[qubes-users] Re: Privacy in Qubes
On Saturday, February 10, 2018 at 12:41:22 PM UTC+1, Tim W wrote: > On Friday, February 9, 2018 at 4:33:00 AM UTC-5, Yuraeitha wrote: > > On Friday, February 9, 2018 at 7:09:32 AM UTC+1, Tim W wrote: > > > On Wednesday, September 20, 2017 at 4:47:16 PM UTC-4, Yuraeitha wrote: > > > > On Wednesday, September 20, 2017 at 12:50:46 PM UTC, Dominique > > > > St-Pierre Boucher wrote: > > > > > On Wednesday, September 20, 2017 at 8:27:40 AM UTC-4, cooloutac wrote: > > > > > > On Monday, September 18, 2017 at 11:02:50 PM UTC-4, Person wrote: > > > > > > > Let's say you have an online identity that you want to keep > > > > > > > separate from your personal information. On Qubes, is it possible > > > > > > > to keep i information completely separate without physical > > > > > > > separation? I have considered using a separate OS virtualized in > > > > > > > Qubes, but it may possibly leak the same device data. > > > > > > > Multibooting with Qubes is also not the safest idea. > > > > > > > > > > > > > > What is the best way to keep online information from being traced > > > > > > > back to you on Qubes? > > > > > > > > > > > > Not really sure what you are asking, or what information > > > > > > specifically. Keeping information separate is the general purpose > > > > > > of Qubes. One vm doesn't know what data is on the other one. > > > > > > > > > > > > If you are talking about keeping your identity hidden from the > > > > > > internet. Just don't let the vm connect to the internet? > > > > > > > > > > > > As far as information like device id's, that would depend on the > > > > > > program you are connecting to the internet and if it gathers such > > > > > > information. I really don't know if what core linux processes do > > > > > > this. Browsers prolly do yes? > > > > > > > > > > > > In general, hiding your identity is not really something thats > > > > > > Qubes specific. Use multiple whonix qubes with tor browser? Don't > > > > > > log in the same online identities on the same vm? > > > > > > > > > > If you are talking about the first the identity of your computer, > > > > > that will always be the same hostname, mac address if you connect > > > > > both vm through the same network card. If you have 2 network card > > > > > (and different sys-net), you can maybe have the traffic through one > > > > > card for one ID and the other ID through the other card but if you > > > > > are using it at home on the same lan, I don't see the point. But > > > > > doing it on a public wifi and using 2 differents network card (and > > > > > different sys-net vm) you can have 2 different session on the same > > > > > website and I don't see a way from the server side to figure out that > > > > > you are doing it from the same computer. > > > > > > > > > > Hope I make sense!!! > > > > > > > > > > Dominique > > > > > > > > I second Dominique here, this is what I would do too if I wanted to > > > > maximize anonymity. However be mindful that it's still risky if its a > > > > matter of life and death, or anything other really serious/important. > > > > There is always a remote chance that something can be used to track > > > > back to you, be it something brand new, zero-day exploits, or what else > > > > hidden tricks is out there. Although these is mostly only used against > > > > high-profile targets, and typically, or most likely not,on your > > > > everyday internet users. > > > > > > > > For example virtualization isn't perfect. To my knowledge, this is one > > > > of the reasons Qubes is switching from PV to HVM. And even then, HVM > > > > seems to only be a temporay solution, as while it's better than the > > > > current PV, it isn't perfect either. Generally, you're in deep trouble > > > > if someone is hunting you as a high-profile, but if its the average > > > > joe-hacker? Probably not. From what I can gather, Qubes attacks are > > > > difficult to pull off, so much that it hasn't been observed in the > > > > wild. However one of Qubes's weakpoints is the lack of reward pools for > > > > white-hat hackers who hunt for bugs and weakenesses, although it may be > > > > solved soon through donations I think? Anyway, just be careful, don't > > > > do anything that you can't pay for afterwards, be it your life, prison, > > > > or what else may be hunting you. > > > > > > > > Also to do Qubes justice, it's still pretty darn secure. It requires > > > > exotic and probably difficult hacks to get through, such as hacking one > > > > DomU and mess up your memory in other to break into another DOmU, and > > > > thereby indirectly get access to Dom0, or something like that. > > > > Presumably the Qubes 4 system is much better protected against this > > > > kind of difficult but theoretical possible attack, than Qubes 3.2 is. > > > > > > > > Then again, I'm no security expert, take my words with some salt. But > > > > definitely don't believe Qubes has perfect
[qubes-users] Re: Privacy in Qubes
On Friday, February 9, 2018 at 4:33:00 AM UTC-5, Yuraeitha wrote: > On Friday, February 9, 2018 at 7:09:32 AM UTC+1, Tim W wrote: > > On Wednesday, September 20, 2017 at 4:47:16 PM UTC-4, Yuraeitha wrote: > > > On Wednesday, September 20, 2017 at 12:50:46 PM UTC, Dominique St-Pierre > > > Boucher wrote: > > > > On Wednesday, September 20, 2017 at 8:27:40 AM UTC-4, cooloutac wrote: > > > > > On Monday, September 18, 2017 at 11:02:50 PM UTC-4, Person wrote: > > > > > > Let's say you have an online identity that you want to keep > > > > > > separate from your personal information. On Qubes, is it possible > > > > > > to keep i information completely separate without physical > > > > > > separation? I have considered using a separate OS virtualized in > > > > > > Qubes, but it may possibly leak the same device data. Multibooting > > > > > > with Qubes is also not the safest idea. > > > > > > > > > > > > What is the best way to keep online information from being traced > > > > > > back to you on Qubes? > > > > > > > > > > Not really sure what you are asking, or what information > > > > > specifically. Keeping information separate is the general purpose > > > > > of Qubes. One vm doesn't know what data is on the other one. > > > > > > > > > > If