subject:"\[Trisquel\-users\] Qubes OS thoughts"

I downloaded the latest Tails. They now have a tails down loader plugin for  
Tails that does the download and then verifies it with a click of a button.  
Pretty user friendly. I hope it's secure.


Burned it to a DVD and it actually runs pretty well on my desktop. Looks like  
Gnome 3.


While a thumb drive can be altered, a DVD -R can't. But it wouldn't be any  
good to carry on your key chain.

Re: [Trisquel-users] Qubes OS thoughts


I am so sorry. I was once where you are now.

It looks like the procedure for installing TAILS from Windows is identical:

https://tails.boum.org/install/win/index.en.html

and I cannot recommend non-free software on this forum, but if you type  
"create bootable USB stick from windows" into your search engine, it will  
take you to a tutorial at ubuntu.com, which is upstream to Trisquel.


Back in my day, it was CDs, not USB sticks, but running live gave me the  
confidence to take the next step.


I seem to be the exception to the rule, but there was also a project called  
GNUWin II that helped me lose Windows (XP and 98 back then so nowhere near as  
toxic and malicious as what you're running) by becoming familiar with many  
GNU programs, such as the precursor of LibreOffice, The Gimp (image editor  
that replaces photoshop), audacity (sound editor), etc.


If you have the time, you could probably still find some windows ports of GNU  
programs for motivation and to do what you can to minimize your use of third  
party malware.


Keep asking questions. You are very brave to begin this journey and I am  
excited for you.


As one of my mentors used to say back in the day, it's hard to believe it's  
been 13 years already, welcome to the revolution!

Re: [Trisquel-users] Qubes OS thoughts

No I'm not running Trisquel Heather I  have window$ on my computer, I want to  
test tails and/ or trisquel out before I decide whether I want to cut Window$  
entirely.

Re: [Trisquel-users] Qubes OS thoughts

Well thank you for the kind words Heather, the only thing for me about Tails  
is that I'm in college and I log into the canvas website which requires  
typing in my ID for college, so I'm not exactly sure how I could be anonymous  
on my college website or the websites where I work on my assignments.

Re: [Trisquel-users] Qubes OS thoughts

Well, that's not entirely true, I may use it at some point, but it's really  
for the pro's of GNU/Linux and I'm not (at least not yet)

Re: [Trisquel-users] Qubes OS thoughts

Ugh--holy vision issues, Batman, I meant to reply to your post, CalmStorm,  
not upvote or downvote it. Since I can't just retract an oopsie, let's go  
with an upvote.


Anywho, Nickman, you can just take these fine people's advice about creating  
live USB sticks to check out TAILS and live USB sticks in general,  but for  
the lurkers and just in case you do have sensitive information, it is safest  
to use the TAILS installer.


It should be in the reps for Flidas, but assuming that you are running  
Belenos, here are the instructions:


https://tails.boum.org/install/linux/index.en.html

Re: [Trisquel-users] Qubes OS thoughts

An 8 GB flash drive can be had in the Seattle area for about $4 or $5.  
According to https://tails.boum.org/install/debian/index.en.html you need at  
least 4 GB. I put it on a flash drive housed in metal with a hole so that it  
fit my key ring. Thought that was kind of a cool way to go, I've always got  
it with me even though I seldom use it. Flash drives are probably more prone  
to wearing out.


Installing it to a DVD would be cheaper.

Re: [Trisquel-users] Qubes OS thoughts

2017-02-07 Thread mcz

It's not for anonymity (not as fine-tuned as Tails), but for maximum  
security.


I'd love to make parts of my OS completely unavailable from the web though,  
or even from other parts of my OS, though it seems it takes some time to get  
used to the way Qubes work.
But I'm not sure I need this much security. Plus seeing how much time I've  
spent on configuring my OS the way I want it (not even fully done yet), I'd  
get insane with Qubes with it's hardware support issues inside each VM.


Most likely, I'd use different strategies:
- for banking and shopping (I don't mind using both in the same browser), and  
maybe for some rare and specific browsing, I need JavaScript, which means a  
dedicated browser firejailed. If I can, I'd use either another instance, or  
another browser altogether for the rare JavaScript browsing that's not  
banking nor shopping.
- for untrusted stuff, maybe a VM without external connections. Actually I  
don't even need that.
- for personal stuff, I'd use a browser without Javascript and also  
Firejailed, so that anything happening happens in a dedicated virtual folder,  
nowhere else.
- not being online when I don't need to (I could make a shortcut for that,  
though I doubt it would work for Ethernet connection).


