updated files are retained at end of >>> session - no other user-land files (and relics) are copied back >>> to a VM. This is key, and why this is more secure. >>> >> I think I understand the setup now. I agree that this is >> technically more secure in the sense that your inter-session >> persistent attack surface is reduced (fewer persistent files; a >> greater number of files are "templatized"). However, it seems >> like a very minor security gain for a huge cost in initial setup >> and inconvenience (see below). > > >> Do you agree that the security gain is relatively minor, or do >> you have some reason to think that it is significant? > > Aha!! > > The key issue!! > > 1. Is the security gain very minor? (and is its huge cost in >
Re: [qubes-users] Feature request: "HDD Airbag" analog
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-03-15 13:11, thinkpad user wrote: > Feature request: "HDD Airbag" analog > > overview: https://support.lenovo.com/nl/en/solutions/ht003517 list > of supported devices: > http://support.lenovo.com/nl/en/downloads/ds015000 > > is it possible to add this feature to Qubes? or atleast provide > some interface to poweroff/park HDD? yes, Qubes requires SSD for > good operation, but imo most users like to have SSD + large HDD for > media or other content. i believe qubes can be really friendly for > not so geeky user, by having such features or atleast providing > support so user could write such soft. > Realistically, the probability of Qubes implementing this is approximately zero, IMHO. (Not Qubes-specific, not security-critical, already not enough time/resources to pursue actual Qubes goals, missing expertise, world moving away from HDDs, etc.) It should be implemented somewhere upstream, if anywhere. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYydC5AAoJENtN07w5UDAw+D4QAIUQouwKMye7CeIuUeW9VGpY CGLCJuvVTBIdAYugZ/EuA6zojz0p0/xMmZEvLcTwrabf9Mbw5IrtotWcxVeZIjE/ n78nWfNp6Z4hrr3RdoUr4Go7svJ2WCkiPrzv2f6sC7LEwF3GEK1ZZIjAODOabFos yc9BwsovthNCvf+6eTnljMPVq0Om6jiCLX+PmDvxm8z1rFxRCOnFFWqKTUpmIHW5 k/Z9z6u89zoJ1IyT9I/x0XIJH2EpZTMbKFcQf/1m59UCcTBdckcDhdaYKdBHDXFn m2CW1knetBta3ubocd5rKn6DR6SwYFJWxa7ZPIwNs//7WT47qHZHu/2SsBukuI3F qZxThA1GHVbVKDXLYR49VAtQVRzzDbK6jjgZvwRLHilaGh41r6klX8Af019hHfRk eYEDK8ngkNosT+ZsgqhxDNOh+viEONOI0StCwKbUw+y7QRhzuadnD4V1dba4ece9 I360QOavzxR8c0ECnwP0ry2dI6TM+6+ru1UMsP0om37l86g/mxd3QBd/6XkIgbjI 2O7Gs8MMZOHkCjwIrZF0aukCrlSEIhOYMc627l941Gk36b8JSDGALgtpXgY5rk7i lXrve4aZd/TCAcnoHR3pEME3/iVuvJ0F4rvM29v35kLueC2PhCiyejTRFJI5TVIa BOVvACwZMHDCefLcivGt =70kE -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4d7edb21-d575-3676-3918-08887e810c7f%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] feature idea: creat trusted office document
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-03-15 03:46, Jean-Philippe Ouellet wrote: > On Tue, Mar 14, 2017 at 7:44 PM, cubitwrote: >> - open dom0 terminal - get dom0 to open a disp terminal in the >> same dispVM as the disposable doc > > Ouch. I'd forgotten how annoying that could be. I have a script > [1] bound to a keyboard shortcut to open a terminal in the same VM > as the front-most window. Perhaps you might find it useful? > > [1]: > https://gist.github.com/jpouellet/0f74459699433cabc26c389caf36b455 > Thanks, JP. It would be great to have this functionality integrated into Qubes by default. Tracking: https://github.com/QubesOS/qubes-issues/issues/2706 - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYycbIAAoJENtN07w5UDAwavYP/Ry8asVBXRSxv5/p9ffVAmPi XKn7X3WKykO8NriXJzA4Y6+5Im3GPOVI9k2V43Rv+IGa9VN3ZW0ppLcti8qinaEw 0XlHisnUIUor603m/pUFQElKnMxstbnefF3mDIU8ePT9WNChA+qbx4e6Bq19prcI y3bqyDeFhkbhz+49dDHOs/41NYDnfaTDrawma+oUJlQgH/AclGn0CbjLN/FgzgxW Z9R61FETX626YR4Ya0Rd5fbVduSd4Hwhewpuv2EMUpEmueVIqDSGTZZ29y83NBKE rs8c6fmBdybxZSPsQihs2np8Semb7HmFD2tdBqdVediYA8eGEKyqLM/Z4W7NSKtU fpe5wiZLrTa8sEPc8mAitRWA+zJjzhYiEazOZWMwrMxFp+9JdZT38PDYdggGBLaL 1/6Fkqt423qeZBCtD/DcbXsUoFdugy1uN0Ha8s1bnlTA0mLjpZZ+xuov4Tenl8ej XozebjRsDbT5wjKw+6T2lenWO5y3HFc/+TkQM1+0ZrB8Ic6M0pERjLukQxOamgSG zE5eq1HWIq6lGwBNjKIIT9gs7S7bZpaGlNCmtpsDJGJi8IeiHdpjVysStsX+gAmG hueL1RnWRVr4U9QJtaRNjPlQ3Q98m5aL/FH2PdFgBzV5j9uPnw+Ur9u4iCRiEqDI acEm81ltvd7C2NBOOjgY =zXco -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1a8a1978-4b50-2c9d-ddca-488b0b3ab465%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] other SSD for VM, not possible?