[qubes-users] Re: selfsecure systems - redunancy?

I remember some more examples of redundant systems. For example, ancient computer SAPO (see https://en.m.wikipedia.org/wiki/SAPO_(computer) ). Cardiostimulators are AFAIR reportedly also designed in this way (different CPUs on a different architecture with different code written by different

[qubes-users] Re: installing nvidia

anyone? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to

[qubes-users] Re: Does the Standard Firewall-VM Actaully do anything?

Sec Tester: > So im finally getting around to rebuilding the sys-firewall VM on a minimal > template. Put it off because i thought there would be a lot of scripting to > setup. > > According to documentation, it doesnt need any extra packages. >

[qubes-users] Cryptsetup Vulnerability affects QubesOS?

According to the description, it looks likely to affect Qubes. According to my experience, I remember getting in the shell (from a different reason) and it asked for a password. I believe this happened when upgrading to 3.2 due to a mountpoint issue. This suggests that Qubes is not affected,

[qubes-users] Re: Does the Standard Firewall-VM Actaully do anything?

It also raises the question, Is there any benefit running a VPN-Proxy-VM through sys-firewall? Or maybe save the overhead and just connect VPN-Proxy-VM directly to sys-Net? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from

Re: [qubes-users] Just Broke Debian-8 Template

On Thursday, 17 November 2016 10:33:28 UTC+10, Vít Šesták wrote: > I've tried to replicate it in a DVM and it behaved according to my > expectation: > > When running sudo apt remove imagemagick, it asks me for also removing some > qubes-* packages. The reason is that those packages depend on

[qubes-users] Does the Standard Firewall-VM Actaully do anything?

So im finally getting around to rebuilding the sys-firewall VM on a minimal template. Put it off because i thought there would be a lot of scripting to setup. According to documentation, it doesnt need any extra packages. https://www.qubes-os.org/doc/templates/fedora-minimal/ And when creating

Re: Enigmial and Splig GPG2 (previously Re: [qubes-users] Upgrading from Split GPG1 to Split GPG2?)

On Sunday, October 9, 2016 at 11:17:53 AM UTC-4, cubit wrote: > 4. Oct 2016 19:40 by cu...@tutanota.com: > I upgraded enigmail to v 1.9.5 and it did not go as well as planned.   From > what I read of the qubes documents there were nothing to change in qubes > settings to take into account the

Re: [qubes-users] Just Broke Debian-8 Template

I've tried to replicate it in a DVM and it behaved according to my expectation: When running sudo apt remove imagemagick, it asks me for also removing some qubes-* packages. The reason is that those packages depend on ImageMagick package, so you should either remove them as well or keep

[qubes-users] Re: Fedora 24 template available for Qubes 3.2

> > > I installed the Fedora 24 template and set all VMs that were using 23 to 24. > However, I'm unable to remove the Fedora 23 template and dom0 is still > fetching updates for it. > Anyone else having this problem? Nevermind I got it. Attempted to remove the template before I set dependent

[qubes-users] Re: Fedora 24 template available for Qubes 3.2

On Saturday, November 12, 2016 at 10:53:00 PM UTC-5, Marek Marczykowski-Górecki wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Hi all, > > Fedora 24 template is now available for direct installation. This means > there are now two ways to have it on Qubes 3.2 system: > > 1.

Re: [qubes-users] Re: Incremental / continuous backups?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, Nov 16, 2016 at 01:35:53PM -0800, pixel fairy wrote: > On Wednesday, November 16, 2016 at 2:12:37 PM UTC-5, Loren Rogers wrote: > > What's a good approach for regular backups? > > > > Does Qubes have a simple way of automatically saving VM

[qubes-users] Android file transfer

Hi list I've been through the archives and found a number of partially helpful suggestions, none of which give me a workable solution. Google also gives me http://nknu.net/mount-nexus5-on-fedora23-using-simple-mtpfs/ which unfortunately doesn't fully work on my Qubes system - I can map the phone

[qubes-users] Re: Incremental / continuous backups?

On Wednesday, November 16, 2016 at 2:12:37 PM UTC-5, Loren Rogers wrote: > What's a good approach for regular backups? > > Does Qubes have a simple way of automatically saving VM snapshots? And, > is there a way to do this incrementally? I assume not, since the > encryption would block it? you

Re: [qubes-users] Can't update dom0?

On 16/11/2016 20:10, Loren Rogers wrote: > Clicking the "Update VM System" button with dom0 selected seems like it > starts, but it doesn't really go anywhere. I recall reading something about this issue in the Qubes Wiki. IIRC, they suggested to run the command manually from the command line;

Re: [qubes-users] Cryptsetup Vulnerability affects QubesOS?

