On 02/14/2017 09:41 PM, raahe...@gmail.com wrote:
isn't tcpdump just as vulnerable though if not more?
I run things like that in sys-net since i consider it extremely untrusted, but
if you have the resources or want only specific streams, sure a separate
template or seperate vm i would
On 02/14/2017 05:50 PM, j...@vfemail.net wrote:
hi.
since i will be traveling for a bit, my threadmodell changed and i
want aem.
when reading the documentation, a few questions came up:
(in any case, i will use a passphrase for aem.)
1) is there a difference between using an usb drive or
On 02/07/2017 03:54 PM, elsiebuck...@gmail.com wrote:
What? Can I access a windows USB drive?
I really didn't want to add a windows vm, just wanted to get some of my stuff off from
it. I found how to "add block devices", but after that I'm guessing it won't
read windows file system...
I'm
On 02/07/2017 04:47 AM, Oleg Artemiev wrote:
On Tue, Feb 7, 2017 at 11:57 AM, '0xDEADBEEF00' via qubes-users
wrote:
I have a bank vm, how do you restrict the browser from being able to go else
where? Do you add the iprules in the vm or do you create a proxyvm and
On 02/04/2017 08:08 AM, codeur4l...@gmail.com wrote:
Le vendredi 3 février 2017 19:08:54 UTC+1, Chris Laprise a écrit :
On 02/03/2017 05:52 AM, codeur4l...@gmail.com wrote:
Can somebody explain me the procédure for installing f.lux or fluxgui on Qubes
OS 3.2 in a fedora Template ?
You could
On 02/03/2017 12:57 PM, Patrick Bouldin wrote:
Just would like to add to my last post that I found some code related to the
bugzilla, here: https://bugzilla.xfce.org/attachment.cgi?id=6590
So would I somehow install that and how? Or, download a tar file and install
(and how?)
Thanks,
On 02/03/2017 10:30 AM, Alex wrote:
On 02/01/2017 04:09 AM, Chris Laprise wrote:
On 01/31/2017 03:55 PM, Alex wrote:
What I don't understand is... is this thing really comparing ~50GiB
of disk on every boot with a stream of 50 billion zeros just to see
if a filesystem exists? It's weird
On 02/01/2017 02:59 PM, Franz wrote:
On Wed, Feb 1, 2017 at 2:34 PM, Chris Laprise <tas...@openmailbox.org
<mailto:tas...@openmailbox.org>> wrote:
On 02/01/2017 01:16 AM, Franz wrote:
On Wed, Feb 1, 2017 at 2:13 AM, Chris Laprise
<tas...@openmailbox.
On 02/02/2017 04:50 AM, Vít Šesták wrote:
Choosing the right CPU is about choosing the right tradeoff. The tradeoff is
not only between price, power consumption and performance. We can also balance
single-core performance to multi-core performance, or we might want some
enhancements for some
On 02/02/2017 09:09 AM, Hack wrote:
Hi,
Could it be possible to provide Qubes OS with Devilspie2 at first
install?
Like this, we could have, by default? some virtual desktops attributed
to some task.
For example:
* Desktop 1 = administration tasks (sys-firewall, sys-net, etc…)
*
On 02/01/2017 08:06 AM, Connor Page wrote:
relying on the main routing table that can be messed up.
This point tends to be overstated. I haven't seen an example of the
blocking commands in the routing table getting "messed up". The commands
get refreshed each and every time qubes-firewall
On 02/01/2017 01:16 AM, Franz wrote:
On Wed, Feb 1, 2017 at 2:13 AM, Chris Laprise <tas...@openmailbox.org
<mailto:tas...@openmailbox.org>> wrote:
On 01/31/2017 10:47 PM, Gaiko Kyofusho wrote:
I keep reading examples where people are using something like
mo
On 01/31/2017 11:25 PM, Ted Brenner wrote:
Fortunately I was able to accomplish this using fdisk without having
to install anything new. One thing I haven't been able to figure out
though, when I attach it to one of my appVMs, I don't know where to
find it. This page
On 01/31/2017 10:33 AM, ThierryIT wrote:
Nobody ?
Le dimanche 29 janvier 2017 09:10:49 UTC+2, ThierryIT a écrit :
Hi,
I do prefer to ask before doing something wrong on my working Qubes.