This suits my personal needs.

Oh, and Tor for decent anonymity.
Tails is for the pros, the journalists etc. I'll probably never use it.

Re: [Trisquel-users] Qubes OS thoughts

2017-02-07 Thread greatgnu


Tails on a DVD is unbearably slow. Not recommended.

Re: [Trisquel-users] Qubes OS thoughts


I unfortunately don't have a DVD/CD slot on my computer

Re: [Trisquel-users] Qubes OS thoughts


That nothing will be saved to USB and everything will disappear.


http://linuxliveusb.com/en/help/faq/persistence/67-what-is-persistence

Re: [Trisquel-users] Qubes OS thoughts


Okay thanks guys

Re: [Trisquel-users] Qubes OS thoughts

2017-02-07 Thread calmstorm

I think dd is better though because startup disk creator fails a lot at least  
for me.

Re: [Trisquel-users] Qubes OS thoughts


Okay, I'll try that, what do you mean by persistence Magic?

Re: [Trisquel-users] Qubes OS thoughts

2017-02-07 Thread calmstorm

Pros of it: No doubt their security is so much more than any other operating  
system. due to their method of not trusting the bios part. not sure how they  
do that though...



Cons: I tried it on my korora penguin, it didn't work very well/confusing.  
not sure if it is because kororapenguin is incompatible or what...


they disrespect gnu from which linux was born.

It requires a powerful computer and lots of memory

Other:

dualbooting not an option and neither is 3d acceleration

That being said:

 I would like to see a free software based version of debian with such  
capabilities. even if it allowed vms for the dreaded windows 10.


personally not interested in windows 10 because it is the worst windows ever  
and it is supposedly bleeding edge.


Bleeding edge is bad enough for arch cannot imagine how many windows  
computers break because of it.


Though, this would probably convince more people to ditch windows 10 as their  
main os.


that also being said though, any giant leap forward has a few steps back  
before hand.

Re: [Trisquel-users] Qubes OS thoughts

2017-02-07 Thread familyopenmail5890

*Qubes Is YOU a system “*out *the *box” smart to use, recommend to read  
his documentation little by little by what can contribute to the hour to use  
the system.


In my experience with the system would stand out:

From my scarce technical knowledge, this system covers appearances of  
security that the conventional monolithic operating systems does not reach  
them, that is to say, the purpose of *Qubes is YOU do more difficult this  
hypothetical *game *over to the that a monolithic system finds  constantly  
exposed.


The metaphor perhaps could draw as if a system treated  of an army, with what  
sail, with the host, with the king? No, in *Qubes sail with a first line of  
army (*AppVM) with which no only sail, but you also execute all your  
programs, if this line falls or is engaged, don 't happen nothing, clone  
another, created another.


Backwards of this first line where execute our programs, finds  the second  
line of our army (*Templates), these only serve to install, have denied the  
access (by defect) to connect  further of your repositories, can update them  
with a pair of clicks and install also graphic or by commandos. But if it is  
line fell or went committed, neither there would be *game *over, install or  
clone others, reproduce the same without *despeinarte neither be  
“defeated”.


And from further back in the army, finds  the old *dom0, offline to increase  
his security, he is the host, yes, that with which handled us in monolithic  
systems, if he falls or arrives to fall, all fall, here yes would be *game  
*over, therefore, the logic means to be possible to touch the minimum to  
*dom0, update and little more.


If to level of system to one liked him this logic, the controllers of the  
*USBs (*HDD of external storage, *pendrives, even the keyboard if it is *usb)  
also would not have to touch the host, because they could engage to the  
system, therefore, in *Qubes a *AppVM (*sys-USB) is the one who commissions   
of all the controllers *USBs , with access to the host? No, it could result  
dangerous, with access from a *AppVM, this loads  (by defect) to the start,  
and only allow him  changes to level of user


In the technical appearance recommend the reading of for example this article  
with regard to the concept of isolation in monolithic systems


https://theinvisiblethings.blogspot.nl/2011/04/linux-security-circus-on-gui-isolation.html

Concept of flexibility by what this logic means, *drivers of printers no  
reliable, what would do in a monolithic? Perhaps litter the system, possibly  
not knowing if the system finds  engaged through some simple *drivers of  
printer, in *Qubes You, can devote a *Template for this function and later,  
*disconnect the *AppVM that is serving you to print, scan increasing his  
security.. What a *driver or software no reliable that can result you useful  
does not engage your system.