On 16/11/2016 19:10, berthold_...@web.de wrote: > Does this affect QubesOS? > > https://threatpost.com/cryptsetup-vulnerability-grants-root-shell-access-on-some-linux-systems/121963/ > Looks like a fairly low priority to me. You can get initramfs shell in a Busybox and have access to /boot (on

[qubes-users] Re: Qubes not shutting down

On 11/16/2016 02:33 PM, Grzesiek Chodzicki wrote: W dniu środa, 16 listopada 2016 20:04:14 UTC+1 użytkownik Loren Rogers napisał: Hi all, I've successfully installed Qubes on my Thinkpad X201 tablet, but it has issues shutting down. When I explicitly tell it to reboot or shutdown, it goes

Re: [qubes-users] isolated workflows - image converter - trusted jpg

What is the command to do the trusted image conversion? Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post

Re: [qubes-users] Incremental / continuous backups?

On 11/16/2016 03:27 PM, Jean-Philippe Ouellet wrote: This is a known problem area. See discussions in: - https://github.com/QubesOS/qubes-issues/issues/971 - https://github.com/QubesOS/qubes-issues/issues/858 I think the easiest, most efficient route currently available is to have your VMs

Re: [qubes-users] Incremental / continuous backups?

This is a known problem area. See discussions in: - https://github.com/QubesOS/qubes-issues/issues/971 - https://github.com/QubesOS/qubes-issues/issues/858 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop

[qubes-users] Re: Qubes not shutting down

On 11/16/2016 02:33 PM, Grzesiek Chodzicki wrote: W dniu środa, 16 listopada 2016 20:04:14 UTC+1 użytkownik Loren Rogers napisał: Hi all, I've successfully installed Qubes on my Thinkpad X201 tablet, but it has issues shutting down. When I explicitly tell it to reboot or shutdown, it goes

[qubes-users] Can't update dom0?

I can't seem to update dom0 using the regular updater. The system keeps telling me there are updates for dom0, but I can't get anything to actually update. Is there something I'm missing here? Clicking the "Update VM System" button with dom0 selected seems like it starts, but it doesn't

Re: [qubes-users] Re: selfsecure systems - redunancy?

On Wed, Nov 16, 2016 at 2:43 PM, '81029438'1094328'0194328'0914328 wrote: > ... idealistic description of heterogeneous computations and validating i/o > proxy ... This method of verification is not the panacea it may appear to be. If an attacker can find

Re: [qubes-users] PAM errors after disabling password-less root

On 11/16/2016 01:26 PM, Andrew wrote: 3n7r0...@gmail.com: On Wednesday, November 16, 2016 at 1:22:43 PM UTC, Chris Laprise wrote: On 11/15/2016 04:04 PM, Unman wrote: On Tue, Nov 15, 2016 at 02:26:12PM -0500, Chris Laprise wrote: On 11/15/2016 07:20 AM, Unman wrote: On Tue, Nov 15, 2016 at

[qubes-users] Re: selfsecure systems - redunancy?

Hello Vít Šesták, yes I agree, that IT designs (nearly) everything very complex (or why every browser shows the same data, e.g. HTML slightly different - it makes not a real sense). In the physical world you have the so called Fit-Form-Function-Code. This means you define how long-wide-high,

[qubes-users] Re: Qubes not shutting down

W dniu środa, 16 listopada 2016 20:04:14 UTC+1 użytkownik Loren Rogers napisał: > Hi all, > > I've successfully installed Qubes on my Thinkpad X201 tablet, but it has > issues shutting down. When I explicitly tell it to reboot or shutdown, > it goes through the entire shutdown sequence, but

Re: [qubes-users] Installing in basic graphics mode

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - - -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, Nov 16, 2016 at 03:08:11PM +0100, D wrote: > Hi folks, > > I was unable to boot

[qubes-users] Q Diskmanagement partition?

Hello, Q need enough free disk space in the root partition, as I found in the documentation: https://www.qubes-os.org/doc/out-of-memory/ Check the disk space: df Normally I should stay on the standard installation path, with the full disk encryption (beside /boot, which stays un-encrypted

[qubes-users] Incremental / continuous backups?

What's a good approach for regular backups? Does Qubes have a simple way of automatically saving VM snapshots? And, is there a way to do this incrementally? I assume not, since the encryption would block it? Thanks, Loren -- You received this message because you are subscribed to the Google

[qubes-users] Cryptsetup Vulnerability affects QubesOS?