Where to install DNSSEC-Trigger ? Is 'sys-net' the right answer ?
Do you have for Qubes env any
On 01/27/2017 06:03 AM, pl1...@sigaint.org wrote:
Then if I use other internet connections and spoof MAC, they never know my
real MAC,right?
If you're using Network Manager MAC randomization described in the doc,
then yes---it will use a different random address with each "connection"
On 01/22/2017 12:13 AM, adonis28...@gmail.com wrote:
Hi mate,
I finally had some time for testing, and still not working, although I got some
more info.
So I checked and the 01qubes-proxy is in there in the template I'm trying to
create for Kali. After that, I checked the sys-firewall VM and
On 01/21/2017 06:16 AM, Rusty Bird wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
qubenix:
All tpm related tools believe tpm
in disabled, and the prcs file is always empty with TXT or without.
I am 100% sure that the chip is active in BIOS. Any other ideas?
Not really, sorry. Maybe
On 01/19/2017 05:46 PM, Unman wrote:
On Thu, Jan 19, 2017 at 10:02:38AM -0800, adonis28...@gmail.com wrote:
On Thursday, January 19, 2017 at 12:22:35 PM UTC-5, Chris Laprise wrote:
On 01/18/2017 09:32 PM, wrote:
Hi guys,
I'm having a hard time trying to figure out this. When I installed
On 01/18/2017 09:32 PM, adonis28...@gmail.com wrote:
Hi guys,
I'm having a hard time trying to figure out this. When I installed Qubes OS I think I
chose Whonix as the default to update VMs, but eventually I ended up changing it after a
couple of days and set the UpdateVM to "sys-firewall".
On 01/15/2017 08:25 PM, Marek Marczykowski-Górecki wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sun, Jan 15, 2017 at 08:02:17PM -0500, Chris Laprise wrote:
On 01/15/2017 05:02 PM, Marek Marczykowski-Górecki wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sun, Jan 15
On 01/15/2017 05:02 PM, Marek Marczykowski-Górecki wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sun, Jan 15, 2017 at 04:10:49PM -0500, Chris Laprise wrote:
The salt failure occurs with any type of VM. This may be due to some aspect
of my dom0 configuration that changed, because
The salt failure occurs with any type of VM. This may be due to some
aspect of my dom0 configuration that changed, because when sys-usb was
initially setup the qubesctl commands worked.
Chris
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To
On 01/13/2017 04:34 PM, raahe...@gmail.com wrote:
On Thursday, January 12, 2017 at 1:30:07 PM UTC-5, daltong defourne wrote:
On Thursday, January 12, 2017 at 6:47:00 PM UTC+3, daltong defourne wrote:
Hi!
I've created a VPN proxyvm (debian-8 based) according to existing documentation
(more or
On 01/14/2017 10:13 AM, haaber wrote:
Hello,
I get the error message in the title when trying to open a DispVM.
It is my firt try to play with disposable VMs in and out-of-the-box
install. Where do I find log files on that? Thank you,Bernhard
You can try manually generating the savefile
Per my post on Qubes Issues...
|$ sudo qubesctl top.enable qvm.f24-clone [ERROR ] An un-handled
exception was caught by salt's global exception handler:
SaltRenderError: Could not find relpath for qvm.f24-clone.top Traceback
(most recent call last): File "/bin/qubesctl", line 91, in
On 12/28/2016 07:39 AM, john.david.r.smith wrote:
currently when i have qubes and need a new image (e.g. to
reinstall/install on a new machine), i need to download the image from
qubes-os.org and then check the signature.
