Hello Joanna there is any iso more recent? On Monday, August 10, 2015 at 5:24:23 PM UTC+2 Joanna Rutkowska wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello, > > We have built and uploaded the first ever working Qubes Live USB image! :) > > It's based on the recently released 3.0-rc2 release. Now you should be > able to > run and try Qubes OS of any laptop without needing to install it anywhere! > And > perhaps run Qubes HCL reporting tool and send us some more data? [1] > > We have faced several challenges when making this Live USB edition of > Qubes OS, > which traditional Linux distro don't need to bother with: > > 1. We needed to ensure Xen is properly started when booting the stick. In > fact > we still don't support UEFI boot for the sitck for this reason, even > though the > Fedora liveusb creator we used does support it. Only legacy boot for this > version, sorry. > > 2. We discovered that the Fedora liveusb-create does _not_ verify > signatures on > downloaded packages -- we have temporarily fixed that by creating a local > repo, > verifying the signatures manually (ok, with a script ;) and then building > from > there. Sigh. > > 3. We had to solve the problem of Qubes too easily triggering Out Of Memory > condition in Dom0 when running as Live OS. > > This last problem has been a result of Qubes using the copy-on-write > backing for > the VM's root filesystems, which is used to implement our cool > Template-based > scheme [2]. Normally these are backed by regular files on disk -- even > though > these files are discardable upon VM reboots, they must be preserved during > the > VM's life span, and they can easily grow to a few tens of MBs per VM, > sometimes > even more. Also, each of the VM's private image, which essentially holds > just > the user home directory, typically starts with a few tens of MBs for an > "empty > VM". Now, while these represent rather insignificant numbers on a > disk-basked > system, in case of a LiveUSB scenarios all these files must be stored in > RAM, > which is always a scare resource on any OS, and especially Qubes. > > We have implemented some quick optimizations in order to minimize the above > problem, but this is still far from a proper solution. We're planning to > work > more on this next. > > Now, there are three directions in how we want to work further on this > Qubes > Live USB variant: > > 1. Introduce easily clickable "install to disk" option, merging this with > the > Qubes installation ISO. So, e.g. make it possible to first see if the given > hardware is compatible with Qubes (run the hcl reporting tool) and only > then > install on the main disk. Also, ensure UEFI boot works well. > > 2. Introduce options for persistence while still running this out of a USB > stick. This would be achieved by allowing (select) VMs' private images to > be > stored on the r/w partition (or on another stick). > > 2a. A nice variant of this persistence option, especially for frequent > travellers, I think, would be to augment our backup tools so that it was > possible to create a LiveUSB-hosted backups of select VMs. One could then > pick a > few of their VMs, necessary for a specific travel, back them to a LiveUSB > stick, > and take this stick when traveling to a hostile country (not risking taking > other, more sensitive ones for the travel). This should make life a bit > simpler > for some ... [3] > > 3. Introduce more useful preconfigured VMs setup, especially including > Whonix/Tor VMs. > > [1] https://www.qubes-os.org/doc/HCL/ > [2] https://www.qubes-os.org/doc/SoftwareUpdateVM/ > [3] https://twitter.com/rootkovska/status/541980196849872896 > > > Current limitations > - -------------------- > > 0. It's considered an alpha currently, so meter your expectations > accordingly... > > 1. Currently just the 3 exemplary VMs (untrusted, personal, work), plus the > default net and firewall VMs are created automatically, > > 2. The user has an option to manually (i.e. via command line) create an > additional partition, e.g. for storing GPG keyring, and then mounting it > to a > select VMs. This is to add poor-man's persistence. We will be working on > improving/automating that, of course, > > 3. Currently there is no option of "install to disk". We will be adding > this > in the future, > > 4. The amount of "disk" space is limited by the amount of RAM the laptop > has. This has a side effect of e.g. not being able to restore (even few) > VMs > from a large Qubes backup blob, > > 5. It's ease to generate Out Of Memory (OOM) in Dom0 rather easily by > creating > lots of VMs are writing a lot into the VMs filesystem... (Alpha, right?) > > 6. There is no DispVM savefile, so if one starts one the savefile must be > regenerated which takes about 1-2 mins. > > 7. UEFI boot doesn't work, and if you try booting it via UEFI Xen will not > be > started, rendering the whole experiment unusable. > > We're planning to release an updated version sometime in September. > > Download and burning > - --------------------- > > Get the ISO (and its signature for verification): > > http://ftp.qubes-os.org/iso/Qubes-R3.0-rc2-x86_64-LIVE.iso > http://ftp.qubes-os.org/iso/Qubes-R3.0-rc2-x86_64-LIVE.iso.asc > > Then "burn" onto a USB stick (replace /dev/sdX with your USB stick device): > > $ sudo dd if=Qubes-R3.0-rc2-x86_64-LIVE.iso of=/dev/sdX > > Note that you should specify the whole device, (e.g. /dev/sdc, not a single > partition, e.g. /dev/sdc1). > > And, please, please, make sure to use caution and not overwrite your HDD or > other important device. And in case you do, please, please, do not email > qubes-users complaining about ;P > > Happy Live-Qubesing! ;) > > joanna. > -----BEGIN PGP SIGNATURE----- > > iQIcBAEBAgAGBQJVyMIeAAoJEDOT2L8N3GcYSi0P/jeG6/4M5Ux6BjKDXP3+OrRC > YM+vL+JZcbn3vPOYifgl+LndMEmwYEBLrSMnqmj/Ze5iC9qLYzOM33032xL2GJBu > NLUujS9Y1Z4xocLQ6sgmeXbvxsqPGQ4CE79UWA438mqGcjkFd85IamEijyYaj/fY > Wz1TnK2Lwys5gMrCArPpqPL1dmQuGW4uZTABIw3wxyIlqLZ7HSTLVNIiiCOIfklG > xbMBB1l71WUgLfTxA14AUJI02R65mg3B/kkMq9I3pZCXhdE9G7dd8s3nH/wV7mrA > 5nOM0slZ9Q+IXPPu6UbfHt7kHQ+qHToSUURF14nmsbftaWsjBvIOsCNZ2njCQQIH > yXvsSp8J+kpiy57C/7i261qlp3O0/L6jsvLBwovOTlHzrM2KUj7XRfmTguj8QMUk > R3LQC+dXr7wgg7f31jiAgkKR3LkPuFEJ9y/8+esnMCg5JjMoYvU68Gl2RUoXynDX > bCXZ0cW+rxcD1hIEDef9WwUa3Drx3aquVfAUGZ4WGj+TNRFKxmqY/CUTTr8nShfO > rsoHctHsmWDWqgfM0RqUnFi8fzj/mGTr11Y9I/gdTrdOheQdxIYkKCW+naBht7jr > dS0xB1cOl/Xhqngorkt6vaqbXny8TmH7vG7PNiQdARAKrFKFW3Qmp3si3t21OtaW > seNGJL/0vJpo3CkV7Agc > =2CxZ > -----END PGP SIGNATURE----- > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/38fc410c-797d-4d12-b55e-129a68b3cc70n%40googlegroups.com.