you are talking about keeping your identity hidden from the > > > > > internet. Just don't let the vm connect to the internet? > > > > > > > > > > As far as information like device id's, that would depend on the > > > > > program you are connecting to the internet and if it gathers such > > > > > information. I really don't know if what core linux processes do > > > > > this. Browsers prolly do yes? > > > > > > > > > > In general, hiding your identity is not really something thats Qubes > > > > > specific. Use multiple whonix qubes with tor browser? Don't log in > > > > > the same online identities on the same vm? > > > > > > > > If you are talking about the first the identity of your computer, that > > > > will always be the same hostname, mac address if you connect both vm > > > > through the same network card. If you have 2 network card (and > > > > different sys-net), you can maybe have the traffic through one card for > > > > one ID and the other ID through the other card but if you are using it > > > > at home on the same lan, I don't see the point. But doing it on a > > > > public wifi and using 2 differents network card (and different sys-net > > > > vm) you can have 2 different session on the same website and I don't > > > > see a way from the server side to figure out that you are doing it from > > > > the same computer. > > > > > > > > Hope I make sense!!! > > > > > > > > Dominique > > > > > > I second Dominique here, this is what I would do too if I wanted to > > > maximize anonymity. However be mindful that it's still risky if its a > > > matter of life and death, or anything other really serious/important. > > > There is always a remote chance that something can be used to track back > > > to you, be it something brand new, zero-day exploits, or what else hidden > > > tricks is out there. Although these is mostly only used against > > > high-profile targets, and typically, or most likely not,on your everyday > > > internet users. > > > > > > For example virtualization isn't perfect. To my knowledge, this is one of > > > the reasons Qubes is switching from PV to HVM. And even then, HVM seems > > > to only be a temporay solution, as while it's better than the current PV, > > > it isn't perfect either. Generally, you're in deep trouble if someone is > > > hunting you as a high-profile, but if its the average joe-hacker? > > > Probably not. From what I can gather, Qubes attacks are difficult to pull > > > off, so much that it hasn't been observed in the wild. However one of > > > Qubes's weakpoints is the lack of reward pools for white-hat hackers who > > > hunt for bugs and weakenesses, although it may be solved soon through > > > donations I think? Anyway, just be careful, don't do anything that you > > > can't pay for afterwards, be it your life, prison, or what else may be > > > hunting you. > > > > > > Also to do Qubes justice, it's still pretty darn secure. It requires > > > exotic and probably difficult hacks to get through, such as hacking one > > > DomU and mess up your memory in other to break into another DOmU, and > > > thereby indirectly get access to Dom0, or something like that. Presumably > > > the Qubes 4 system is much better protected against this kind of > > > difficult but theoretical possible attack, than Qubes 3.2 is. > > > > > > Then again, I'm no security expert, take my words with some salt. But > > > definitely don't believe Qubes has perfect isolation, it doesn't, not > > > with modern technology anyway. However it's a massive leap in the right > > > direction for better security. > > > > > > Furthermore, be extremely mindful of user-habits and which websites
[qubes-users] Re: Privacy in Qubes
On Friday, February 9, 2018 at 7:09:32 AM UTC+1, Tim W wrote: > On Wednesday, September 20, 2017 at 4:47:16 PM UTC-4, Yuraeitha wrote: > > On Wednesday, September 20, 2017 at 12:50:46 PM UTC, Dominique St-Pierre > > Boucher wrote: > > > On Wednesday, September 20, 2017 at 8:27:40 AM UTC-4, cooloutac wrote: > > > > On Monday, September 18, 2017 at 11:02:50 PM UTC-4, Person wrote: > > > > > Let's say you have an online identity that you want to keep separate > > > > > from your personal information. On Qubes, is it possible to keep i > > > > > information completely separate without physical separation? I have > > > > > considered using a separate OS virtualized in Qubes, but it may > > > > > possibly leak the same device data. Multibooting with Qubes is also > > > > > not the safest idea. > > > > > > > > > > What is the best way to keep online information from being traced > > > > > back to you on Qubes? > > > > > > > > Not really sure what you are asking, or what information specifically. > > > > Keeping information separate is the general purpose of Qubes. One vm > > > > doesn't know what data is on the other one. > > > > > > > > If you are talking about keeping your identity hidden from the > > > > internet. Just don't let the vm connect to the internet? > > > > > > > > As far as information like device id's, that would depend on the > > > > program you are connecting to the internet and if it gathers such > > > > information. I really don't know if what core linux processes do this. > > > > Browsers prolly do yes? > > > > > > > > In general, hiding your identity is not really something thats Qubes > > > > specific. Use multiple whonix qubes with tor browser? Don't log in > > > > the same online identities on the same vm? > > > > > > If you are talking about the first the identity of your computer, that > > > will always be the same hostname, mac address if you connect both vm > > > through the same network card. If you have 2 network card (and different > > > sys-net), you can maybe have the traffic through one card for one ID and > > > the other ID through the other card but if you are using it at home on > > > the same lan, I don't see the point. But doing it on a public wifi and > > > using 2 differents network card (and different sys-net vm) you can have 2 > > > different session on the same website and I don't see a way from the > > > server side to figure out that you are doing it from the same computer. > > > > > > Hope I make sense!!! > > > > > > Dominique > > > > I second