this may be a source of errors for some users, or even insecure
(mitm +
On 12/29/2016 03:57 PM, Jon Solworth wrote:
I'm at Chaos Computer Congress, and Qubes has a table. I got some help from
them with the multimedia buttons for i3. Specifically, I configured the
brightness and sound controls, but not the multimedia player controls because
the player is not in
On 12/22/2016 01:11 AM, Andrew David Wong wrote:
Thanks. Just reclaimed 125 GB in a three-year-old StandaloneVM. ^_^
For others, the command I used (in the StandaloneVM):
$ sudo fstrim -v -a
You use big drives. :)
The 'discard' option can also be added in /etc/fstab so that root
On 12/21/2016 03:02 PM, Patrick Bouldin wrote:
On Wednesday, December 21, 2016 at 2:03:15 PM UTC-5, Chris Laprise wrote:
On 12/20/2016 08:53 PM, Patrick Bouldin wrote:
Hi, compared to running a certain app in windows (Anki), installing it in the Fedora
template in Qubes means the first time
On 12/19/2016 12:33 AM, Andrew David Wong wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2016-12-18 17:27, iamthech...@gmail.com wrote:
Is there a guide to update an existing VM to Fedora 24 while
preserving it's contents? I upgraded the template per the
instructions [1], but can't
On 12/20/2016 08:53 PM, Patrick Bouldin wrote:
Hi, compared to running a certain app in windows (Anki), installing it in the Fedora
template in Qubes means the first time to run is very slow to launch. Maybe up to a
minute. To install it to the template I just said "sudo yum install anki"
On 12/20/2016 06:57 PM, Mike Mez wrote:
"Search for "VFIO NVIDIA Error 43" on your favorite search engine.
Pretty much it just shuts off 3D mode and gives you Error 43 in device
manager if it detects some hardware virt features, there is a way
around it but I wasted hours until I figured out
On 12/20/2016 06:57 PM, Mike Mez wrote:
This is/immensely/ helpful. To reiterate... to make sure I understand,
with "windows problems" easy is easy and impossible is basically
impossible (which I can say with experience is fairly on the money of
my experience as well). With Linux, the
Regarding the "Alternate Patching Method" using normal apt update: Its
possible the template was attacked via updates even before the bug was
announced, or sometime between the Debian announcement and now. The
"check InRelease" only helps if the attack occurs only during the next
update and
On 12/18/2016 11:49 PM, Andrew David Wong wrote:
*2. *You mentioned during the interview that you came to Qubes
as a lifelong widows user. I am in the situation when it comes to
this as a lifelong windows user. What would you say is the learning
curve for using Qubes is? How easy would
On 12/19/2016 02:31 PM, Andrew David Wong wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2016-12-19 07:31, J. Eppler wrote:
Hello,
1. How can I search for qubes-templates in dom0 rpm repository? The
qubes-dom0-update tool excludes all templates from a search.
$ sudo
On 12/19/2016 01:46 PM, pl1...@sigaint.org wrote:
Hello
In the middle of the installation of the packages with apt-get
dist-upgrade, the terminal suddenly disappears and near debian template
the "state" become yellow.
I reboot it but the "state" remain yellow and when try to open an
application,
On 12/18/2016 05:15 PM, iReallyWantQubesToWork wrote:
I burned the Qubes ISO to a USB (using Rufus) and completed the installation
without any problems, except that Qubes refuses to boot on the installed drive.
I installed it onto my external HDD and have also installed it onto a 32 GB
USB,
On 12/17/2016 01:27 PM, johnyju...@sigaint.org wrote:
I've finished my conversion of all VM's to debian-8 (and isolating USB,
the sound card, etc.). (Next is dom0, and maybe the replacing the
hypervisor, but that's another story. :) )
The last hiccup was getting OpenVPN working in debian-8
On 12/16/2016 12:21 PM, qubenix wrote:
Ah, that was my mistake/commit. I apologize, I did not see this
documented before. Thank you for helping me to realize this confusing
situation.
The worst part, really, is that the only place in the man pages where
random vs. stable is documented is in
On 12/15/2016 01:58 PM, Reg Tiangha wrote:
On 12/15/2016 11:50 AM, qubenix wrote:
I've used the docs[1] to randomize my MAC on sys-net with debian-9 as
it's template. At first everything was working normal, but I've noticed
now that my MAC is only randomized until I connect to a network. At
New updates to x11 in Debian 9 have made otherwise well-running template
unable to boot properly. The status dot stays yellow and sys-net NM icon
doesn't appear, so this appears to affect the GUI daemon. I had to
revert it to get stuff done, so I'll post details later.
Chris
--
You received
On 12/10/2016 12:36 PM, rtian...@gmail.com wrote:
On Saturday, December 10, 2016 at 6:03:17 AM UTC-7, jkitt wrote:
What's it like to update - is it relatively simple? Would you say it's more
secure than Debian or Fedora?
It's easy. Shut down your Mirage OS Firewall VMs, copy over the new
On 12/10/2016 03:36 PM, Reg Tiangha wrote:
I haven't tried it myself yet, but it looks like the coldkernel crew
pushed out experimental support for Debian templates to one of their
test branches yesterday:
https://github.com/coldhakca/coldkernel/tree/0.9a
Has anyone out there tried it yet?