Also flexibility by all what can you  occur from this logic, all what mean to  
install programs to level of user or to level of system can mean a lot of  
ease to find a better form to order, separate, isolate some uses of others,  
administer what results you more reliable or less reliable without having to  
engage your system.


In the question that tackle to the games, could install small games,  
emulators and all this world, and for big games, from *aventurarse to happen  
a second graphic card *virtualizando or easier devote a *HDD with an  
exclusive monolithic system for this.


In the computing, can exist today a *chaos in the concept of “comfort”  
and do reference to him because it is a subject. All comfort or all ease  
never travels alone, always accompanies  of his corresponding difficulties,  
of his corresponding call “small letter” or “*hit in the eggs”, ease  
*feeds to difficulty and difficulty *feeds to ease, would not work the one  
without the another. Therefore, when it treats  of ease and of comfort of  
course that also it is  treating of difficulty and of discomfort, but of what  
really they treat  for us, is of the possibility to recognise an and again  
the trace of our results, the advantages or disadvantages that arrive and can  
find between our eases and our difficulties



Conclusions not to lengthen me more:

it Is true that the computer security so much and in what ours information  
could result committed, is a subject that can extend  to a lot of more areas,  
as for example, the *fingerprint that can leave one when sailing, the  
information that leave in computers(servers) that are not ours neither have  
any control on them, the *Bios of the majority of the *Pcs (*x86), or who is  
serving us Internet?, and all the *chaos that can surround to connect  
machines ones with other (Internet)...  The problems of security probably are  
part of what is and expects us,  increasing. It is possible, although I do  
not have neither idea, that to measure that the hardware go being more and  
more powerful, was a g

Re: [Trisquel-users] Qubes OS thoughts


Why??

Re: [Trisquel-users] Qubes OS thoughts

I thought I've seen some people say on here that you shouldn't use a flash  
drive because the code could basically be changed only so many times, before  
it becomes useless.

Re: [Trisquel-users] Qubes OS thoughts

The target user of TAILS is somebody like my daughter: she needs privacy but  
has little time or interest in looking under the hood or fine tuning. I think  
it's a perfect fit for journalists, activists, and people escaping from  
domestic violence. I wish there was a free version of it but of course I also  
wish that there was no need for it and we could all just get along.


Nickman, please don't underestimate yourself. It's surprising how easy  
GNU/Linux is too earn and some fine tuning that seems way, way over your head  
might turn out to be resolved by some kind fellow user taking a few minutes  
to tell you a few lines of text to type into a terminal window or to open a  
text editor and change a few words in a configuration file.


Your smart. You'll figure it out and we're here to help you.

/soapbox

Re: [Trisquel-users] Qubes OS thoughts

2017-02-07 Thread greatgnu

>Well, that's not entirely true, I may use it at some point, but it's really  
for the pro's of GNU/Linux



As easy as any debian based distro, only technical skill required is point  
and click. It is maximum privacy for the layman, that's the goal and the  
purpose of Tails.

Re: [Trisquel-users] Qubes OS thoughts

2017-02-07 Thread mcz

What Heather wrote. It's just fully tweaked for max anonymity. Of course, for  
example if you connect to a mail account you created while not being  
anonymous, then you're not anonymous anymore.

So the only difficulty is the behavior of the user online.

Else it's nothing special. But that also means that it's hardly an OS for  
normal use.


I mean only using Tor once in a while is enough for the anonymity level I  
seek.

Re: [Trisquel-users] Qubes OS thoughts

Your college would know you logged in so you can get credit for your homework  
etc. If you use tor in tails your ISP wouldn't know because the first thing  
that happens is tor sets up an encrypted channel to the tor network. No doubt  
they probably know you used tor but that would be all. That's no crime.


You can get tor for Trisquel or almost any OS but I found that it didn't  
always work unless I found the right tweaks (and I'm no pro either) but tails  
seemed to come pretweaked you might say. The PC just needs permission in the  
BIOS to be able to boot from usb first if available (assuming you install it  
to a flash drive).