Dominique here, this is what I would do too if I wanted to > > maximize anonymity. However be mindful that it's still risky if its a > > matter of life and death, or anything other really serious/important. There > > is always a remote chance that something can be used to track back to you, > > be it something brand new, zero-day exploits, or what else hidden tricks is > > out there. Although these is mostly only used against high-profile targets, > > and typically, or most likely not,on your everyday internet users. > > > > For example virtualization isn't perfect. To my knowledge, this is one of > > the reasons Qubes is switching from PV to HVM. And even then, HVM seems to > > only be a temporay solution, as while it's better than the current PV, it > > isn't perfect either. Generally, you're in deep trouble if someone is > > hunting you as a high-profile, but if its the average joe-hacker? Probably > > not. From what I can gather, Qubes attacks are difficult to pull off, so > > much that it hasn't been observed in the wild. However one of Qubes's > > weakpoints is the lack of reward pools for white-hat hackers who hunt for > > bugs and weakenesses, although it may be solved soon through donations I > > think? Anyway, just be careful, don't do anything that you can't pay for > > afterwards, be it your life, prison, or what else may be hunting you. > > > > Also to do Qubes justice, it's still pretty darn secure. It requires exotic > > and probably difficult hacks to get through, such as hacking one DomU and > > mess up your memory in other to break into another DOmU, and thereby > > indirectly get access to Dom0, or something like that. Presumably the Qubes > > 4 system is much better protected against this kind of difficult but > > theoretical possible attack, than Qubes 3.2 is. > > > > Then again, I'm no security expert, take my words with some salt. But > > definitely don't believe Qubes has perfect isolation, it doesn't, not with > > modern technology anyway. However it's a massive leap in the right > > direction for better security. > > > > Furthermore, be extremely mindful of user-habits and which websites you > > visit within the same Tor sessions. If someone is specifically targeting > > you, they might be able to do simple detective work to figure out who you > > are. Be sure to make a new session before you do anything that can tie your > >
[qubes-users] Re: Privacy in Qubes
On Friday, February 9, 2018 at 7:09:32 AM UTC+1, Tim W wrote: > On Wednesday, September 20, 2017 at 4:47:16 PM UTC-4, Yuraeitha wrote: > > On Wednesday, September 20, 2017 at 12:50:46 PM UTC, Dominique St-Pierre > > Boucher wrote: > > > On Wednesday, September 20, 2017 at 8:27:40 AM UTC-4, cooloutac wrote: > > > > On Monday, September 18, 2017 at 11:02:50 PM UTC-4, Person wrote: > > > > > Let's say you have an online identity that you want to keep separate > > > > > from your personal information. On Qubes, is it possible to keep i > > > > > information completely separate without physical separation? I have > > > > > considered using a separate OS virtualized in Qubes, but it may > > > > > possibly leak the same device data. Multibooting with Qubes is also > > > > > not the safest idea. > > > > > > > > > > What is the best way to keep online information from being traced > > > > > back to you on Qubes? > > > > > > > > Not really sure what you are asking, or what information specifically. > > > > Keeping information separate is the general purpose of Qubes. One vm > > > > doesn't know what data is on the other one. > > > > > > > > If you are talking about keeping your identity hidden from the > > > > internet. Just don't let the vm connect to the internet? > > > > > > > > As far as information like device id's, that would depend on the > > > > program you are connecting to the internet and if it gathers such > > > > information. I really don't know if what core linux processes do this. > > > > Browsers prolly do yes? > > > > > > > > In general, hiding your identity is not really something thats Qubes > > > > specific. Use multiple whonix qubes with tor browser? Don't log in > > > > the same online identities on the same vm? > > > > > > If you are talking about the first the identity of your computer, that > > > will always be the same hostname, mac address if you connect both vm > > > through the same network card. If you have 2 network card (and different > > > sys-net), you can maybe have the traffic through one card for one ID and > > > the other ID through the other card but if you are using it at home on > > > the same lan, I don't see the point. But doing it on a public wifi and > > > using 2 differents network card (and different sys-net vm) you can have 2 > > > different session on the same website and I don't see a way from the > > > server side to figure out that you are doing it from the same computer. > > > > > > Hope I make sense!!! > > > > > > Dominique > > > > I second Dominique here, this is what I would do too if I wanted to > > maximize anonymity. However be mindful that it's still risky if its a > > matter of life and death, or anything other really serious/important. There > > is always a remote chance that something can be used to track back to you, > > be it something brand new, zero-day exploits, or what else hidden tricks is > > out there. Although these is mostly only used against high-profile targets, > > and typically, or most likely not,on your everyday internet users. > > > > For example virtualization isn't perfect. To my knowledge, this is one of > > the reasons Qubes is switching from PV to HVM. And even then, HVM seems to > > only be a temporay solution, as while it's better than the current PV, it > > isn't perfect either. Generally, you're in deep trouble if someone is > > hunting you as a high-profile, but if its the average joe-hacker? Probably > > not. From what I can gather, Qubes attacks are difficult to pull off, so > > much that it hasn't been observed in the wild. However one of Qubes's > > weakpoints is the lack of reward pools for white-hat hackers who hunt for > > bugs and weakenesses, although it may be solved soon through donations I > > think? Anyway, just be careful, don't do anything that you can't