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-03-15 01:45, evo wrote: > Hello! > > rather simple question: as i understood, its not possible to > install VM on other SSD as the Qubes, isn't it? > Install? Not easily. Move? Easily: https://www.qubes-os.org/doc/secondary-storage/ - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYycQVAAoJENtN07w5UDAwevQP/1KXil48hsWWwjjejfmF/IIM gaUdJ7V3ao51bahJnwNMtRXP38/pY8LFdvk8wozrlvYnb9WX2B2VFGirrgVEc0ge bygmX61EtKaFbBSWjs8uRimeZ5plNUVfS873eUHiGej1ZF80HjWEZEzzMq2DZbwy QTUnphqA9yISaDxL9LfONy1bybuX23TnEws+aImYF6SScnPrt8kzgH1d2euZjZLb A4EkeYHuojWSpZ81d4VWv3kHXb44EIdJxghXd6nMos139GQHMs4k/JKaE2oQcoF9 TMLzNCvkLYyzY4GG2tzI0sFFCkYIl1sxTqTSzNabQaKH3c4YY5t2ju0q+590sa8D t58Jxws6/SwIIBZCx3ldRuH5Uwc6dGLRvVFhuJGLcrYZWNJXOJbnQozXFx71y7Oc RdhddsthVu4jcUwTZ6G5HCYlHWQ0+eIZ/vftTfIFDSM/az6eYxpFC8cHcdgb0Vh+ UUOgaX0mKwzqDhWxUs1iZFD2tJBiv+4i5Kw5/599VIinVzlWOK30kMiwHy3o/cR7 7ABPrFPQV3llsNbnVGdDgfkPbF+z23aYjv/cm6w5BDmn3YifkrP5vC5hgb51V4Kt 3tUhzgYTMui6YFPHdDFmw4/dIDgHe21r6izFf4JtlqIPIbCWoCnPf3SjcLsphszV e5SHZI89VW3d0ss2KC3J =PWSR -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20a81432-8125-c774-6410-98aa3580a707%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: is it better to have just standaloneVMs?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-03-15 01:14, evo wrote: > Am 15.03.2017 um 01:17 schrieb Unman: >> On Tue, Mar 14, 2017 at 08:02:58PM -0400, Chris Laprise wrote: >>> On 03/14/2017 01:55 PM, evo wrote: hmm.. this is also a good point, thanks! so if i do not use openoffice in my bankingVM, there is no practical vulnerability in it. >>> >>> Yes and no. Off the top of my head, there are two things to be >>> concerned about with the (regular, distro) software you >>> install: >>> >>> 1. Does it cause an additional service to start accepting >>> connections? >>> >>> 2. Does it have a MIMEtype or similar mapping, so that clicking >>> on a mislabeled file could cause it to open in an >>> unwanted/risky app. Unfortunately, nautilus doesn't seem to >>> have a setting for always asking before starting an app. But >>> at least it defaults to double-click instead of single-click. >>> >> >> 3. Installing some programs, like libre/openoffice, brings with >> it numerous libraries and attendant programs which may widen the >> attack surface of your qube considerably. >> > > so its better to have such VMs as banking or email in > standalone-mode. No, that doesn't follow. See my previous message about having multiple TemplateVMs. > The thing is... as i understood, stanalone-machines (if they are > not HVM) have all software from the template they use. So the only > way is, to install new iso on HVM, isn't it? > This doesn't follow either. StandaloneVMs and HVMs are completely independent of one another. It's possible that there is terminological confusion here. Please consult the glossary: https://www.qubes-os.org/doc/glossary/ > in that case, i don't really understand the sense of standalone > AppVMs. > StandaloneVMs can be useful for many different things, but not every user will have a need for them. For example, if you have a piece of software that installs parts of itself in both the root fs and user dirs (and you don't want to work around this with bind-dirs), and you need the software in only one VM, then a StandaloneVM is probably a perfect solution. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYycPeAAoJENtN07w5UDAwZD0P/3LtjWYp5sB0p/jKM/bOXYea shPiimxeaRgaEF/e714aamWiWCWN9a8OgaWnHbMPd2cajTSHgEc2zY8E4gPJN62B uvs1Y4958KxrNIdmT7p6ECivlwA7ZsaynzFICSM1d9QTviRCmkj7SY1+qPt6XjqO OTQ7IRGh1WBssaxWS1Dc320MJth25n9+ipNhhL7XpJA9vgOEZm6lUgeIhit3DiJg n1cjnKCoXhD8+i9bhVRcT9uurZdFdXJ3zNV13+m3l4nZKvgqXWOLkxE0/BtLQSks NyNpB4onqKA7PoQZpBLnp5sRE0axnay5Ny1uST492gFUy77B0FYdEePPtjeBoMtZ t+Y2Wav3ORW7/aXjAssHWQkZC8pgYO9inZ08PrGDa4p1ud93YoswjXj8MlM2OUOp IWZFKW8eDdjWte7vJ3lMabPJJawteTxYUS4eMsxSmcFq7JKnQwIEau0GHXerAnQn g3zwh9cyDyz6B0j51oyq8qMb1u+f6+d91hdAjpS9edjX1FAx6GGNXtaPXNxTVYDg RZQdbd5vlbq9OXLs/duEb3Dlgm7DSNmHl6Gig0Y+aBfujoq6+xY+g5CkwkPHJ8zK P+G+t82TFKKPN0QSS0J8dHLM0Z7ln4YX+gmPZTzJszEU/CX8slL311P2KlCcJ2sB fGGn+tSmARuHCbd+Lx7Y =meYj -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/294ad2fd-4890-18cf-277d-250d7c1c64df%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] USG - AFirewall For USB's