If you have the time you might give tails a try. It's a lot easier than  
QubesOS I would say and also, it's a live OS so if you don't think it fits  
your needs all it cost you was a flash drive and you can always reformat that  
and use it for something else.

Re: [Trisquel-users] Qubes OS thoughts


I don't think I'll ever use tails either

Re: [Trisquel-users] Qubes OS thoughts

I think I expend enough time, I mean in my post I do acknowledge that it  
seems pretty secure and that it seems it does what is meant to do.


I also pointed some dowsides. That they on their website point. Like the lack  
of OpenGL, which means if you work in something like design, architecture,  
videogames, video edition, and similar, you will probably fare problems, also  
if you like games orbhave kids who like games.


Hence the dual boot talk, but hey you can't dualboot to do that stuff, so you  
will need a second pc if you need that, which kind of defeats the purpose.


I also said that this kind of protection, from my point of view, is an  
overkill for most users (i never said All of them) because if you follow a  
few basic steps and precautions a GNU/Linux is very secure.


I also mentioned interface from what i assume would be the use of a normal  
user. Who would have trouble seeing 2 or 3 different web browsers or  
libreoffice.


It is also a system that seems to be designed to be used by the same person,  
as it has a passwordless root https://www.qubes-os.org/doc/vm-sudo/ and  
https://www.qubes-os.org/doc/user-faq/#is-qubes-a-multi-user-system



Recently I've started to learn about social engineering and thats the exact  
reason why I think this approach is even worst for most users. As it teaches  
them to care even less about that 1234 password, because hey, their computer  
can't be affected by cybercrime right?


As I said I think it is a best approach for most users to follow a few basic  
precautions, like use password managers, use only software repositories,  
don't trust email and so on.

Re: [Trisquel-users] Qubes OS thoughts

I really like all these thoughts, I've been looking for external HD drives to  
install trisquel on, however I'm stumped as to what drive to get and also  
I've been looking at other Operating systems like Dragora as well, what are  
your guys thoughts on both of those questions I'm concerned about using the  
live USB, because I'm worried I'll screw something up and I can't install a  
live CD because my computer doesn't have a CD slot

Re: [Trisquel-users] Qubes OS thoughts

Okay thanks for your thoughts Alberto, do you think security by isolation is  
a good idea that once trisquel gets a lot more developers that it could work  
on?

Re: [Trisquel-users] Qubes OS thoughts

2017-02-07 Thread prian

Like I said, I don‘t have a problem with your opinion, although it seems to  
me you made up your mind pretty quickly. That is part of today‘s zeitgeist;  
one has to live with the fact, that a lot of people only read the headlines  
and then pretend to know everything. They fill the gaps with their own story.  
 Anyway, I find your posts a little condescending. That‘s what bothers me.  
I guess you never even installed Qubes.


I agree with you that it is important to follow basic precautions and that  
for most people a GNU/Linux system should be enough. I just wanted to point  
out, that there is much more, that can be done, if need be. You always  
sacrifice convenience for the sake of privacy.


In your commentaries you are comparing apples and oranges. Of course, you  
would still need strong passwords as virtualization has nothing to do with  
securing an online account. I don‘t know what put the idea into your head  
that Qubes or any other security focused operating system was keeping people  
from being careful? I find that conclusion illogical. I think the opposite is  
true. People who already mastered the basics might want to learn more.


Maybe it is overkill and hopefully I don‘t need that much security. I like  
to try out these things because it increases my awareness to matters related  
to computer security. Also, it is fun.

Re: [Trisquel-users] Qubes OS thoughts


I
 recently installed Qubes on a laptop. I think the install couldn't
quite complete because my home network runs without dchp and I couldn't
find a way to tell it what IP it could use to get on the network.
Nonetheless, it did seem interesting enough to be worth a look. It came
with Debian and Fedora Templates installed and my impression is that
those OSes have their core programming stored in the Root where it is
untouchable so to update them takes some extra steps.

I have an email client running on an old laptop using OpenBSD and this
laptop seems so old it can't handle surfing the web very well at all so
email is all I use it for. My desktop pc has Trisquel 7 which I only use
 to login to my bank every so often and get updates. My desktop pc also
boots up to, I think I am up to 7 different flavors of GNULinux now and I
 have been using them for general surfing and to keep in touch with what
 many of the different camps are achieving. My actual financial records
are kept on another laptop that seldom sees the internet (also openBSD).
 When I use Belenos to go to my bank, I have the laptop beside me and
transfer information by hand to it. I play games on a Playstation. In
other words, I like the idea of isolating stuff, no bundles for me! At
least, if I ever get hacked, it will only go so far. But it does create
some headaches to do it this way.