On 12/09/2016 05:56 PM, Eva Star wrote:
On 12/07/2016 07:48 AM, Andrew David Wong wrote:
FWIW, `systemctl restart qubes-firewall` fixed it for me last time.
Today one my VM losses network 2 times. Every time I tried `systemctl
restart qubes-firewall` and it not fix the issue. It's looks like
On 12/09/2016 12:11 AM, Jean-Philippe Ouellet wrote:
On Thu, Dec 8, 2016 at 6:37 AM, Andrew David Wong wrote:
Qubes isn't supported on VirtualBox or on Macbooks
This is the first I've heard of MacBooks being "not supported".
I know at least one person personally who is
On 12/01/2016 09:19 AM, Marek Marczykowski-Górecki wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Thu, Dec 01, 2016 at 02:06:16PM +, C. L. Martinez wrote:
On Thu 1.Dec'16 at 14:50:59 +0100, Marek Marczykowski-Górecki wrote:
On Thu, Dec 01, 2016 at 04:26:38PM +0300, Eva Star
On 12/08/2016 10:15 AM, Adrian Rocha wrote:
Hi,
I updated dom0. I see that there is updated the plasma desktop, but the update
process reports many packages with broken dependencies:
I'm having a similar problem, despite dom0 dnf saying that
qt5-qtbase-5.6.1-3 is installed:
Last metadata
On 12/08/2016 07:55 AM,
5g0zhi+3ukwtmyaqkdinfnkhq8q589xl3kkxqmyv3sq4li...@guerrillamail.com wrote:
I think it would be best to set up i2p in a place like /rw/config or
/home, in either a proxyVM or appVM (not a netVM). Otherwise, you could
consider using a Tails HVM which would have it
On 12/08/2016 04:14 AM,
5fxfc1+2ch7pcmy34te01rpv5qj0zj3h115fu90fwr3h7yl5u via qubes-users wrote:
Hi everyone!
I wanted to ask: What is the best way to use i2p in Qubes? Should I setup a
NetVM or install i2p in a TemplateVM? Also since Java is not the most secure
environment, I'm planning on
On 12/06/2016 07:58 PM, jonathanri...@gmail.com wrote:
Hi, I'd just like an update on this, as I am looking to do the same.
OpenWRT seems the best for NetVM as it has all that I could think of.
Also multiple instances for VPNs should not use too much ram.
So if you got it running, could you post
On 12/05/2016 09:06 PM, Patrick Schleizer wrote:
Why I used git:
* I found it simpler and quicker to type to manage the whole
/var/lib/qubes/vm-templates/vm-name including all files using git rather
than manually that folder.
Using LVM or Btrfs snapshots would accomplish this far more quickly
On 12/04/2016 10:49 AM, Lorenzo Lamas wrote:
Since upgrading to Xen 4.6.3-21 from Xen 4.6.1-20, booting with AEM fails to
start serviceVM's(netVM, usbVM, firewallVM). When the boot process finally
completes, trying to manually launch the VMs through VM Manager doesn't work
either. When I
What is an acceptable / secure way to obtain a Yubikey fob?
Chris
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To
On 12/01/2016 03:48 AM, Zrubi wrote:
On 11/30/2016 02:59 PM, Loren Rogers wrote:
Hi all,
Are there any recommended strategies for creating and managing
TemplateVMs for regular users?
I'm having those templates:
netVMs, Proxym Firewall, VPN: fedora minimal based
regular AppVMs: Fedora,
On 11/30/2016 07:02 PM, Loren Rogers wrote:
On 11/30/2016 09:14 AM, Daniel Moerner wrote:
On Wednesday, November 30, 2016 at 8:59:58 AM UTC-5, Loren Rogers wrote:
Hi all,
Are there any recommended strategies for creating and managing
TemplateVMs for regular users?
Speaking personally, I use
Would it have anything to do with upgrading to kernel 4.8 (both dom0 and
domU)?
