Re: [Trisquel-users] Qubes OS thoughts
I downloaded the latest Tails. They now have a tails down loader plugin for Tails that does the download and then verifies it with a click of a button. Pretty user friendly. I hope it's secure. Burned it to a DVD and it actually runs pretty well on my desktop. Looks like Gnome 3. While a thumb drive can be altered, a DVD -R can't. But it wouldn't be any good to carry on your key chain.
Re: [Trisquel-users] Qubes OS thoughts
I am so sorry. I was once where you are now. It looks like the procedure for installing TAILS from Windows is identical: https://tails.boum.org/install/win/index.en.html and I cannot recommend non-free software on this forum, but if you type "create bootable USB stick from windows" into your search engine, it will take you to a tutorial at ubuntu.com, which is upstream to Trisquel. Back in my day, it was CDs, not USB sticks, but running live gave me the confidence to take the next step. I seem to be the exception to the rule, but there was also a project called GNUWin II that helped me lose Windows (XP and 98 back then so nowhere near as toxic and malicious as what you're running) by becoming familiar with many GNU programs, such as the precursor of LibreOffice, The Gimp (image editor that replaces photoshop), audacity (sound editor), etc. If you have the time, you could probably still find some windows ports of GNU programs for motivation and to do what you can to minimize your use of third party malware. Keep asking questions. You are very brave to begin this journey and I am excited for you. As one of my mentors used to say back in the day, it's hard to believe it's been 13 years already, welcome to the revolution!
Re: [Trisquel-users] Qubes OS thoughts
No I'm not running Trisquel Heather I have window$ on my computer, I want to test tails and/ or trisquel out before I decide whether I want to cut Window$ entirely.
Re: [Trisquel-users] Qubes OS thoughts
Well thank you for the kind words Heather, the only thing for me about Tails is that I'm in college and I log into the canvas website which requires typing in my ID for college, so I'm not exactly sure how I could be anonymous on my college website or the websites where I work on my assignments.
Re: [Trisquel-users] Qubes OS thoughts
Well, that's not entirely true, I may use it at some point, but it's really for the pro's of GNU/Linux and I'm not (at least not yet)
Re: [Trisquel-users] Qubes OS thoughts
Ugh--holy vision issues, Batman, I meant to reply to your post, CalmStorm, not upvote or downvote it. Since I can't just retract an oopsie, let's go with an upvote. Anywho, Nickman, you can just take these fine people's advice about creating live USB sticks to check out TAILS and live USB sticks in general, but for the lurkers and just in case you do have sensitive information, it is safest to use the TAILS installer. It should be in the reps for Flidas, but assuming that you are running Belenos, here are the instructions: https://tails.boum.org/install/linux/index.en.html
Re: [Trisquel-users] Qubes OS thoughts
An 8 GB flash drive can be had in the Seattle area for about $4 or $5. According to https://tails.boum.org/install/debian/index.en.html you need at least 4 GB. I put it on a flash drive housed in metal with a hole so that it fit my key ring. Thought that was kind of a cool way to go, I've always got it with me even though I seldom use it. Flash drives are probably more prone to wearing out. Installing it to a DVD would be cheaper.
Re: [Trisquel-users] Qubes OS thoughts
It's not for anonymity (not as fine-tuned as Tails), but for maximum security. I'd love to make parts of my OS completely unavailable from the web though, or even from other parts of my OS, though it seems it takes some time to get used to the way Qubes work. But I'm not sure I need this much security. Plus seeing how much time I've spent on configuring my OS the way I want it (not even fully done yet), I'd get insane with Qubes with it's hardware support issues inside each VM. Most likely, I'd use different strategies: - for banking and shopping (I don't mind using both in the same browser), and maybe for some rare and specific browsing, I need JavaScript, which means a dedicated browser firejailed. If I can, I'd use either another instance, or another browser altogether for the rare JavaScript browsing that's not banking nor shopping. - for untrusted stuff, maybe a VM without external connections. Actually I don't even need that. - for personal stuff, I'd use a browser without Javascript and also Firejailed, so that anything happening happens in a dedicated virtual folder, nowhere else. - not being online when I don't need to (I could make a shortcut for that, though I doubt it would work for Ethernet connection). This suits my personal needs. Oh, and Tor for decent anonymity. Tails is for the pros, the journalists etc. I'll probably never use it.
Re: [Trisquel-users] Qubes OS thoughts
Tails on a DVD is unbearably slow. Not recommended.