pay for > > afterwards, be it your life, prison, or what else may be hunting you. > > > > Also to do Qubes justice, it's still pretty darn secure. It requires exotic > > and probably difficult hacks to get through, such as hacking one DomU and > > mess up your memory in other to break into another DOmU, and thereby > > indirectly get access to Dom0, or something like that. Presumably the Qubes > > 4 system is much better protected against this kind of difficult but > > theoretical possible attack, than Qubes 3.2 is. > > > > Then again, I'm no security expert, take my words with some salt. But > > definitely don't believe Qubes has perfect isolation, it doesn't, not with > > modern technology anyway. However it's a massive leap in the right > > direction for better security. > > > > Furthermore, be extremely mindful of user-habits and which websites you > > visit within the same Tor sessions. If someone is specifically targeting > > you, they might be able to do simple detective work to figure out who you > > are. Be sure to make a new session before you do anything that can tie your > >
[qubes-users] Re: Privacy in Qubes
On Tuesday, 26 September 2017 03:10:37 UTC+1, Drew White wrote: > On Saturday, 23 September 2017 11:39:31 UTC+10, Person wrote: > > These are all very good tips, but to be honest, I'm not actually doing > > anything too serious on Qubes so tracking is not that bad (but privacy is > > still valuable). > > > > How would changing the web user agent fare? I tried it, and I believe it > > works well, but I am not sure what happens to the tracking. Of course, > > adding another OS in a Qubes VM would work well too, but it takes much more > > effort. > > There is so much more that one would need to do to protect privacy. > > Either you want privacy and do everything within your power, or else you > don't. > > User Agent, doesn't mean much these days, they can still query the browser > directly, unless you change all that information too. > Tracking.. not everyone obeys the "do not track me" settings. > > I have one guest for this forum. I have one guest for another thing, and so > on. > > I have multiple NetVMs and multiple ProxyVMs. > > I run anywhere between 5 and 25 guests at any one time. > I run Debian, Slackware, CentOS, Windows 3.11,95,98,2000,xp,7,8,10 (32 and 64 > bit versions of available). I run OSX, ESXi, PFSense, Android 4, 5, 6, 7, > Qubes 1,2,3, XEN, PASOS, COFFEE, OS/2, Also many many tools that I run for > attaching external HDDs and running tools on them. > > I keep privacy between them, but I also try to keep my privacy online by > running VPNs and TOR and VPN through TOR. All for different tasks and > accesses and security requirements. Would having 2 APP VMs, each connecting to ProxyVM and VPNVM, connecting to FirewallVM be OK with you? (The VPN VM "exiting" the internet not from your home router)? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5e46da95-5aef-44e0-8274-dbf6dfa5b438%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Wednesday, September 20, 2017 at 4:47:16 PM UTC-4, Yuraeitha wrote: > On Wednesday, September 20, 2017 at 12:50:46 PM UTC, Dominique St-Pierre > Boucher wrote: > > On Wednesday, September 20, 2017 at 8:27:40 AM UTC-4, cooloutac wrote: > > > On Monday, September 18, 2017 at 11:02:50 PM UTC-4, Person wrote: > > > > Let's say you have an online identity that you want to keep separate > > > > from your personal information. On Qubes, is it possible to keep i > > > > information completely separate without physical separation? I have > > > > considered using a separate OS virtualized in Qubes, but it may > > > > possibly leak the same device data. Multibooting with Qubes is also not > > > > the safest idea. > > > > > > > > What is the best way to keep online information from being traced back > > > > to you on Qubes? > > > > > > Not really sure what you are asking, or what information specifically. > > > Keeping information separate is the general purpose of Qubes. One vm > > > doesn't know what data is on the other one. > > > > > > If you are talking about keeping your identity hidden from the internet. > > > Just don't let the vm connect to the internet? > > > > > > As far as information like device id's, that would depend on the program > > > you are connecting to the internet and if it gathers such information. I > > > really don't know if what core linux processes do this. Browsers prolly > > > do yes? > > > > > > In general, hiding your identity is not really something thats Qubes > > > specific. Use multiple whonix qubes with tor browser? Don't log in the > > > same online identities on the same vm? > > > > If you are talking about the first the identity of your computer, that will > > always be the same hostname, mac address if you connect both vm through the > > same network card. If you have 2 network card (and different sys-net), you > > can maybe have the traffic through one card for one ID and the other ID > > through the other card but if you are using it at home on the same lan, I > > don't see the point. But doing it on a public wifi and using 2 differents > > network card (and different sys-net vm) you can have 2 different session on > > the same website and I don't see a way from the server side to figure out > > that you are doing it from the same computer. > > > > Hope I make sense!!! > > > > Dominique > > I second Dominique here, this is what I would do too if I wanted to maximize > anonymity. However be mindful that it's still risky if its a matter of life > and death, or anything other really serious/important. There is always a > remote chance that something can be used to track back to you, be it > something brand new, zero-day exploits, or what else hidden tricks is out > there. Although these is mostly only used against high-profile targets, and > typically, or most likely not,on your everyday internet users. > > For example virtualization isn't perfect. To my knowledge, this is one of the > reasons Qubes is switching from PV to HVM. And even then, HVM seems to only > be a temporay solution, as while it's better than the current PV, it isn't > perfect either. Generally, you're in deep trouble if someone is hunting you > as a high-profile, but