Chris
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
On 11/30/2016 03:55 PM, Marek Marczykowski-Górecki wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Wed, Nov 30, 2016 at 02:44:17PM -0500, Chris Laprise wrote:
On 11/28/2016 05:27 PM, Patrick Schleizer wrote:
Probably related issues:
- https://github.com/QubesOS/qubes-doc/pull/176
On 11/28/2016 05:27 PM, Patrick Schleizer wrote:
Probably related issues:
- https://github.com/QubesOS/qubes-doc/pull/176
- https://github.com/QubesOS/qubes-doc/pull/228
Which lead to some changes to https://www.qubes-os.org/doc/vm-sudo/
[which was reported to work now] (and the qubes-whonix
On 11/30/2016 12:12 PM, Rusty Bird wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
"Everyone loves the Whonix approach of running Tor Browser and the tor
daemon in two separate Qubes VMs, e.g. anon-whonix and sys-whonix.
Let's take it a step further and run Tor Browser (or other
On 11/30/2016 02:09 AM, Swâmi Petaramesh wrote:
Hello,
I use Qubes 3.2 (recent, default installation) with anti-evil-maid on HP
ProBook 6470b.
Anti-evil-maid is installed to HD /boot per instructions, TPM is
protected by a password, and I use a "secret" image instead of text.
So far
On 11/26/2016 12:42 PM, Andrew David Wong wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
A strange networking problem just started in the past day or so:
Every few hours, around 2/3 of my VMs will suddenly lose network
access. I can still ping websites from sys-net and sys-firewall,
On 11/22/2016 07:44 AM, Marek Marczykowski-Górecki wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Dear Qubes users,
We have just released a new Qubes Security Bulletin (QSB #27):
https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-027-2016.txt
- --
Updates not visible
On 11/21/2016 03:51 PM, Eric Shelton wrote:
Third, it looks like there are problems getting Linux running on
these, which does not bode well for getting Qubes to boot:
https://wiki.debian.org/InstallingDebianOn/Asus/X205TA
You are going to run into these types of issues with these inexpensive
On 11/19/2016 06:15 PM, Aaron Jefferson wrote:
Hadn't turned it on.
On Sat, Nov 19, 2016 at 6:08 PM, Aaron Jefferson
<ajefferson1...@gmail.com <mailto:ajefferson1...@gmail.com>> wrote:
Thanks, I'll check it out.
On Sat, Nov 19, 2016, 18:06 Chris Laprise <tas...@
On 11/19/2016 02:02 PM, Aaron Jefferson wrote:
First boot wlan didn't work, second boot worked fine.
Most X230s with that CPU have Vt-d capability, but the report says 'no'.
You may want to check your BIOS to make sure its switched on.
This affects the security and operation of wlan,
On 11/18/2016 02:03 AM, entr0py wrote:
Andrew:
I think not without modifying the Qubes RPC code itself, which is
probably a non-starter. Anyway you would be relying on untrusted
self-reported information in the trusted Dom0 prompt, so maybe not a
good idea.
If you just want to investigate,
What is the command to do the trusted image conversion?
Chris
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post
On 11/16/2016 03:27 PM, Jean-Philippe Ouellet wrote:
This is a known problem area.
See discussions in:
- https://github.com/QubesOS/qubes-issues/issues/971
- https://github.com/QubesOS/qubes-issues/issues/858
I think the easiest, most efficient route currently available is to have
your VMs
On 11/16/2016 01:26 PM, Andrew wrote:
3n7r0...@gmail.com:
On Wednesday, November 16, 2016 at 1:22:43 PM UTC, Chris Laprise wrote:
On 11/15/2016 04:04 PM, Unman wrote:
On Tue, Nov 15, 2016 at 02:26:12PM -0500, Chris Laprise wrote:
On 11/15/2016 07:20 AM, Unman wrote:
On Tue, Nov 15, 2016
On 11/15/2016 04:04 PM, Unman wrote:
On Tue, Nov 15, 2016 at 02:26:12PM -0500, Chris Laprise wrote:
On 11/15/2016 07:20 AM, Unman wrote:
On Tue, Nov 15, 2016 at 11:55:13AM +, Unman wrote:
On Tue, Nov 15, 2016 at 05:53:56AM -0500, Chris Laprise wrote:
Following the instructions
Following the instructions for the 'vm-sudo' doc, I get the following
error in Debian 9:
/usr/lib/qubes/qrexec-client-vm failed: exit code 1
sudo: PAM authentication error: System error
Also, in the Debian 8 template the instructions don't match, as there
appears to be no file
On 11/14/2016 05:20 PM, pixel fairy wrote:
On Monday, November 14, 2016 at 5:09:41 PM UTC-5, Chris Laprise wrote:
Using btrfs as the dom0 filesystem (or a btrfs volume added to a dom0
pool) could enable the advantages being sought here. Using either
snapshots or reflinks, you can create
Using btrfs as the dom0 filesystem (or a btrfs volume added to a dom0
pool) could enable the advantages being sought here. Using either
snapshots or reflinks, you can create an offline copy of the VM's
private.img, and then attach that to the backup vm. This eliminates the
first rsync step.