One thing though that I worry about is the wifi router. It sees
everything and short of looking for a firmware update on a regular basis
 I really don't know much about how one goes about keeping it secure.

[Trisquel-users] Qubes OS thoughts

Hi everyone I wanted to get your guys thoughts on Qubes OS, I've heard it is  
very good in regards to security, because it is basing it's security on  
isolation of parts of your internet life into what it calls Qubes, an example  
would be a part of your life is in the personal section, untrusted websites  
are in the untrusted section and work is in work.


It is not currently seeking to be added to the free software distro's list,  
because for the same reasons that Debian is not certified.


I don't believe anyone on here uses it at this time (obviously haha) but for  
people who have used it, or have had experience with it, what are your  
thoughts on it?


I've been considering downloading that as my OS, at least on my main computer  
and downloading trisquel on a notebook computer.

Re: [Trisquel-users] Qubes OS thoughts

Okay thanks Heather, if you go to my topic entitled New Computer specs, the  
info for my computer is on there

Re: [Trisquel-users] Qubes OS thoughts

I looked into it, it seems that they think the secure approach is to use a
bunch of virtual machines to everything you need, so a virtual machine for
your banking stuff, a virtual machine to your work stuff and so on.

I don't feel like is a distribution for productivity, as it requieres 4gb of
ram at least, because of the virtual machines, imagine adding in top of this
something like Pitivi or Kdelinve. But I am not sure if this software will
work because:

You can't use your coumputer for gaming or anything else that requires 3d
support
https://www.qubes-os.org/doc/user-faq/#can-i-run-applications-like-games-which-require-3d-support

Also it doesn't want you to dual-boot which means you will lack all this
software on that computer.

https://www.qubes-os.org/doc/user-faq/#can-i-install-qubes-os-together-with-other-operating-system-dual-bootmulti-boot

So you need a new powerful computer, to able to use this distribution to do
the same stuff you can do with a 2006 thinkpad.

They are ashamed of being a "Linux" distribution, so they mention GNU even
less.
https://www.qubes-os.org/doc/user-faq/#is-qubes-just-another-linux-distribution

I think the interface is pretty messed, you have to put a lot of attention to
where are you doing what, which for most users won't work. As it requires
paying a lot of attention and expend way to much time taking care of this.

It seems like an interesting option and probably secure.

But, for the most part a GNU/Linux distribution is secure, as most software
is installed from repositories, most virus and malware doesn't affect
GNU/Linux and even less won't work with no root permissions.

There are a few attacks that might work, but chances are a normal GNU/Linux
user doesn't have to worry about it. If following a few basic precautions.

And if you want to do something sensible, you can always boot from a live
DVD, do your thing and shoot down. Or even boot a virtual machine, though I
understand is a different type of virtual machine.

It does what it is meant to do. But I feel like is a distribution for very
few people with really sensitive information. Not for a workstation, so it
depends on your needs my friend :)

Re: [Trisquel-users] Qubes OS thoughts


Hi,

I may need to come back later to clarify this post when I have more time and  
fewer distractions. I don't know your situation, but as the mommy of an  
investigative journalist, I wound up balancing out the need for a modern  
processor with Intel Management Engine to run Qubes and ultimately gave my  
child an old Thinkpad X60 with no hard drive and a TAILS USB stick. She chose  
not to enable persistence.


It is a very small advantage of GNU/Linux but one that makes my own life so  
much easier to be able to install to an external USB drive and then boot any  
hard drive I want from any of my computers (with the same architecture, of  
course) that I want.


We frequently use WD Passports. There are WD greens in there, which aren't  
the sturdiest in the world, so you'll want to make regular backups, but they  
certainly are handy.


You can also just get an enclosure and use whatever kind of internal drive  
you would normally choose. Desktop drives are bulkier and need to be plugged  
in, but they work fine anyway and it's never been a big enough hassle to me  
to justify a trip to the store or a search for a screwdriver.


HTH

I'm sure I'll have more to say when I've read the whole thread.

Re: [Trisquel-users] Qubes OS thoughts