Re: [Trisquel-users] Qubes OS thoughts
I unfortunately don't have a DVD/CD slot on my computer
Re: [Trisquel-users] Qubes OS thoughts
That nothing will be saved to USB and everything will disappear. http://linuxliveusb.com/en/help/faq/persistence/67-what-is-persistence
Re: [Trisquel-users] Qubes OS thoughts
Okay thanks guys
Re: [Trisquel-users] Qubes OS thoughts
I think dd is better though because startup disk creator fails a lot at least for me.
Re: [Trisquel-users] Qubes OS thoughts
Okay, I'll try that, what do you mean by persistence Magic?
Re: [Trisquel-users] Qubes OS thoughts
Pros of it: No doubt their security is so much more than any other operating system. due to their method of not trusting the bios part. not sure how they do that though... Cons: I tried it on my korora penguin, it didn't work very well/confusing. not sure if it is because kororapenguin is incompatible or what... they disrespect gnu from which linux was born. It requires a powerful computer and lots of memory Other: dualbooting not an option and neither is 3d acceleration That being said: I would like to see a free software based version of debian with such capabilities. even if it allowed vms for the dreaded windows 10. personally not interested in windows 10 because it is the worst windows ever and it is supposedly bleeding edge. Bleeding edge is bad enough for arch cannot imagine how many windows computers break because of it. Though, this would probably convince more people to ditch windows 10 as their main os. that also being said though, any giant leap forward has a few steps back before hand.
Re: [Trisquel-users] Qubes OS thoughts
*Qubes Is YOU a system “*out *the *box” smart to use, recommend to read his documentation little by little by what can contribute to the hour to use the system. In my experience with the system would stand out: From my scarce technical knowledge, this system covers appearances of security that the conventional monolithic operating systems does not reach them, that is to say, the purpose of *Qubes is YOU do more difficult this hypothetical *game *over to the that a monolithic system finds constantly exposed. The metaphor perhaps could draw as if a system treated of an army, with what sail, with the host, with the king? No, in *Qubes sail with a first line of army (*AppVM) with which no only sail, but you also execute all your programs, if this line falls or is engaged, don 't happen nothing, clone another, created another. Backwards of this first line where execute our programs, finds the second line of our army (*Templates), these only serve to install, have denied the access (by defect) to connect further of your repositories, can update them with a pair of clicks and install also graphic or by commandos. But if it is line fell or went committed, neither there would be *game *over, install or clone others, reproduce the same without *despeinarte neither be “defeated”. And from further back in the army, finds the old *dom0, offline to increase his security, he is the host, yes, that with which handled us in monolithic systems, if he falls or arrives to fall, all fall, here yes would be *game *over, therefore, the logic means to be possible to touch the minimum to *dom0, update and little more. If to level of system to one liked him this logic, the controllers of the *USBs (*HDD of external storage, *pendrives, even the keyboard if it is *usb) also would not have to touch the host, because they could engage to the system, therefore, in *Qubes a *AppVM (*sys-USB) is the one who commissions of all the controllers *USBs , with access to the host? No, it could result dangerous, with access from a *AppVM, this loads (by defect) to the start, and only allow him changes to level of user In the technical appearance recommend the reading of for example this article with regard to the concept of isolation in monolithic systems https://theinvisiblethings.blogspot.nl/2011/04/linux-security-circus-on-gui-isolation.html Concept of flexibility by what this logic means, *drivers of printers no reliable, what would do in a monolithic? Perhaps litter the system, possibly not knowing if the system finds engaged through some simple *drivers of printer, in *Qubes You, can devote a *Template for this function and later, *disconnect the *AppVM that is serving you to print, scan increasing his security.. What a *driver or software no reliable that can result you useful does not engage your system. Also flexibility by all what can you occur from this logic, all what mean to install programs to level of user or to level of system can mean a lot of ease to find a better form to order, separate, isolate some uses of others, administer what results you more reliable or less reliable without having to engage your system. In the question that tackle to the games, could install small games, emulators and all this world, and for big games, from *aventurarse to happen a second graphic card *virtualizando or easier devote a *HDD with an exclusive monolithic system for this. In the computing, can exist today a *chaos in the concept of “comfort” and do reference to him because it is a subject. All comfort or all ease never travels alone, always accompanies of his corresponding difficulties, of his corresponding call “small letter” or “*hit in the eggs”, ease *feeds to difficulty and difficulty *feeds to ease, would not work the one without the another. Therefore, when it treats of ease and of comfort of course that also it is treating of difficulty and of discomfort, but of what really they treat for us, is of the possibility to recognise an and again the trace of our results, the advantages or disadvantages that arrive and can find between our eases and our difficulties Conclusions not to lengthen me more: it Is true that the computer security so much and in what ours information could result committed, is a subject that can extend to a lot of more areas, as for example, the *fingerprint that can leave one when sailing, the information that leave in computers(servers) that are not ours neither have any control on them, the *Bios of the majority of the *Pcs (*x86), or who is serving us Internet?, and all the *chaos that can surround to connect machines ones with other (Internet)... The problems of security probably are part of what is and expects us, increasing. It is possible, although I do not have neither idea, that to measure that the hardware go being more and more powerful, was a g
Re: [Trisquel-users] Qubes OS thoughts
Why??