On 11/14/2016 04:47 PM, dumbcyber wrote:
>From the beginning I have to ask for forgiveness - I am new to Qubes and have
no knowledge of changing boot managers beyond trial and error.
My hardware is a Macbook 11,1. In fact I don't have any other machines at home.
I want to create a bootable
On 11/13/2016 08:36 PM, Eric wrote:
On Sunday, November 13, 2016 at 5:01:59 PM UTC-8, entr0py wrote:
Eric:
Just bought a laptop with a Skylake processor for running Qubes, and from
looking around on Intel's website it appears that no Skylake Core-branded
processors support Intel TXT. Any
On 11/13/2016 04:38 AM, Sec Tester wrote:
I guess the main benefit to having VPN on router is it takes that overhead off the
PCs CPU & memory.
But the paper is right, a lot of network hardware is backdoored. Especially the
cisco stuff. And im suspicious of the Chinese stuff too.
We should
On 11/12/2016 05:47 PM, hed...@tutanota.com wrote:
I guess the question still stands: is the latest version materially
superior to the March 2015 version? (And enough to want to re-create
over a dozen proxyVMs?)
Yes, the VPN doc method is better in the sense that it separates packets
On 11/12/2016 07:48 PM, Sec Tester wrote:
Hi Marek,
On Sunday, 13 November 2016 03:33:50 UTC+10, Marek Marczykowski-Górecki wrote:
They have basically said, Elite hackers can gain root, so lets just not even
bother with this foundational layer of security.
The point is _if_ someone is able
On 11/11/2016 10:21 PM, Sec Tester wrote:
So Im still new to Qubes, but after going through a bit of a learning curve,
building & customizing VM's to suit my security needs, I have a few thoughts on
its security.
Firstly I really love the direction Qubes has taken the future of operating
On 11/12/2016 06:26 AM, David Hobach wrote:
> I would also advise users *not* to
> rely on firewall settings in Qubes Manager/VM Settings as the options
> are too limited to stop compromised VMs that are supposed to be
confined
> to the VPN tunnel from leaking data to clearnet (e.g. a hostile
On 11/11/2016 10:37 PM, Sec Tester wrote:
Perhaps another reason why VM's shouldn't have default root access?
"taskset 0x2 sudo ./measure -p 0.7 -s 16."
This really needs root to work?! This could be important... these
rowhammer vulns have become BAD.
Chris
--
You received this message
On 11/10/2016 06:51 AM, Marek Marczykowski-Górecki wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Wed, Nov 09, 2016 at 02:08:46PM +0100, Zrubi wrote:
Applying the color profile is half of the job, next part is to provide
the same profile for AppVMs.
Here I'm stuck a bit because I
On 11/11/2016 01:24 PM, David Hobach wrote:
On 11/10/2016 10:07 PM, Chris Laprise wrote:
> On 11/10/2016 01:28 PM, David Hobach wrote:
>> I'd recommend to avoid any tools employing iptables which were not
>> written explicitly for Qubes as well.
>
> This. Or at least d
On 11/11/2016 07:20 AM, Sec Tester wrote:
I have successfully applied the setup and scripting in
https://www.qubes-os.org/doc/vpn/
No more DNS leaks.
This means i can atleast use my vpn, until i find a way to make things work
with the AirVPN GUI.
A tip for stopping DNS leaks with the GUI:
On 11/10/2016 12:50 PM, Chris Laprise wrote:
On 11/10/2016 12:41 PM, raahe...@gmail.com wrote:
On Thursday, November 10, 2016 at 12:38:58 PM UTC-5,
raah...@gmail.com wrote:
On Thursday, November 10, 2016 at 6:28:33 AM UTC-5, Eva Star wrote:
Subj
https://github.com/IAIK/drama
All systems
On 11/10/2016 08:40 AM, John R. Shannon wrote:
Is it possible to convert a Windows StandaloneHVM to a TemplateHVM
without re-installing Windows?