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 03/15/2017 05:22 PM, Syd Brisby wrote: > If you remove the wireless module from a laptop, then connect a USB > wifi adapter (or bluetooth adapter) to a USG and plug the two into > the laptop, could a (future?) USG act as a hardware firewall for > the wifi device (or bluetooth device)? For example, Deter MAC > address scanning? Deter portscanning and rogue packets being sent > to ports? Deter man-in-the-middle hotspot attacks? Or deter > bluetooth hacking attempts? etcetera. > Theoretically yes, a USB firewall could perform this function. However it would involve porting large parts of the linux network stack to run on an embedded microprocessor with 256kB flash and 64kB RAM. Difficult and painful if possible at all. Certainly not a task for one developer in their spare time! -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCgAGBQJYycOvAAoJEN65WsAVra66v+EP/1scyx4Fk1s+7R8zIA8wME2c C7hNYmoDv9s2ILcYhsY7wBCbg5AC0kx1dDPZkMnn54n2DQ6Pei3E5ANXIZZB0efY A3CXT8VLdJ0HnmQ85LCyjSIGcY0zP+TbhSeNBptCxMAh5C6Dlte31Rf7gEDRj79z miG7g/p4iNUK3iFLCYxe5HhX0xd0QCm8hWzYf5PBpUWQL0pPQnuKIkesIvgttaSM xlSycSOySstul56WA9Nt+d66hfqhlLgsdpnVaO6nTwcYxZHEqIOMfoT5VDTQqbib pmJPjoulgO6cXY/P2EWLRnToKlzc8j3TBgBvSr2NRQ+W5pmIJc7vNGKLqc2fO1WS Ba1hle7fXLVRu7sAKdZPwZB8s0jxsN8v1iWPnjEex/DF7ZWtgbpt2uU//wm4H9vO Dd3bqvjwcb7dnWzDQ0rnqVa2XBJfWipOQOPPO2UaiKo03a2rQz3UX9sAaN4ukxSs FZmewFPk8NbJ/Ynp0kJdcO3Al5UtsbgGg//nuQeNBmNqMnvJfd4WgpuwstOkx95m h0on7lZIHRQw3BiG83thMCi+9JlcVMI6OnheQJYwtAEVpcNtI0LanpVI9mbkGR2Y 5GngttD19fe4aoNjkNuPko28H3vfQFgK255oKMPnhtD2ES0iROLh+M2FeeAh3G2/ YRbZl7Fc8Si4PDHveKD2 =ZwtO -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5fe82838-011a-54e4-7cae-1c9fbac0fe22%40fastmail.fm. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Curious: https for yum repos
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-03-15 01:15, haaber wrote: > Chris, > >> Fedora *unfortunately* is the blacksheep here. It doesn't sign a >> repo file, therefore an attacker can hold back individual >> packages withing what appears to the user as a stream of normal >> update cycles. > > I read this as "fedora is less safe" since exposed to described > attacks. Actually I never used it in my prequbes life, and I would > still not if there were alternatives to fedora-minimal. > Not sure I would read it that way. > So: Is there a debian-minimal available? The existing Debian template is already pretty minimal, so no debian-minimal template has been created. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYycKKAAoJENtN07w5UDAw5pEP/3cwkt8mT4UJudAfWd/8FFPq Kn6YIazddd1QdKaRNjpKb1/sVk+xLyC3UpMb0e7mjpDhhV4YHe3q24OO7dyau1T9 tyxObCKX7JTKneRjzM0gsyYZm7PBiNRPUl6QfCm6KPsP/GPnFygDAvAJXc2V5ZEh +U4m5OxqnZnR7q7sq5VH91BIWCtyZ0mNV31Sx/gbRJtXhjMgst64kKge/dtceIzK c/8dcxPj11sRH3q6L4JO6/BqOz4dBSdie7oHdnGNt8RHu/+y9Cl9elMwfUuBSxSJ H/yQ29Ts2N1cLfwQYT03V+bGOQgP//moAWW6fwxzPpA53zfVDtQt2YwB1DKFlQoK JYciBg6LgY1uA9bUD7+SLEDaBtb2GP2MWblWLDPY6GAuppCOMZQu7oiOSWH5QxQp ZQ4rTuol2O2ERJu81Z9mpnQshzhIuvSwV5f9HR0AozNnU0ZCCjydqRVEbWmFUPpV 8ftB+dNjDvWdwA3VGv7Nw8bxcx81urjdM1Rj7H3Ta5UQTAzUgMFxNFnA1O98qNoc T/MFlOR7S/PnJ4gzR/VWR1BG4KOtiCQxaUUO5rcuDrPbXVFI6NJ5zuuWusXH74Om SXXXdofb/qR43D6UD5e3hi1AhD7KacbqUliW/YVaWOVuzvAKYybi5G+GeUHHQzUV IUTSVy5q/HFthMiDyWYC =R9PN -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d27e2594-30eb-3d51-5f1a-ce114e617a58%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: epoxy on ram to prevent cold boot attacks?
