This comes up often, and i suspect qubes-os is the inspiration for the xen
version of it, but it also opens up a big can of attack surface. maybe
after splitting the guivm off from dom0?
On Friday, November 22, 2019 at 2:02:14 AM UTC-8, Dylanger Daly wrote:
>
> Will the Qubes team consider
Saw this and thought it was april 1st!
Thanks for creating this project! you changed the face of endpoint security
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
On Tuesday, February 13, 2018 at 3:14:15 PM UTC-8, Jean-Philippe Ouellet wrote:
> Thanks :)
>
> The ~10% cpu overhead for each linux-stubdom should still probably be
> fixed for those who need HVMs (and for sys-{net,usb}), but still...
>
> My previously constantly-spinning laptop fans appreciate
why not skip 26 and just go to fedora-27 for dom0 in 4.0?
On Thursday, November 2, 2017 at 8:37:48 AM UTC-7, Frédéric Pierret
(fepitre) wrote:
>
> Hi,
>
> Maybe you have seen that Fedora 26 is supported for building (see
> qubes-builder) and it is on the road to be officially released (Marek
On Wednesday, November 8, 2017 at 9:01:44 PM UTC-8, Marek
Marczykowski-Górecki wrote:
>
> > > Hmm, what exactly to do you want to achieve? The above "qvm-create
> > >
> >
> > make a customized dvm with menus that show up in the top left. Ideally,
> > this
> > would behave like the
>
>
>
> Template for DispVM needs to be an AppVM. So, first create AppVM (or use
> fedora-25-dvm provided for this purpose), then set
> template_for_dispvms=True and use that AppVM for your DispVM.
>
Still confused. The second thing i tried above was make an appvm, then set
Ive tried creating them with
qvm-create --class DispVM --template fedora25 --label red mydvm
app: Error creating VM: Got empty response from qubesd. See Journalctl in
dom0 for details.
the last line of that was
AttributeError: 'TemplateVM' object has no attribute 'template_for_dispvms'
so
On Friday, August 11, 2017 at 4:16:38 AM UTC-7, Marek Marczykowski-Górecki
wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On Fri, Aug 11, 2017 at 04:08:53AM -0700, pixel fairy wrote:
> >
> > there is another reason id like to be able
sometimes, copy paste isnt enough, because not all apps use the clipboard.
for example, most remote desktops like rdp or vnc unless that app has its
own clipboard sharing mechanism. while one could simple view their keepass
file and type, this has two problems.
- shoulder surfing
-
sometimes, copy paste isnt enough, esp for keyboards, because not all apps
use them. usually you cant copy / paste into remote desktops like rdp or
vnc unless that app has its own clipboard sharing mechanism. while one
could simple view their keepass file and type, this has two problems.
could kickstart work with the qubes installer? if so, maybe kickstart files
could at least help some of the pain or at least help share knowledge for
installing qubes on tricky hardware. most issues seem to be dealt with in
bios / uefi where kickstart cant really help you, so this may not be
On Friday, July 14, 2017 at 10:08:36 PM UTC-7, Syd Brisby wrote:
>
> Well, at least one phone maker has recognised that the best security comes
> from physical separation. Unfortunately, PC / laptop makers are a long way
> behind.
>
> Privat phone:
>
> http://privat-smartphone.com/#solution
>
>
On Friday, July 7, 2017 at 1:20:10 PM UTC-7, Chris Laprise wrote:
>
> I know Joanna's reservations about VM introspection, but this
> Bitdefender introspection example is interesting nonetheless:
>
>
>
meant to say please tell me this will be dom0 for qubes 3.2.1
On Thursday, July 13, 2017 at 3:12:55 PM UTC-7, pixel fairy wrote:
>
> please tell me this will be dom0
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe
please tell me this will be dom0
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.com.
To post to this group, send email to
On Thursday, July 6, 2017 at 2:44:36 PM UTC-7, Marek Marczykowski-Górecki
wrote:
>
>
>
> Download links:
> https://ftp.qubes-os.org/~marmarek/Qubes-DVD-x86_64-20170706.iso
> https://ftp.qubes-os.org/~marmarek/Qubes-DVD-x86_64-20170706.iso.asc
> (signed with my code signing key)
>
wheres your
On Thursday, June 15, 2017 at 11:50:31 AM UTC-7, Reg Tiangha wrote:
>
>
> We're still stuck with FC23 in dom0 though, although you could attempt
> to build an ISO that uses FC24 or FC25 in dom0; some people have. It's
> unsupported though and you're on your own when it comes to compiling
>
fedora 26 is coming out july 4, debian 9 should be out in a couple weeks,
so should be stable(ish) by then. would a couple weeks after the f26
release be a good time for 3.2.1?
the sad problem with fedora releases is their short life span, but that
also helps them have more modern drivers.
On Monday, May 29, 2017 at 9:57:08 AM UTC-7, Patrik Hagara wrote:
>
>
> I'd like to mention the relative complexity of the IPv6 specification
> (and by extension, its implementations) as a reason against this
> proposed change. For example, take a look at this list of CVEs
> related to IPv6
>
> Are you suggesting that VM's no longer have internal ipv4 addresses? You
> mean
> via the ipv4-in-ipv6 address range or something else?