if its the average joe-hacker? Probably not. >From > what I can gather, Qubes attacks are difficult to pull off, so much that it > hasn't been observed in the wild. However one of Qubes's weakpoints is the > lack of reward pools for white-hat hackers who hunt for bugs and weakenesses, > although it may be solved soon through donations I think? Anyway, just be > careful, don't do anything that you can't pay for afterwards, be it your > life, prison, or what else may be hunting you. > > Also to do Qubes justice, it's still pretty darn secure. It requires exotic > and probably difficult hacks to get through, such as hacking one DomU and > mess up your memory in other to break into another DOmU, and thereby > indirectly get access to Dom0, or something like that. Presumably the Qubes 4 > system is much better protected against this kind of difficult but > theoretical possible attack, than Qubes 3.2 is. > > Then again, I'm no security expert, take my words with some salt. But > definitely don't believe Qubes has perfect isolation, it doesn't, not with > modern technology anyway. However it's a massive leap in the right direction > for better security. > > Furthermore, be extremely mindful of user-habits and which websites you visit > within the same Tor sessions. If someone is specifically targeting you, they > might be able to do simple detective work to figure out who you are. Be sure > to make a new session before you do anything that can tie your identity to > anything which must be anonymous in the future. It can even be the > combination of websites you visit, fingerprints in the Tor browser (they are > hard to get rid off, even for Tor/Whonix). Never turn on
Re: [qubes-users] Re: Privacy in Qubes
On Wednesday, 27 September 2017 01:45:09 UTC+10, Sven Semmler wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On 09/25/2017 09:10 PM, Drew White wrote: > > Debian, Slackware, CentOS, Windows 3.11,95,98,2000,xp,7,8,10 (32 > > and 64 bit versions of available). I run OSX, ESXi, PFSense, > > Android 4, 5, 6, 7, Qubes 1,2,3, XEN, PASOS, COFFEE, OS/2, > > why? (just curious, maybe off topic for this list) > > /Sven I'm a developer. A coder. A Programmer. Whatever you want to use as terminology. Not to mention I like my privacy online. So I confuse things by using many different O/S. Many different means that if a site will not work in one O/S or Browser, I can easily change. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/004d5ac1-8f83-4d3c-b3f8-5ee875c2f88d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Wednesday, 27 September 2017 10:04:58 UTC+10, Person wrote: > On Tuesday, September 19, 2017 at 11:02:50 AM UTC+8, Person wrote: > > Let's say you have an online identity that you want to keep separate from > > your personal information. On Qubes, is it possible to keep i information > > completely separate without physical separation? I have considered using a > > separate OS virtualized in Qubes, but it may possibly leak the same device > > data. Multibooting with Qubes is also not the safest idea. > > > > What is the best way to keep online information from being traced back to > > you on Qubes? > > Oh, okay. Can this issue can be minimized on Tor or other certain types of > browsers? Would a certain VPN work? (I normally distrust VPNs, and certain > ones don't work well with Tor, so I probably will not use VPNs.) TOR merely anonomises you and your location, anything that can be seen from the browser and the interaction of the webpage to the server and vice-versa can still be seen and detected. The User Agent doesn't give too much information, but it is advisable to alter it to be what you want to show what you want. IF you want to see what else they can find out, have a look ingot the javascript BROWSER object. VPNs are more for security. If I'm on an insecure network with my laptop, I will VPN to my home network and thus have an encrypted connection out from the insecure network that I don't trust. Also, I have VPN available so that if I need to connect to a server at my house, then I can VPN in and do what I need to without having other ports exposed to the outside world. If you VPN, you can then TOR through the VPN. That will create another layer of security. I have multiple locations where I can VPN to that I know and trust. Through one VPN I can TOR out to then create a VPN through that TOR tunnel to another location and TOR through that. It hides my location and keeps data encrypted as best it can, but what they can find out about me is always going to be minimal, but determinable. Thus I have multiple VMs for many things. One for one website, one for another.. That way, they can't connect the 2 using the browser data. Only by my external IP, which keeps changing because of TOR and such, unless I trust the site and connect directly to it. This is why I block many advertising websites. I block and don't use FaceBook, I don't use Twitter or Instagram or any of those things. I only use Google for Apps and even block most of Googles invasion stuff. So I have many things that I am doing to protect myself. In browsers (FF BASED), I run NoScript. I also use the Web Developer Toolbar and User Agent Switcher from Chris, and FireBug. It's a standard Setup for me. It allows me to run only what locations I want scripts to run from. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4252d513-1783-4160-9914-e4eb0fb192dc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Tuesday, September 19, 2017 at 11:02:50 AM UTC+8, Person wrote: > Let's say you have an online identity that you want to keep separate from > your personal information. On Qubes, is it possible to keep i information > completely separate without physical separation? I have considered using a > separate OS virtualized in Qubes, but it may possibly leak the same device > data. Multibooting with Qubes is also not the safest idea. > > What is the best way to keep online information from being traced back to you > on Qubes? Oh, okay. Can this issue can be minimized on Tor or other certain types of browsers? Would a certain VPN work? (I normally distrust VPNs, and certain ones don't work well with Tor, so I probably will not use VPNs.) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/910d98ee-72c9-49f8-abc9-f89683ffd5a0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Wednesday, 27 September 2017 06:08:47 UTC+10, Person wrote: > About querying the browser directly: > How exactly do I change the browser information to prevent such queries? I > have Mozilla Firefox in sys-net. Not possible. It's built into the browser. you would have to rewrite it. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7c0ae8ef-35f8-4c70-a216-d4db5866670a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