On Wednesday, August 31, 2016 at 8:25:33 PM UTC+4, pixel fairy wrote: > poured some epoxy over where the ram connects to the motherboard modern RAM keeps data after hours after disconnecting in from MB. (wont search that paper now, plz search on your own). there are also physical traces of RAM state on RAM device. thats why some folks are moving keys in RAM(xoring it actually) every 10 seconds or so, in their opensource encryption software. there is papper on in too, with photo of such physical micro traces. paper also explains why RAM manufacturers are trying to keep volts as low as possible. imo encrypted RAM is more safe. but where to store keys? CPU cache, VRAM? or separate PCI device? unsure about speed of PCI vs RAM though. but safe storing keys in HW of major, massive vendors is a wrong idea because of obligatory unofficial backdooring. maybe it is possible to only encrypt part of RAM with PCI located key(original PCI storage device). example: main system is in RAM, VM's RAM is encrypted (using driver) and the key is on PCI storage device. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/512950a4-6d96-4698-833d-ccf20ba33f9d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Updating Fedora-23 template to Fedora-25
I managed to update to Fedora 25 by upgrading from Fedora 23 to Fedora 24 and then from Fedora 24 to Fedora 25 like described in the Documentation. I changed the AppVM templates. Is it wise to change the sysVM templated to Fedora 25 as well? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ea24e1dd-4d94-4847-9733-2845b628b10a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: USG - AFirewall For USB's
as far as i understand general method(control everything in data stream), adding support for new type of device is difficult, IF such HW firewall is connected to HW USB. i recall some device which transfers USB data over LAN, so user can connect any USB HW over LAN. by this way it is possible to have special VM with fresh state for every USB dev connection. after device is used, every possible not wanted effects are gone with the reset of VM. such VM could start automatically upon each USB plugin event. there is no real reason also to store such mini temp VM in SSD. it can be located in RAM. i believe Gbit LAN has potential. right now am considering some perverted "immortal SSD" idea based on following: SODIMM CHEAP (used) RAM modules (1,2,4 GB) in few motherboards. RAM disc is created in such motherboard upon boot and then shared over Gbit LAN. i believe it is possible to make very compact version for notebook(thats what am planning to do after i figure out how to connect about 16 RAMs. without having lots of notebook motherboards). motherboards are backed up by battery. how to use: before actual task, the contents of SSD copied to LAN disk. before shutdown, HW SSD (or even HDD actually) gets only updated data from this shared over LAN RAM disk. on RAM disk user can have VMs. WHY? there are plenty of cheap 1 2 4 GB used RAM modules. as far as i can remember RAM module have long lifespan. so user actually gets cheap SSD which capacity only gets bigger over time. i believe there can be one trusted HW machine and lots of untrusted HW devices shared over LAN or SPI. LAN or SPI opensource HW. LAN speed is just fine unless you want USB display or Kinect. again: main idea is to transport original HW USB data stream to the emulated (Virtual) USB connected to VM, _without firewalling it at all_. using LAN or other means. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fb160e8a-c1e5-413b-88f3-b097a2f2d5b1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Keyboard layouts with multiple keyboards
Well, maybe my problem is a bit different: It seems to switch to default variant of the selected layout, while I am using non-default one. Subsequent problems are probably caused by the keyboard “split-brain”. The problem with layout variant suggests the reason why I was not able to find any details on it: I assume the problem affects quite less users than forced switching to US layout. I could try setting Czech language in dom0, but it would hardly set the desired keyboard. If there was any influence, I expect it would set the default cz layout, which is even more different from what I use. I haven't try dpkg-reconfigure, because the problem starts in dom0, not in AppVM. I have looked at the files /etc/vconsole.conf and /etc/X11/xorg.conf.d/00-keyboard.conf and they both refer to US layout. Maybe vconsole.conf is not worth of modifying (I don't have the layout for console…), but I can try changing 00-keyboard.conf. Regards, Vít Šesták 'v6ak' P.S.: Why I got confused: I use CShack layout (see http://xakru.com/cshack/), which is derived from US layout, but adds support for diactiric characters (Czech, Slovak, German, Spain) and various typographic characters (like '≠–—«»±„“”…'). The default variant is hard to distingiush from us layout on a keyboard that does not have CapsLock, which works as a modifier key on this layout. I use a non-default variant (extracs_ralt) that adds RAlt (AltGr) as another modifier (equivalent to CapsLock modifier key) and modifies number row to be more close to standard Czech layout. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3a172168-a145-4558-9846-686c68630b4b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Feature request: "HDD Airbag" analog