Re: [Trisquel-users] Qubes OS thoughts
I thought I've seen some people say on here that you shouldn't use a flash drive because the code could basically be changed only so many times, before it becomes useless.
Re: [Trisquel-users] Qubes OS thoughts
The target user of TAILS is somebody like my daughter: she needs privacy but has little time or interest in looking under the hood or fine tuning. I think it's a perfect fit for journalists, activists, and people escaping from domestic violence. I wish there was a free version of it but of course I also wish that there was no need for it and we could all just get along. Nickman, please don't underestimate yourself. It's surprising how easy GNU/Linux is too earn and some fine tuning that seems way, way over your head might turn out to be resolved by some kind fellow user taking a few minutes to tell you a few lines of text to type into a terminal window or to open a text editor and change a few words in a configuration file. Your smart. You'll figure it out and we're here to help you. /soapbox
Re: [Trisquel-users] Qubes OS thoughts
>Well, that's not entirely true, I may use it at some point, but it's really for the pro's of GNU/Linux As easy as any debian based distro, only technical skill required is point and click. It is maximum privacy for the layman, that's the goal and the purpose of Tails.
Re: [Trisquel-users] Qubes OS thoughts
What Heather wrote. It's just fully tweaked for max anonymity. Of course, for example if you connect to a mail account you created while not being anonymous, then you're not anonymous anymore. So the only difficulty is the behavior of the user online. Else it's nothing special. But that also means that it's hardly an OS for normal use. I mean only using Tor once in a while is enough for the anonymity level I seek.
Re: [Trisquel-users] Qubes OS thoughts
Your college would know you logged in so you can get credit for your homework etc. If you use tor in tails your ISP wouldn't know because the first thing that happens is tor sets up an encrypted channel to the tor network. No doubt they probably know you used tor but that would be all. That's no crime. You can get tor for Trisquel or almost any OS but I found that it didn't always work unless I found the right tweaks (and I'm no pro either) but tails seemed to come pretweaked you might say. The PC just needs permission in the BIOS to be able to boot from usb first if available (assuming you install it to a flash drive). If you have the time you might give tails a try. It's a lot easier than QubesOS I would say and also, it's a live OS so if you don't think it fits your needs all it cost you was a flash drive and you can always reformat that and use it for something else.
Re: [Trisquel-users] Qubes OS thoughts
I don't think I'll ever use tails either
Re: [Trisquel-users] Qubes OS thoughts
I think I expend enough time, I mean in my post I do acknowledge that it seems pretty secure and that it seems it does what is meant to do. I also pointed some dowsides. That they on their website point. Like the lack of OpenGL, which means if you work in something like design, architecture, videogames, video edition, and similar, you will probably fare problems, also if you like games orbhave kids who like games. Hence the dual boot talk, but hey you can't dualboot to do that stuff, so you will need a second pc if you need that, which kind of defeats the purpose. I also said that this kind of protection, from my point of view, is an overkill for most users (i never said All of them) because if you follow a few basic steps and precautions a GNU/Linux is very secure. I also mentioned interface from what i assume would be the use of a normal user. Who would have trouble seeing 2 or 3 different web browsers or libreoffice. It is also a system that seems to be designed to be used by the same person, as it has a passwordless root https://www.qubes-os.org/doc/vm-sudo/ and https://www.qubes-os.org/doc/user-faq/#is-qubes-a-multi-user-system Recently I've started to learn about social engineering and thats the exact reason why I think this approach is even worst for most users. As it teaches them to care even less about that 1234 password, because hey, their computer can't be affected by cybercrime right? As I said I think it is a best approach for most users to follow a few basic precautions, like use password managers, use only software repositories, don't trust email and so on.