>
i was thinking dual stack and nat for both 4 and 6. my first thought was
using the v6 addresses to internally address the vms, but that seems to be
since qubes needs to adopt ipv6 eventually anyway, can we make the internal
network v6?
v6 nat is the same as v4, but you would have to alert qubes when there is
no external v6 route. this will also be true when there is no external v4,
so its a problem that needs to be solved anyway.
one
On a more immediate or practical level, i was going to ask about a qubes
3.2.1 release for all the things that have been building up, or perhaps a
3.3 release, with the significant change of moving to hvm by default.
that way, theres less incentive to rush the 4.x releases.
--
You received
On Monday, April 24, 2017 at 3:13:48 AM UTC-7, Marek Marczykowski-Górecki
wrote:
>
>
> All of this is conveniently handled by `./setup` script in qubes-buider.
>
the goals is to try different versions of xen and of fedora in dom0. how
can you know which versions of xen and linux kernel are
last build worked when i disabled f25, is that currently broken?
is there any reason to still use f23 as dom0?
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
SIGNED MESSAGE-
> Hash: SHA256
>
> On Fri, Apr 21, 2017 at 02:22:27AM -0700, pixel fairy wrote:
> > dpkg-source: error: can't build with source format '3.0 (quilt)': no
> > upstream tarball found at ../xen_4.6.4.orig.tar.{bz2,gz,lzma,xz}
> > dpkg-buildpackage: err
just clicked it out of curiosity. id be happy with fedora25, debian 8/9,
and ubuntu xenial
On Friday, April 21, 2017 at 8:16:11 AM UTC-7, Marek Marczykowski-Górecki
wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On Fri, Apr 21, 2017 at 01:41:36AM -0700, pi
So this is basically support contracts with some custom coding thrown in? The
next step, probably scary to some users, is corporate channels. Have you
contacted dell and hp yet?
either way, im happy for this and hope it works!
--
You received this message because you are subscribed to the
how do you specify which device to detach? this is for detaching disk
images.
is there an easy way to know what device it attached as? "ls /dev/xvd*"
before and after seems messy to me, but if thats the way, im not too
worried about it.
is attaching qcow2 images not supported because of
in my precube days, i had a vaultvm and various appvms. because firejail
could protect the keyboard from scary apps, and i just dont like sensitive
data hitting that clipboard, my pass script would copy the vaults
clipboard, then type it into the target vm using xdotool over ssh. this
worked
This has come up a few times, so heres a thread discuss it.
for whatever reason, supported versions of fedora are not working with
qubes. dont know if this is fixable.
debian looked good at first, but its hardware support is too many
generations behind. tried switching sys-net to debian, and
On Thursday, October 27, 2016 at 8:00:34 PM UTC-4, Drew White wrote:
>
> So it's a forum, not a mailing list
its a mailing list that happens to have a forum interface. kinda like nntp
but the other way around.
--
You received this message because you are subscribed to the Google
As explained here, https://github.com/netblue30/firejail/issues/770 adding
'-nolisten local' allows for easily isolating x11 or sandboxing an app from
it. i cant see any advantage to having both the unix domain socket and the
abstract socket.
this should be upstream. but, that change would
On Tuesday, September 6, 2016 at 8:50:49 AM UTC-7, Nicklaus McClendon wrote:
>
>
> Looks to me like the blue is a result of the chosen Theme's default
> color. Perhaps the Qubes XFCE patches should also set a color for dom0
> to avoid confusion and allow for a greater number of themes to be used
too bad. i hope whatever replaces fedora in qubes 4 is more xen and
graphics driver friendly.
graphics drivers are still the bane of qubes on laptops!
On Friday, September 2, 2016 at 4:03:20 AM UTC-7, pixel fairy wrote:
>
> why not fedora24? its been out for more than 2 months.
>
why not fedora24? its been out for more than 2 months.
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.com.
To post to this
-Górecki wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On Wed, Aug 31, 2016 at 09:55:08AM -0700, pixel fairy wrote:
> > in 3.2-rc3 sys-whonix is started at boot, and has backups enabled.
> neither
> > are needed.
> >
> > starting a con
in 3.2-rc3 sys-whonix is started at boot, and has backups enabled. neither
are needed.
starting a connection to tor might be bad in some places, so its better to
make sure the user wants to start that whenever they use it.
--
You received this message because you are subscribed to the Google
On Wednesday, August 31, 2016 at 6:36:53 AM UTC-7, Andrew David Wong wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 2016-08-31 06:34, Marek Marczykowski-Górecki wrote:
> > On Wed, Aug 31, 2016 at 02:32:40AM -0700, pixel fairy wrote:
> >&
>
> On 2016-08-31 06:34, Marek Marczykowski-Górecki wrote:
> > On Wed, Aug 31, 2016 at 02:32:40AM -0700, pixel fairy wrote:
> >> run blender. press alt+f11
> >
> > Alt+F11 happen to be the default shortcut for making window fullscreen
> in
> >
On Wednesday, August 31, 2016 at 5:56:12 AM UTC-7, Andrew David Wong wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 2016-08-31 02:32, pixel fairy wrote:
> > run blender. press alt+f11 alt-tab still works.
> >
> > personally dont care.
run blender. press alt+f11
alt-tab still works.
personally dont care. but, if someone really wants full screen disabled,
this could be an issue.
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop
Just confirmed 3.2rc2 does not work in vmware-fusion.
theres something ironic about a compartmentalization platform built on
virtualization being so hard to run in virtualization.
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe
42 matches
Mail list logo