Re: [qubes-users] Big problem?
Yes, When you have to input the decryption key, a lot, if not all of your Operating system isn't loaded yet, so it didn't apply your custom keyboard layout settings yet. On 13/04/2017 09:56, rubboe...@gmail.com wrote: > During the installation I choose azerty, is it possible that it is now qwerty? > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/01a7633c-bf92-a443-04a5-8234911ca255%40nopping.eu. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Spoofing MAC
On 27/01/2017 00:45, Unman wrote: > On Wed, Jan 25, 2017 at 09:11:06PM +0100, Sae wrote: >> Forwarded Message --- >> >> Subject: Re: [qubes-users] Spoofing MAC >> Date:Wed, 25 Jan 2017 20:52:35 +0100 >> From:Sae >> To: pl1...@sigaint.org >> >> >> >> On 25/01/2017 20:34, pl1...@sigaint.org wrote: >>> Hi >>> I followed the guide that explains how to spoof MAC using debian based >>> appVM. Now will my ISP "see" this new or it anonymize just my surfing? >>> >> Hello. >> You ISP never sees your MAC. Your MAC is used for the communication >> between your computer and your router. >> Spoofing your MAC is usefull in networks which are not under your >> control (hotspots, school, work, …). >> Then, from that network point of view, your computer won't identify >> itself with your mac address that is closely tied to your computer hardware. >> Spoofing your mac address has no impact on your IP address, so it won't >> anonymise your surfing. >> >> forwarding because I forgot to send to the list. > Since your ISP has complete control over your router they *always* see > your MAC. If you spoof the MAC then they would be able to associate the > spoofed MAC with that router. If you have been consistent and keep > changing it then you would have some degree of plausible deniability for > any particular session. > Best approach would probably be to add another wireless card on another > netvm, and use spoofed MAC and separate qubes on that netvm, while keeping the > vanilla card for "normal" use. That way to maintain "normal" use and > mask the other activity. Use a removable wifi card and disposable > netvm for the spoofing to minimise trace. Increase deniability by > setting router to open or with simple to guess password. > My ISP doesn't have control over my router. My modem/router is my own. I just configure it with their credentials. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/12416757-91b3-c825-1079-f41e4935e2ed%40nopping.eu. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Spoofing MAC
Forwarded Message --- Subject:Re: [qubes-users] Spoofing MAC Date: Wed, 25 Jan 2017 20:52:35 +0100 From: Sae To: pl1...@sigaint.org On 25/01/2017 20:34, pl1...@sigaint.org wrote: > Hi > I followed the guide that explains how to spoof MAC using debian based > appVM. Now will my ISP "see" this new or it anonymize just my surfing? > Hello. You ISP never sees your MAC. Your MAC is used for the communication between your computer and your router. Spoofing your MAC is usefull in networks which are not under your control (hotspots, school, work, …). Then, from that network point of view, your computer won't identify itself with your mac address that is closely tied to your computer hardware. Spoofing your mac address has no impact on your IP address, so it won't anonymise your surfing. forwarding because I forgot to send to the list. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7b18c8fa-cd6f-5376-4a4a-63ef2fae04ca%40nopping.eu. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Detection - Best Way
On 18/01/2017 06:27, Asterysk wrote: > It struck me that Qubes could be very useful for Detection of "malware" by > placing a monitoring capability . My question is in two parts: > > (1) Is Wireshark the best tool to use for this within Qubes > (2) Should it be placed in Dom 0 (if indeed thats possible) or in the sys-net > or sys-firewall > I would create a proxyVM that dumps your traffic with tcpdump, and insert it before sys-firewall when I want to sniff the traffic. And then open the pcap with wireshark in a non networked VM for inspection. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fbcab964-be0f-0279-23e1-84bf9e591d40%40nopping.eu. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Solving the IME Problem with Virtualization
On 17/01/2017 12:51, Zrubi wrote: > On 01/17/2017 11:14 AM, john.mayo...@gmail.com wrote: > > I'm not a Xen expert, so don't flog me too harshly, and I did > > search the posts for this subject, but couldn't find it. > > > There is a painfully well known problem of having to "trust" Intel > > to properly implement their "Intel Management Engine". Only very > > recently has there been a hardware solution to fixing that problem > > on more recent chipsets, however, I have not heard much from the > > Qubes community on this point. Reference: > > http://hackaday.com/2016/11/28/neutralizing-intels-management-engine/ > > > Xen is capable of booting a VM with its own BIOS. Why would it not > > be possible, for extreme privacy cases, to Xen virtualize Qubes > > (nested VMs) such that IME does not matter, as IME would only > > affect Xen on the hardware, not the VM with the open source BIOS > > which is running Qubes. Reference: > > https://wiki.xenproject.org/wiki/Hvmloader > > > Well it doesn't matter what you try to achieve in a top level VM if > the lower layers (AppVM -> dom0 -> Xen -> EFI/BIOS -> Hardware) are > powned. > > Lower 'layers' always owning the higher ones in any case. > > This is something that most of the people out there not takes into > account (and/or do not care about) > > > I would rather say that an adversary strong enough to pwn the lower layers isn't in most people's threat model, as the effort to defend against it ATM is not worth it for them. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/387be49e-d6dc-50e3-2ad8-8cb9f86238fb%40nopping.eu. For more options, visit https://groups.google.com/d/optout.