Feature request: "HDD Airbag" analog overview: https://support.lenovo.com/nl/en/solutions/ht003517 list of supported devices: http://support.lenovo.com/nl/en/downloads/ds015000 is it possible to add this feature to Qubes? or atleast provide some interface to poweroff/park HDD? yes, Qubes requires SSD for good operation, but imo most users like to have SSD + large HDD for media or other content. i believe qubes can be really friendly for not so geeky user, by having such features or atleast providing support so user could write such soft. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/16be7dee-54e1-404a-9e42-581fba972bb8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Kicking the sudoers dead horse
On 03/15/2017 02:24 AM, Chris Laprise wrote: > On 03/14/2017 07:18 PM, Chris Laprise wrote: >> >> # Protect sh and bash init files >> chfiles="/home/user/.bashrc /home/user/.bash_profile /home/user \ >> /.bash_login /home/user/.bash_logout /home/user/.profile" >> touch $chfiles >> chown -f root:root $chfiles >> chattr +i $chfiles > > > The line break on that didn't work out (delete space before > backslash). Here it is fixed: > > https://github.com/tasket/Qubes-VM-hardening/blob/master/rc.local > > Also changed to avoid abort of script. > Hi Chris, How did you handle error message like below when you deny the request of su/sudo using vm-sudo : [user@fedora-24 pam.d]$ su /usr/lib/qubes/qrexec-client-vm failed: exit code 1 su: System error [user@fedora-24 pam.d]$ sudo dnf update /usr/lib/qubes/qrexec-client-vm failed: exit code 1 sudo: PAM authentication error: System error Is there any method to put something like 'permission denied' message instead of the message above? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2f24304b-1584-66aa-7e77-8394d42824f4%40gmail.com. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Kicking the sudoers dead horse
On Wednesday, March 15, 2017 at 3:15:15 PM UTC-4, cooloutac wrote: > On Tuesday, March 14, 2017 at 7:22:04 PM UTC-4, Chris Laprise wrote: > > On 03/14/2017 12:57 PM, cooloutac wrote: > > > > > yes I agree having to click yes in a dom0 popup will not be cumbersome > > > for most. But is it that easy for the devs to implement? > > > > Its already there, for a long time now. The vm-sudo doc describes how to > > enable it. > > > > -- > > > > Chris Laprise, tas...@openmailbox.org > > https://twitter.com/ttaskett > > thanks! I think this thread is now sudo vs doing everything in dispvms? lol well regarding sudo you guys heard about the malware fsybis last year? installs on linux system without root by clicking bad link. persists, keylogs, phones home, spreads. root not required. and I mean what data you got in root directories thats more private then user data? I guess the argument is that you are protecting dom0 by using sudo in an appvm? Sorry if I;m stating the obvious. But doing everything in a dispvm? Sure, if someone else sets it up and maintains it for me lol. I'm not gonna bother with the scripts, I use Qubes so I don;t have to read emails in text only mode and implement crazy security measures like selinux or apparmor with grsec, which also have never helped me much before. I gave all that stuff up. All it takes is one bad click and something I say yes to. It happens to everyone eventually. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/df29a1f1-8f8e-497a-8389-95e8d6ab3e9f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Kicking the sudoers dead horse
On Tuesday, March 14, 2017 at 7:22:04 PM UTC-4, Chris Laprise wrote: > On 03/14/2017 12:57 PM, cooloutac wrote: > > > yes I agree having to click yes in a dom0 popup will not be cumbersome for > > most. But is it that easy for the devs to implement? > > Its already there, for a long time now. The vm-sudo doc describes how to > enable it. > > -- > > Chris Laprise, tas...@openmailbox.org > https://twitter.com/ttaskett thanks! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/058a93d3-cbab-47d1-9b82-5c9e00297c6e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Razer Looking for Our Input about Linux on Razer Edge
On 03/15/2017 01:14 PM, Grzesiek Chodzicki wrote: W dniu środa, 15 marca 2017 17:44:41 UTC+1 użytkownik tai...@gmx.com napisał: On 03/15/2017 12:23 PM, Grzesiek Chodzicki wrote: W dniu wtorek, 14 marca 2017 23:24:37 UTC+1 użytkownik john.m...@gmail.com napisał: This is your chance to tell Razor that we don't want binary blobs or "Intel ME" and that they can sell a lot more if they become "Qubes-certified". https://insider.razerzone.com/index.php?threads/welcome-to-the-linux-corner.20618/ Holler loud and cross your fingers. John E. Mayorga Just posted on this thread. Would be nice if they actually went through the Qubes certification process, their laptops are very nice. This is impossible without cooperation from intel, any intel system from nehalem (first core system) on will NOT work without the ME binary blobs, the (black box) supervisor processor will simply auto-restart after 30 minutes. If google can't get intel to release the code and a flashing mechanism for ME then nobody can. https://web.archive.org/web/20161010040458/https://blogs.coreboot.org/blog/2015/02/23/the-truth-about-purism-why-librem-is-not-the-same-as-libre/ ME, PSP, FSP, etc containing firmware is not "open source" as binary blobs perform the entire boot process with coreboot simply a wrapper layer. For brand new computers the only real choices are POWER and (some) ARM. All current IBM POWER systems are entirely owner controlled with no hardware signing key enforcement and you can buy one starting at around 3K (comparable to an intel server system of equivalent cost). if you want an x86-64 laptop the only choice is a 2013 FM2 processor (no AMD PSP unlike FM2+) which is new enough to be useful (see coreboot on the lenovo G505S) For x86-64 desktops there is the KGPE-D16 and KCMA-D8 coreboot motherboards which will work without blobs, which are both new enough to be useful but not brand new. I just checked the Minifree website. Although the premise is really nice (firmware-free dual CPU workstation, server or laptop) the 6-month lead time, the price overhead and mediocre specs are a big turnoff. And, just like Purism did earlier, the price overhead makes it seem like privacy is a privilege of the rich. Minifree's workstation configuration that comes the closest to my PC costs over twice as much with much slower CPU, slower RAM and slower SSD. Don't buy from minifree, they're overpriced just assemble it yourself and get used cpu/ram. The KGPE-D16 itself is around $400, or you could get a KCMA-D8 for $200 with one or two 4386 CPUs ($50) if you don't need uber performance. I'd get a 6284SE if you are on a budget you can get em for around $100 otherwise the best CPU is a 6386SE for around $300. https://www.coreboot.org/Board:asus/kgpe-d16 4386 is equivalent to a FX-8370E 6386SE is equivalent to two FX-8370E You would be able to max out new games, combined with a quality GPU (I recommend AMD so you can do easy IOMMU pass-through for graphics) As I said purism is an overpriced quanta laptop, their laptops are not at all libre even the ones that claim to have "coreboot" don't have any open source hw init it is all done by binary blobs. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0e20e569-ef9a-5e35-2f89-1c8ce002cba3%40gmx.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Updating Fedora-23 template to Fedora-25
Dear people and machines, I just setup a clean Qubes 3.2 installation and tried updateing the Fedora-23 template to Fedora 25. I followed the instructions from the Qubes Docs site: https://www.qubes-os.org/doc/template/fedora/upgrade-23-to-24/ and substituted 24 for 25. After doing that the new Fedora-25 template still identified as Fedora 23 Workstation Edition when 'cat /etc/os-release' was entered. I decided to try again and cloned the Fedora-23 template and just made a regular dist-upgrade like described here: https://fedoraproject.org/wiki/DNF_system_upgrade. The result was the same, the new template was again Fedora 23 (Workstation Edition). I'd like to know if this is some kind of artifact and it is Fedora 25 although it says its not. If that isnt the case, how do I get Fedora 25? Thanks in advance, Kasi -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a3dc9dcd-4636-4000-80c4-f1cad0d32204%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Razer Looking for Our Input about Linux on Razer Edge
W dniu środa, 15 marca 2017 17:44:41 UTC+1 użytkownik tai...@gmx.com napisał: > On 03/15/2017 12:23 PM, Grzesiek Chodzicki wrote: > > > W dniu wtorek, 14 marca 2017 23:24:37 UTC+1 użytkownik john.m...@gmail.com > > napisał: > >> This is your chance to tell Razor that we don't want binary blobs or > >> "Intel ME" and that they can sell a lot more if they become > >> "Qubes-certified". > >> > >> https://insider.razerzone.com/index.php?threads/welcome-to-the-linux-corner.20618/ > >> > >> Holler loud and cross your fingers. > >> > >> John E. Mayorga > > Just posted on this thread. Would be nice if they actually went through the > > Qubes certification process, their laptops are very nice. > > > This is impossible without cooperation from intel, any intel system from > nehalem (first core system) on will NOT work without the ME binary > blobs, the (black box) supervisor processor will simply auto-restart > after 30 minutes. > > If google can't get intel to release the code and a flashing mechanism > for ME then nobody can. > https://web.archive.org/web/20161010040458/https://blogs.coreboot.org/blog/2015/02/23/the-truth-about-purism-why-librem-is-not-the-same-as-libre/ > ME, PSP, FSP, etc containing firmware is not "open source" as binary > blobs perform the entire boot process with coreboot simply a wrapper layer. > > For brand new computers the only real choices are POWER and (some) ARM. > All current IBM POWER systems are entirely owner controlled with no > hardware signing key enforcement and you can buy one starting at around > 3K (comparable to an intel server system of equivalent cost). > > if you want an x86-64 laptop the only choice is a 2013 FM2 processor (no > AMD PSP unlike FM2+) which is new enough to be useful (see coreboot on > the lenovo G505S) > For x86-64 desktops there is the KGPE-D16 and KCMA-D8 coreboot > motherboards which will work without blobs, which are both new enough to > be useful but not brand new. I just checked the Minifree website. Although the premise is really nice (firmware-free dual CPU workstation, server or laptop) the 6-month lead time, the price overhead and mediocre specs are a big turnoff. And, just like Purism did earlier, the price overhead makes it seem like privacy is a privilege of the rich. Minifree's workstation configuration that comes the closest to my PC costs over twice as much with much slower CPU, slower RAM and slower SSD. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0157a6c1-f70c-44f6-9e2c-3db7db6766ca%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] How to set dns in sys-net