I think so. To start the conversion, I would try uninstalling Qubes
Tools from the standalone first. Then create an empty template HVM and
copy
On 11/09/2016 08:46 AM, SEC Tester wrote:
I've considered leaving network lock off, and building my own custom IP Tables,
or firewall rules to stop the leaks.
But this is currently beyond my skill set, so would need some hand holding to
learn what to do.
I have looked at the section here on
On 11/07/2016 07:32 PM, Jean-Philippe Ouellet wrote:
On Mon, Nov 7, 2016 at 2:29 PM, Chris Laprise <tas...@openmailbox.org> wrote:
The framebuffer is being handled by the trusted dom0 graphics stack, so is
actually a trusted input.
Perhaps we have run into trusted != trustworthy termi
On 11/07/2016 04:02 PM, 3n7r0...@gmail.com wrote:
On Monday, November 7, 2016 at 8:57:16 PM UTC, 3n7r...@gmail.com wrote:
Using stock android-x86_64-6.0-r1.iso from android-x86.org (cm not tested)
Issues:
1. no boot
2. mouse support
3. wake from sleep
4. private storage
5. secure clipboard
1.
On 11/07/2016 02:11 PM, Jean-Philippe Ouellet wrote:
On Mon, Nov 7, 2016 at 2:02 PM, Grzesiek Chodzicki
wrote:
In order to capture the whole screen such tool would need to run in dom0 which
is really, really not a good idea.
I think it is important to understand
On 11/02/2016 01:38 PM, mara.kuens...@gmail.com wrote:
And that's why you can use many appVMs in the first place. You share the
But that is not the point. First of all, unless your life depends on it, it
will be very unlikely that you are actually paying enough attention to where
you use
On 10/28/2016 11:09 PM, Gaiko Kyofusho wrote:
Is it possible to set up a VpnVM to automatically/randomly switch
between vpn servers? At the moment I have to manually replace
openvpn-client.opvn file with another file (with other server info)
every time I want to change, would be great if I
On 10/26/2016 12:46 PM, maritnez wrote:
you have a file that contains sensitive banking data and would like to delete
it without leaving any traces on your system.
you can 'move it to trash'
which moves it to the trash
you can then press the delete button in your trash container but
is this
On 10/25/2016 03:07 PM, Marek Marczykowski-Górecki wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Tue, Oct 25, 2016 at 02:27:23PM -0400, Chris Laprise wrote:
I'm trying to install the xen-4.6.3 package from current-testing, but there
is no xen*.gz added to /boot.
This file is part
I'm trying to install the xen-4.6.3 package from current-testing, but
there is no xen*.gz added to /boot.
How can I get this installed properly to test on my system?
Chris
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from
On 10/19/2016 11:54 AM, johnyju...@sigaint.org wrote:
It always seemed a bit "off" to me that there should be any swap usage or
significant buffers/caches inside VM's.
dom0 already caches the virtual .img files, so having the kernel inside
each VM also buffering/caching files and metadata is
On 10/18/2016 04:26 AM, pl1...@sigaint.org wrote:
On 10/16/2016 02:02 PM, pl1...@sigaint.org wrote:
On 10/15/2016 08:59 AM, pl1...@sigaint.org wrote:
Anyone?
Instructions for MAC anonymization have just been updated:
https://www.qubes-os.org/doc/anonymizing-your-mac-address/
Chris
Ok, is
On 10/16/2016 08:50 AM, 4lpt9o+3m11o9qubb38o via qubes-users wrote:
You don't need to manually add the iptables rules. When enable the
'qubes-yum-proxy' on the VPNVM the rule to iptables is automatically added:
Chain PR-QBS-SERVICES (1 references)
pkts bytes target prot opt in out
On 10/16/2016 02:02 PM, pl1...@sigaint.org wrote:
On 10/15/2016 08:59 AM, pl1...@sigaint.org wrote:
Anyone?
Instructions for MAC anonymization have just been updated:
https://www.qubes-os.org/doc/anonymizing-your-mac-address/
Chris
Ok, is recommend to use debian as sys-net
My question is
901 - 1000 of 1140 matches
Mail list logo