Re: [Trisquel-users] Qubes OS thoughts
I really like all these thoughts, I've been looking for external HD drives to install trisquel on, however I'm stumped as to what drive to get and also I've been looking at other Operating systems like Dragora as well, what are your guys thoughts on both of those questions I'm concerned about using the live USB, because I'm worried I'll screw something up and I can't install a live CD because my computer doesn't have a CD slot
Re: [Trisquel-users] Qubes OS thoughts
Okay thanks for your thoughts Alberto, do you think security by isolation is a good idea that once trisquel gets a lot more developers that it could work on?
Re: [Trisquel-users] Qubes OS thoughts
Like I said, I don‘t have a problem with your opinion, although it seems to me you made up your mind pretty quickly. That is part of today‘s zeitgeist; one has to live with the fact, that a lot of people only read the headlines and then pretend to know everything. They fill the gaps with their own story. Anyway, I find your posts a little condescending. That‘s what bothers me. I guess you never even installed Qubes. I agree with you that it is important to follow basic precautions and that for most people a GNU/Linux system should be enough. I just wanted to point out, that there is much more, that can be done, if need be. You always sacrifice convenience for the sake of privacy. In your commentaries you are comparing apples and oranges. Of course, you would still need strong passwords as virtualization has nothing to do with securing an online account. I don‘t know what put the idea into your head that Qubes or any other security focused operating system was keeping people from being careful? I find that conclusion illogical. I think the opposite is true. People who already mastered the basics might want to learn more. Maybe it is overkill and hopefully I don‘t need that much security. I like to try out these things because it increases my awareness to matters related to computer security. Also, it is fun.
Re: [Trisquel-users] Qubes OS thoughts
I recently installed Qubes on a laptop. I think the install couldn't quite complete because my home network runs without dchp and I couldn't find a way to tell it what IP it could use to get on the network. Nonetheless, it did seem interesting enough to be worth a look. It came with Debian and Fedora Templates installed and my impression is that those OSes have their core programming stored in the Root where it is untouchable so to update them takes some extra steps. I have an email client running on an old laptop using OpenBSD and this laptop seems so old it can't handle surfing the web very well at all so email is all I use it for. My desktop pc has Trisquel 7 which I only use to login to my bank every so often and get updates. My desktop pc also boots up to, I think I am up to 7 different flavors of GNULinux now and I have been using them for general surfing and to keep in touch with what many of the different camps are achieving. My actual financial records are kept on another laptop that seldom sees the internet (also openBSD). When I use Belenos to go to my bank, I have the laptop beside me and transfer information by hand to it. I play games on a Playstation. In other words, I like the idea of isolating stuff, no bundles for me! At least, if I ever get hacked, it will only go so far. But it does create some headaches to do it this way. One thing though that I worry about is the wifi router. It sees everything and short of looking for a firmware update on a regular basis I really don't know much about how one goes about keeping it secure.
[Trisquel-users] Qubes OS thoughts
Hi everyone I wanted to get your guys thoughts on Qubes OS, I've heard it is very good in regards to security, because it is basing it's security on isolation of parts of your internet life into what it calls Qubes, an example would be a part of your life is in the personal section, untrusted websites are in the untrusted section and work is in work. It is not currently seeking to be added to the free software distro's list, because for the same reasons that Debian is not certified. I don't believe anyone on here uses it at this time (obviously haha) but for people who have used it, or have had experience with it, what are your thoughts on it? I've been considering downloading that as my OS, at least on my main computer and downloading trisquel on a notebook computer.