I want to set dns in sys-net . After installing dnscrypt-proxy in sys-net template i have access to internet in sys-net via new dns address with these commands. "sudo dnscrypt-proxy --daemonize --syslog -R dnscrypt.eu-nl -a 127.0.0.2:53" "dig txt opendns.com" and dig command shows me i have access to new dns address(127.0.0.2:53). but sys-firewall doesn't have access to internet. How can i fix this? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/77470722b5a02dbec813de337de74559%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Razer Looking for Our Input about Linux on Razer Edge
On 03/15/2017 12:23 PM, Grzesiek Chodzicki wrote: W dniu wtorek, 14 marca 2017 23:24:37 UTC+1 użytkownik john.m...@gmail.com napisał: This is your chance to tell Razor that we don't want binary blobs or "Intel ME" and that they can sell a lot more if they become "Qubes-certified". https://insider.razerzone.com/index.php?threads/welcome-to-the-linux-corner.20618/ Holler loud and cross your fingers. John E. Mayorga Just posted on this thread. Would be nice if they actually went through the Qubes certification process, their laptops are very nice. This is impossible without cooperation from intel, any intel system from nehalem (first core system) on will NOT work without the ME binary blobs, the (black box) supervisor processor will simply auto-restart after 30 minutes. If google can't get intel to release the code and a flashing mechanism for ME then nobody can. https://web.archive.org/web/20161010040458/https://blogs.coreboot.org/blog/2015/02/23/the-truth-about-purism-why-librem-is-not-the-same-as-libre/ ME, PSP, FSP, etc containing firmware is not "open source" as binary blobs perform the entire boot process with coreboot simply a wrapper layer. For brand new computers the only real choices are POWER and (some) ARM. All current IBM POWER systems are entirely owner controlled with no hardware signing key enforcement and you can buy one starting at around 3K (comparable to an intel server system of equivalent cost). if you want an x86-64 laptop the only choice is a 2013 FM2 processor (no AMD PSP unlike FM2+) which is new enough to be useful (see coreboot on the lenovo G505S) For x86-64 desktops there is the KGPE-D16 and KCMA-D8 coreboot motherboards which will work without blobs, which are both new enough to be useful but not brand new. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0a74447f-2cae-b217-4da7-405f43b7222e%40gmx.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Razer Looking for Our Input about Linux on Razer Edge
W dniu wtorek, 14 marca 2017 23:24:37 UTC+1 użytkownik john.m...@gmail.com napisał: > This is your chance to tell Razor that we don't want binary blobs or "Intel > ME" and that they can sell a lot more if they become "Qubes-certified". > > https://insider.razerzone.com/index.php?threads/welcome-to-the-linux-corner.20618/ > > Holler loud and cross your fingers. > > John E. Mayorga Just posted on this thread. Would be nice if they actually went through the Qubes certification process, their laptops are very nice. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c9fdcae7-e50c-4cb1-9ea1-9c1dc55745e9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] HCL - ASUSTek Computer INC. Q550LF
-- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/94411768.77363907.1489594451408.JavaMail.zimbra%40comcast.net. For more options, visit https://groups.google.com/d/optout. Qubes-HCL-ASUSTeK_COMPUTER_INC_-Q550LF-20170315-121145.cpio.gz Description: application/cpio-compressed --- layout: 'hcl' type: 'notebook' hvm: 'yes' iommu: 'no' slat: 'yes' tpm: 'unknown' brand: | ASUSTeK COMPUTER INC. model: | Q550LF bios: | Q550LF.211 cpu: | Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz cpu-short: | FIXME chipset: | Intel Corporation Haswell-ULT DRAM Controller [8086:0a04] (rev 09) chipset-short: | FIXME gpu: | Intel Corporation Haswell-ULT Integrated Graphics Controller [8086:0a16] (rev 09) (prog-if 00 [VGA controller]) gpu-short: | FIXME network: | Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 0c) Intel Corporation Wireless 7260 (rev 6b) memory: | 8075 scsi: | ST1000LM024 HN-M Rev: 0002 DVDRAM GU71N Rev: AS00 USB 3.0 FD Rev: PMAP versions: - works: 'FIXME:yes|no|partial' qubes: | R3.2 xen: | 4.6.4 kernel: | 4.4.38-11 remark: | FIXME credit: | FIXAUTHOR link: | FIXLINK ---
Re: [qubes-users] Kicking the sudoers dead horse
Chris Laprise: > On 03/14/2017 11:30 PM, sm8ax1 wrote: > >> Second, you mention that ~/.bin/sudo could be overwritten with the >> attacker's binary or a script. I'm not sure I understand what you mean >> exactly... the real sudo works by virtue of being owned by root with >> suid. An attacker running as user cannot create a file owned by root, so >> neither the real sudo nor a fake one could elevate privileges. If you >> mean that `sudo` could be aliased to something else, I'm not sure what >> that would accomplish; the underlying command would still run as the >> invoking user. I'm just not quite getting what you're saying. > > By changing the order of $PATH paths or adding an alias in .bashrc a > regular user process can impersonate the sudo and su (and other) > commands so their version will run and ask for authorization whenever > you do 'sudo somecommand' instead of '/usr/bin/sudo somecommand' (the > latter would not be vulnerable). It will look normal and 'somecommand' > will run, but attacker can piggyback his own commands to execute as root > also. > > (This is an old issue, resembling the way attacks could be carried out > in