About querying the browser directly: How exactly do I change the browser information to prevent such queries? I have Mozilla Firefox in sys-net. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b429e5d0-077c-42c7-80bf-9d2d8528eefa%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Privacy in Qubes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 09/25/2017 09:10 PM, Drew White wrote: > Debian, Slackware, CentOS, Windows 3.11,95,98,2000,xp,7,8,10 (32 > and 64 bit versions of available). I run OSX, ESXi, PFSense, > Android 4, 5, 6, 7, Qubes 1,2,3, XEN, PASOS, COFFEE, OS/2, why? (just curious, maybe off topic for this list) /Sven -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJZynX6AAoJENpuFnuPVB+2+I4P/RrDrdI8mIh7JDGJEkAR0HH0 KpxsqBOEKAy9juPu+domotmHaj8czLRNqaNTJkI9kxqH7CQbAIoLf1z4H5JeYw8e BXD0V4x3S4Ik7tlISqTHwHq9DfN2KUmJhl1k9SewLfQBqgF7O892YjKItPbeZ3kJ OMCu98YgA2tcfmNh2B2f6Sx4hX51JaB/NQtvGaAu0pjRCQwn2GZwpZnxAYYOnAER NRKZQwGVczE0m1FIkL1HtWBOB268u8uni2LKYoGHRkcq2RvDiezVlPtPXj1s4MQS y1J8o0YrjL5EtZBGi+XcCiFSUM36smMuE906tXfAcwvON9LPFLfc3qkmhXrTYkLx w99b+oDiWD9aVnr0XMN/iAl1ZlNp53Us/8FkeizmrKJ9imSKJUUMj70QKZAwgyXX ait5tpUdKczI5jq7fC6C8H4/IGt+PI0XqBH2AHGDDY9l3TSPTXwWZv0xOYXOxwR6 +jufPeJwnXZjyL05Tz2a/iYy4m7zP1rIT1lL5ox7oyEL2Kk3Z24X6y2JXDoqe8lt cY16o7aT2sXbESQAiOp4RfjxCGyGJRieIVlPnnfydu62fqte8BB9Jfbk3LvdKqxr eUpBQ5jkQsMrAXculMwt23Xqu8fwnI+KFZuMeLttgNGdr73MoV+td7i3I8l3mWFv mHEyXu1L+BtEg8+IHEGi =CVVV -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1e47315f-d635-589d-d02b-769d9113f4d7%40SvenSemmler.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Saturday, 23 September 2017 11:39:31 UTC+10, Person wrote: > These are all very good tips, but to be honest, I'm not actually doing > anything too serious on Qubes so tracking is not that bad (but privacy is > still valuable). > > How would changing the web user agent fare? I tried it, and I believe it > works well, but I am not sure what happens to the tracking. Of course, adding > another OS in a Qubes VM would work well too, but it takes much more effort. There is so much more that one would need to do to protect privacy. Either you want privacy and do everything within your power, or else you don't. User Agent, doesn't mean much these days, they can still query the browser directly, unless you change all that information too. Tracking.. not everyone obeys the "do not track me" settings. I have one guest for this forum. I have one guest for another thing, and so on. I have multiple NetVMs and multiple ProxyVMs. I run anywhere between 5 and 25 guests at any one time. I run Debian, Slackware, CentOS, Windows 3.11,95,98,2000,xp,7,8,10 (32 and 64 bit versions of available). I run OSX, ESXi, PFSense, Android 4, 5, 6, 7, Qubes 1,2,3, XEN, PASOS, COFFEE, OS/2, Also many many tools that I run for attaching external HDDs and running tools on them. I keep privacy between them, but I also try to keep my privacy online by running VPNs and TOR and VPN through TOR. All for different tasks and accesses and security requirements. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5314fcfe-765a-4461-8a25-ccdd95472487%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Friday, September 22, 2017 at 9:39:31 PM UTC-4, Person wrote: > These are all very good tips, but to be honest, I'm not actually doing > anything too serious on Qubes so tracking is not that bad (but privacy is > still valuable). > > How would changing the web user agent fare? I tried it, and I believe it > works well, but I am not sure what happens to the tracking. Of course, adding > another OS in a Qubes VM would work well too, but it takes much more effort. Tracking and privacy go hand in hand. I would Just use tor browser. Not sure how safe or maintained alot of addons are. I don't think adding another os in the vm would help. I would use multiple whonix vms for diff identities if need be. You can even make it your disposable vm. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2f587ab9-3857-4985-9f79-7aac44412623%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
These are all very good tips, but to be honest, I'm not actually doing anything too serious on Qubes so tracking is not that bad (but privacy is still valuable). How would changing the web user agent fare? I tried it, and I believe it works well, but I am not sure what happens to the tracking. Of course, adding another OS in a Qubes VM would work well too, but it takes much more effort. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e36a5cd6-0d33-4d36-9f17-8838722a381a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Wednesday, September 20, 2017 at 12:50:46 PM UTC, Dominique St-Pierre Boucher wrote: > On Wednesday, September 20, 2017 at 8:27:40 AM UTC-4, cooloutac wrote: > > On Monday, September 18, 2017 at 11:02:50 PM UTC-4, Person wrote: > > > Let's say you have an online identity that you want to keep separate from > > > your personal information. On Qubes, is it possible to keep i information > > > completely separate without physical separation? I have considered using > > > a separate OS virtualized in Qubes, but it may possibly leak the same > > > device data. Multibooting with Qubes is also not the safest idea. > > > > > > What is the best way to keep online information from being traced back to > > > you on Qubes? > > > > Not really sure what you are asking, or what information specifically. > > Keeping information separate is the general purpose of Qubes. One vm > > doesn't know what data is on the other one. > > > > If you are talking about keeping your identity hidden from the internet. > > Just don't let the vm connect to the internet? > > > > As far as information like device id's, that would depend