Re: [Trisquel-users] Qubes OS thoughts
Okay thanks Heather, if you go to my topic entitled New Computer specs, the info for my computer is on there
Re: [Trisquel-users] Qubes OS thoughts
I looked into it, it seems that they think the secure approach is to use a bunch of virtual machines to everything you need, so a virtual machine for your banking stuff, a virtual machine to your work stuff and so on. I don't feel like is a distribution for productivity, as it requieres 4gb of ram at least, because of the virtual machines, imagine adding in top of this something like Pitivi or Kdelinve. But I am not sure if this software will work because: You can't use your coumputer for gaming or anything else that requires 3d support https://www.qubes-os.org/doc/user-faq/#can-i-run-applications-like-games-which-require-3d-support Also it doesn't want you to dual-boot which means you will lack all this software on that computer. https://www.qubes-os.org/doc/user-faq/#can-i-install-qubes-os-together-with-other-operating-system-dual-bootmulti-boot So you need a new powerful computer, to able to use this distribution to do the same stuff you can do with a 2006 thinkpad. They are ashamed of being a "Linux" distribution, so they mention GNU even less. https://www.qubes-os.org/doc/user-faq/#is-qubes-just-another-linux-distribution I think the interface is pretty messed, you have to put a lot of attention to where are you doing what, which for most users won't work. As it requires paying a lot of attention and expend way to much time taking care of this. It seems like an interesting option and probably secure. But, for the most part a GNU/Linux distribution is secure, as most software is installed from repositories, most virus and malware doesn't affect GNU/Linux and even less won't work with no root permissions. There are a few attacks that might work, but chances are a normal GNU/Linux user doesn't have to worry about it. If following a few basic precautions. And if you want to do something sensible, you can always boot from a live DVD, do your thing and shoot down. Or even boot a virtual machine, though I understand is a different type of virtual machine. It does what it is meant to do. But I feel like is a distribution for very few people with really sensitive information. Not for a workstation, so it depends on your needs my friend :)
Re: [Trisquel-users] Qubes OS thoughts
Hi, I may need to come back later to clarify this post when I have more time and fewer distractions. I don't know your situation, but as the mommy of an investigative journalist, I wound up balancing out the need for a modern processor with Intel Management Engine to run Qubes and ultimately gave my child an old Thinkpad X60 with no hard drive and a TAILS USB stick. She chose not to enable persistence. It is a very small advantage of GNU/Linux but one that makes my own life so much easier to be able to install to an external USB drive and then boot any hard drive I want from any of my computers (with the same architecture, of course) that I want. We frequently use WD Passports. There are WD greens in there, which aren't the sturdiest in the world, so you'll want to make regular backups, but they certainly are handy. You can also just get an enclosure and use whatever kind of internal drive you would normally choose. Desktop drives are bulkier and need to be plugged in, but they work fine anyway and it's never been a big enough hassle to me to justify a trip to the store or a search for a screwdriver. HTH I'm sure I'll have more to say when I've read the whole thread.
Re: [Trisquel-users] Qubes OS thoughts
You have pointed 2 more dowsides to this approach: 1. Update virtual machines requieres extra steps and can't be done automatically. 2.- All of this is pointless if you happen to use a compromised router. Which could use a malicious DNS to point you to a different website than the one you think you are using, like a fake bank website. Now I am not saying do not use it, but rather, it seems like is not the right approach to think that security is something the operative system has to take care of, instead of teaching the users to be careful.
Re: [Trisquel-users] Qubes OS thoughts
@alberto I respect your opinion but I don‘t understand why some people here on this forum read so much into things ("They are ashamed of being...blabla"). What‘s your point? If you had taken the time to read a little more than you would know that „they“ also prefer hardware that can be audited/isn‘t possibly backdoored, that they are opposed to Intel‘s ME, that they would use corbeoot/libreboot and so on. There are many discussions and blog posts regarding these topics. The OS itself can be too much at first but with anything in life you got to try and read in order to gain knowledge. The interface isn‘t messed at all. In my mind it is pretty clever and is in constant development so useful features can be added. You are right in saying that a powerful machine would be best but be careful because you would have to meet other requirements in order to be able to use some or all features (especially with regard to virtualization). Even with a less powerful machine one should be able to get a nice setup working. There are different VM in development or even usable right now but you have to search a little for the projects (e.g. Mirage firewall that uses 32MB of RAM). Who needs dual boot anymore? Who needs a CD/DVD-ROM these days? You could use a caddy and swap drives for different use cases. My understanding is that gaming and GPU intensive tasks are difficult at the moment but I haven‘t really tried. I think that the Qubes OS is one of the if not the most interesting OS out there. You have to invest time in order to appreciate all its features and possibilities. If you do, I think you will be surprised. Does the average Joe need it? No, but you have to ask yourself what do you need? One of the most popular passwords in use is something like 12345. Most people don‘t have a clue what they are doing online and they don‘t mind until something happens. So, where do you start? Probably not with the Qubes OS but you might end up there because cybercrime is on the rise and your right to privacy is being restricted more and more these days. With Qubes you can combine different approaches on one machine, for example, use VM that are not connected to the internet, making it very hard to get exploited. This could be office work, password manager, data-/mail archive...anything you can think of. Each of these things has its own VM not connected to each other. You can use different VM for surfing the net. You can connect one VM to a VPN and leave another one to the clearnet. You could use a TOR VM in order to acquire bitcoins, you can create a bitcoin-wallet VM. There are lots of approaches for your everyday use. As far as I know it is even possible to use libreboot or coreboot for Qubes on the ASUS board. I think I remember some people talking about using it already.