Xwindows like clipboard sniffing, etc. and was ignored.) > > Without ability to write shell init scripts, attacker can only change > aliases or $PATH (or $LD_PRELOAD) for his own processes, but not for the > shells or apps you started yourself. Thanks for clarifying that. Piggybacking his own commands in addition to the argument to `sudo` is the key part I wasn't getting. The fix to that I think would be showing the command (binary path + args) in the Dom0 dialog. e.g. "my-vm" is attempting to run "/usr/bin/bash -c '/home/user/.malware.sh ; realcommand'" as root. Allow? [x] Always do this for requests from this VM in the future. [Yes] [No] [View environment variables] It might already have some of these features for all I know. I haven't tried it yet. Untrusted environment variables, if allowed by sudo (they are disallowed by default), present another problem. This could probably be solved by showing the untrusted/modified ones in the dialog as well. >> >> Setting the shell startup files to immutable is a good idea I hadn't >> thought of. Actually I think setting them to root:root mode 755 would be >> sufficient, wouldn't it? That would make it one step easier to modify >> them as needed. > > Not sufficient because 'user' still owns that dir, so it can delete > those files even if they're root. Then attacker can write their own > version. Solution needs +i to prevent replacement in a user-owned dir. > > Going the other way--using only +i and not root ownership--should work > but I was trying to be thorough. In practice user will probably modify > script as root after using 'sudo chattr' so convenience-wise it doesn't > matter. > I don't know why I didn't catch that. I guess I have to go back to Unix 101. Immutable it is. Just a note for the record, this is an added anti-persistence feature, but it isn't required for vm-sudo to work as described. - ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands! $24.95 ONETIME Lifetime accounts with Privacy Features! 15GB disk! No bandwidth quotas! Commercial and Bulk Mail Options! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7a291de8-3591-4983-f27e-55b2be131ca2%40vfemail.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] feature idea: creat trusted office document
On Tue, Mar 14, 2017 at 7:44 PM, cubitwrote: > - open dom0 terminal > - get dom0 to open a disp terminal in the same dispVM as the disposable doc Ouch. I'd forgotten how annoying that could be. I have a script [1] bound to a keyboard shortcut to open a terminal in the same VM as the front-most window. Perhaps you might find it useful? [1]: https://gist.github.com/jpouellet/0f74459699433cabc26c389caf36b455 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CABQWM_CSbH2BdG2wq6wGgEn9wegHV4BmDcLe_cYmjr0LXjrMXw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] other SSD for VM, not possible?
Hello! rather simple question: as i understood, its not possible to install VM on other SSD as the Qubes, isn't it? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/af21b4fe-7b8e-4e5a-e137-6efe7bc221eb%40aliaks.de. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Curious: https for yum repos
Chris, > Fedora *unfortunately* is the blacksheep here. It doesn't sign a repo > file, therefore an attacker can hold back individual packages withing > what appears to the user as a stream of normal update cycles. I read this as "fedora is less safe" since exposed to described attacks. Actually I never used it in my prequbes life, and I would still not if there were alternatives to fedora-minimal. So: Is there a debian-minimal available? For normal and even advanced users it is almost impossible slim down a std debian via uninstalling unused packages without destroying the system : which of the (in large parts cryptic) package names are vital? Bernhard -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/82474c54-4afe-cff1-ea8b-b569b56b4748%40web.de. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: is it better to have just standaloneVMs?
Am 15.03.2017 um 01:17 schrieb Unman: > On Tue, Mar 14, 2017 at 08:02:58PM -0400, Chris Laprise wrote: >> On 03/14/2017 01:55 PM, evo wrote: >>> hmm.. this is also a good point, thanks! >>> so if i do not use openoffice in my bankingVM, there is no practical >>> vulnerability in it. >>> >> >> Yes and no. Off the top of my head, there are two things to be concerned >> about with the (regular, distro) software you install: >> >> 1. Does it cause an additional service to start accepting connections? >> >> 2. Does it have a MIMEtype or similar mapping, so that clicking on a >> mislabeled file could cause it to open in an unwanted/risky app. >> Unfortunately, nautilus doesn't seem to have a setting for always asking >> before starting an app. But at least it defaults to double-click instead of >> single-click. >> > > 3. Installing some programs, like libre/openoffice, brings with it numerous > libraries and attendant programs which may widen the attack surface of > your qube considerably. > so its better to have such VMs as banking or email in standalone-mode. The thing is... as i understood, stanalone-machines (if they are not HVM) have all software from the template they use. So the only way is, to install new iso on HVM, isn't it? in that case, i don't really understand the sense of standalone AppVMs. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6fbf49d5-8f53-4c1e-b85c-026667fc65fa%40aliaks.de. For more options, visit https://groups.google.com/d/optout.