on the program > > you are connecting to the internet and if it gathers such information. I > > really don't know if what core linux processes do this. Browsers prolly do > > yes? > > > > In general, hiding your identity is not really something thats Qubes > > specific. Use multiple whonix qubes with tor browser? Don't log in the > > same online identities on the same vm? > > If you are talking about the first the identity of your computer, that will > always be the same hostname, mac address if you connect both vm through the > same network card. If you have 2 network card (and different sys-net), you > can maybe have the traffic through one card for one ID and the other ID > through the other card but if you are using it at home on the same lan, I > don't see the point. But doing it on a public wifi and using 2 differents > network card (and different sys-net vm) you can have 2 different session on > the same website and I don't see a way from the server side to figure out > that you are doing it from the same computer. > > Hope I make sense!!! > > Dominique I second Dominique here, this is what I would do too if I wanted to maximize anonymity. However be mindful that it's still risky if its a matter of life and death, or anything other really serious/important. There is always a remote chance that something can be used to track back to you, be it something brand new, zero-day exploits, or what else hidden tricks is out there. Although these is mostly only used against high-profile targets, and typically, or most likely not,on your everyday internet users. For example virtualization isn't perfect. To my knowledge, this is one of the reasons Qubes is switching from PV to HVM. And even then, HVM seems to only be a temporay solution, as while it's better than the current PV, it isn't perfect either. Generally, you're in deep trouble if someone is hunting you as a high-profile, but if its the average joe-hacker? Probably not. From what I can gather, Qubes attacks are difficult to pull off, so much that it hasn't been observed in the wild. However one of Qubes's weakpoints is the lack of reward pools for white-hat hackers who hunt for bugs and weakenesses, although it may be solved soon through donations I think? Anyway, just be careful, don't do anything that you can't pay for afterwards, be it your life, prison, or what else may be hunting you. Also to do Qubes justice, it's still pretty darn secure. It requires exotic and probably difficult hacks to get through, such as hacking one DomU and mess up your memory in other to break into another DOmU, and thereby indirectly get access to Dom0, or something like that. Presumably the Qubes 4 system is much better protected against this kind of difficult but theoretical possible attack, than Qubes 3.2 is. Then again, I'm no security expert, take my words with some salt. But definitely don't believe Qubes has perfect isolation, it doesn't, not with modern technology anyway. However it's a massive leap in the right direction for better security. Furthermore, be extremely mindful of user-habits and which websites you visit within the same Tor sessions. If someone is specifically targeting you, they might be able to do simple detective work to figure out who you are. Be sure to make a new session before you do anything that can tie your identity to anything which must be anonymous in the future. It can even be the combination of websites you visit, fingerprints in the Tor browser (they are hard to get rid off, even for Tor/Whonix). Never turn on Javascript when browsing websites that must be anonymouse (fingerprinting is heavily increased with javascript enabled), and never move the Tor window from its default launch location, never resize it, never zoom or scale, never install addons,
[qubes-users] Re: Privacy in Qubes
On Wednesday, September 20, 2017 at 8:50:46 AM UTC-4, Dominique St-Pierre Boucher wrote: > On Wednesday, September 20, 2017 at 8:27:40 AM UTC-4, cooloutac wrote: > > On Monday, September 18, 2017 at 11:02:50 PM UTC-4, Person wrote: > > > Let's say you have an online identity that you want to keep separate from > > > your personal information. On Qubes, is it possible to keep i information > > > completely separate without physical separation? I have considered using > > > a separate OS virtualized in Qubes, but it may possibly leak the same > > > device data. Multibooting with Qubes is also not the safest idea. > > > > > > What is the best way to keep online information from being traced back to > > > you on Qubes? > > > > Not really sure what you are asking, or what information specifically. > > Keeping information separate is the general purpose of Qubes. One vm > > doesn't know what data is on the other one. > > > > If you are talking about keeping your identity hidden from the internet. > > Just don't let the vm connect to the internet? > > > > As far as information like device id's, that would depend on the program > > you are connecting to the internet and if it gathers such information. I > > really don't know if what core linux processes do this. Browsers prolly do > > yes? > > > > In general, hiding your identity is not really something thats Qubes > > specific. Use multiple whonix qubes with tor browser? Don't log in the > > same online identities on the same vm? > > If you are talking about the first the identity of your computer, that will > always be the same hostname, mac address if you connect both vm through the > same network card. If you have 2 network card (and different sys-net), you > can maybe have the traffic through one card for one ID and the other ID > through the other card but if you are using it at home on the same lan, I > don't see the point. But doing it on a public wifi and using 2 differents > network card (and different sys-net vm) you can have 2 different session on > the same website and I don't see a way from the server side to figure out > that you are doing it from the same computer. > > Hope I make sense!!! > > Dominique someone made a script here on the forums to auto change the mac address if I recall. Don't think the browser is sending your mac address, nor your routers. So maybe not nescessary for http, Although, you might also want to disable ipv6 and not use an isp router just in case. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a8fce692-f144-47cb-a075-1e2d93a9053d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Wednesday, September 20, 2017 at 8:27:40 AM UTC-4, cooloutac wrote: > On Monday, September 18, 2017 at 11:02:50 PM UTC-4, Person wrote: > > Let's say you have an online identity that you want to keep separate from > > your personal information. On Qubes, is it possible to keep i information > > completely separate without physical separation? I have considered using a > > separate OS virtualized in Qubes, but it may possibly leak the same device > > data. Multibooting with Qubes is also not the safest idea. > > > > What is the best way to keep online information from being traced back to > > you on Qubes? > > Not really sure what you are asking, or what information specifically. > Keeping information separate is the general purpose of Qubes. One vm doesn't > know what data is on the other one. > > If you are talking about keeping your identity hidden from the internet. > Just don't let the vm connect to the internet? > > As far as information like device id's, that would depend on the program you > are connecting to the internet and if it gathers such information. I really > don't know if what core linux processes do this. Browsers prolly do yes? > > In general, hiding your identity is not really something thats Qubes > specific. Use multiple whonix qubes with tor browser? Don't log in the same > online identities on the same vm? I meant don't log into different identities on the same whonix qube. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/68eb63eb-9e00-488a-9349-866f0faba7f5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Wednesday, September 20, 2017 at 8:27:40 AM UTC-4, cooloutac wrote: > On Monday, September 18, 2017 at 11:02:50 PM UTC-4, Person wrote: > > Let's say you have an online identity that you want to keep separate from > > your personal information. On Qubes, is it possible to keep i information > > completely separate without physical separation? I have considered using a > > separate OS virtualized in Qubes, but it may possibly leak the same device > > data. Multibooting with Qubes is also not the safest idea. > > > > What is the best way to keep online information from being traced back to > > you on Qubes? > > Not really sure what you are asking, or what information specifically. > Keeping information separate is the general purpose of Qubes. One vm doesn't > know what data is on the other one. > > If you are talking about keeping your identity hidden from the internet. > Just don't let the vm connect to the internet? > > As far as information like device id's, that would depend on the program you > are connecting to the internet and if it gathers such information. I really > don't know if what core linux processes do this. Browsers prolly do yes? > > In general, hiding your identity is not really something thats Qubes > specific. Use multiple whonix qubes with tor browser? Don't log in the same > online identities on the same vm? If you are talking about the first the identity of your computer, that will always be the same hostname, mac address if you connect both vm through the same network card. If you have 2 network card (and different sys-net), you can maybe have the traffic through one card for one ID and the other ID through the other card but if you are using it at home on the same lan, I don't see the point. But doing it on a public wifi and using 2 differents network card (and different sys-net vm) you can have 2 different session on the same website and I don't see a way from the server side to figure out that you are doing it from the same computer. Hope I make sense!!! Dominique -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7cbe2c87-12c1-454c-bbd5-6c228cb879ad%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Monday, September 18, 2017 at 11:02:50 PM UTC-4, Person wrote: > Let's say you have an online identity that you want to keep separate from > your personal information. On Qubes, is it possible to keep i information > completely separate without physical separation? I have considered using a > separate OS virtualized in Qubes, but it may possibly leak the same device > data. Multibooting with Qubes is also not the safest idea. > > What is the best way to keep online information from being traced back to you > on Qubes? Not really sure what you are asking, or what information specifically. Keeping information separate is the general purpose of Qubes. One vm doesn't know what data is on the other one. If you are talking about keeping your identity hidden from the internet. Just don't let the vm connect to the internet? As far as information like device id's, that would depend on the program you are connecting to the internet and if it gathers such information. I really don't know if what core linux processes do this. Browsers prolly do yes? In general, hiding your identity is not really something thats Qubes specific. Use multiple whonix qubes with tor browser? Don't log in the same online identities on the same vm? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fe541c17-5f37-47ab-bfee-3109e572f721%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Privacy in Qubes
On Tuesday, 19 September 2017 13:02:50 UTC+10, Person wrote: > Let's say you have an online identity that you want to keep separate from > your personal information. On Qubes, is it possible to keep i information > completely separate without physical separation? I have considered using a > separate OS virtualized in Qubes, but it may possibly leak the same device > data. Multibooting with Qubes is also not the safest idea. > > What is the best way to keep online information from being traced back to you > on Qubes? that is near impossible for what I see you are asking the impossible. Your PC is your PC. Your identity is yours. Tryign to keep them separate means don't even use the two identities from the same internet connection while you are the only one home. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b992d5f2-2b5f-40a9-84b7-dce692dcb53e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