Does this affect QubesOS? https://threatpost.com/cryptsetup-vulnerability-grants-root-shell-access-on-some-linux-systems/121963/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it,

Re: [qubes-users] Re: Intel TXT advice

On 14-11-2016 20:07, Eric wrote: On Monday, November 14, 2016 at 11:58:32 AM UTC-8, entr0py wrote: Eric: On Sunday, November 13, 2016 at 10:44:33 PM UTC-8, tai...@gmx.com wrote: ... Well, the Dell XPS was enough processing power for me. The Business version, the Precision 5510, not only has

Re: [qubes-users] Just Broke Debian-8 Template

On Wednesday, November 16, 2016 at 7:37:15 AM UTC-5, Sec Tester wrote: > On Wednesday, 16 November 2016 21:08:14 UTC+10, Unman wrote: > > On Wed, Nov 16, 2016 at 10:26:34AM +, Unman wrote: > > > On Tue, Nov 15, 2016 at 09:50:58PM -0800, Sec Tester wrote: > > > > So i wanted to uninstall that

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

the desktop mobo i bought was because it had txt and vt-d specified as enabled by default in the manual. So I didn't even need the picture lol. but imo thats what to look for. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe

Re: [qubes-users] PAM errors after disabling password-less root

3n7r0...@gmail.com: > On Wednesday, November 16, 2016 at 1:22:43 PM UTC, Chris Laprise wrote: >> On 11/15/2016 04:04 PM, Unman wrote: >>> On Tue, Nov 15, 2016 at 02:26:12PM -0500, Chris Laprise wrote: On 11/15/2016 07:20 AM, Unman wrote: > On Tue, Nov 15, 2016 at 11:55:13AM +, Unman

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

You don't always have to buy the newest computer. I wouldn't recommend doing that for a linux system. I built an i5 desktop for qubes I expect it to last for years to come. I would say a i7 for laptop though, just check what people say about the model on linux forums. or what they have

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

On Wednesday, November 16, 2016 at 5:36:06 AM UTC-5, Achim Patzner wrote: > Am 15.11.2016 um 14:46 schrieb Andrew David Wong: > > If you plan to be using the same machines for Qubes 4.x, you should > > also take into consideration the updated requirements for > > Qubes-certified hardware, which

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

On Wednesday, November 16, 2016 at 5:02:36 AM UTC-5, tai...@gmx.com wrote: > I have purchased systems that had just that but the proprietary bios > still did not properly implement the iommu. > > This is considered a "pro" level technology and you are generally SOL if > you buy a consumer level

Re: [qubes-users] PAM errors after disabling password-less root

On Wednesday, November 16, 2016 at 1:22:43 PM UTC, Chris Laprise wrote: > On 11/15/2016 04:04 PM, Unman wrote: > > On Tue, Nov 15, 2016 at 02:26:12PM -0500, Chris Laprise wrote: > >> On 11/15/2016 07:20 AM, Unman wrote: > >>> On Tue, Nov 15, 2016 at 11:55:13AM +, Unman wrote: > On Tue,

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

so far dell is the only company thats said yes to this, but no one ive talked to has actually tried qubes. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] sys-usb trouble

sys-usb has been giving me problems in the past couple days. whenever its restarted, it no longer talks to usb devices. the only solution ive found is rebooting the laptop. now, coming out of suspend its "on", but i couldnt even start a terminal in it. this might be the relevant log entry. the

[qubes-users] error reporting

how do you copy paste errors from the qubes vm manager? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this

Re: [qubes-users] Qubes and Broadcom BCM4360 - A Success Story

On Saturday, March 12, 2016 at 2:29:21 PM UTC-7, Dave C wrote: > On Saturday, March 12, 2016 at 1:52:19 AM UTC-8, Marek Marczykowski-Górecki > wrote:-BEGIN PGP SIGNED MESSAGE- > > Hash: SHA256 > > > > On Fri, Mar 11, 2016 at 10:30:35PM -0800, Dave C wrote: > > > With earlier Qubes I

[qubes-users] Upgrade graphic drivers in HVM

Hi I installed an HVM with windows and when I want to install some program, often opens a message written "Your graphic card driver is outdated" How I upgrade it? Standard VGA Graphics driver -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To

[qubes-users] Installing in basic graphics mode

Hi folks, I was unable to boot into the graphical installer, on my X200 running Coreboot with SeaBIOS, so I selected "install with basic graphics mode". I want to install this way, but whenever I select the installation destination, it always says "encryption requested for LUKS device sda2

Re: [qubes-users] PAM errors after disabling password-less root

On 11/15/2016 04:04 PM, Unman wrote: On Tue, Nov 15, 2016 at 02:26:12PM -0500, Chris Laprise wrote: On 11/15/2016 07:20 AM, Unman wrote: On Tue, Nov 15, 2016 at 11:55:13AM +, Unman wrote: On Tue, Nov 15, 2016 at 05:53:56AM -0500, Chris Laprise wrote: Following the instructions for the

Re: [qubes-users] Just Broke Debian-8 Template

On Wednesday, 16 November 2016 21:08:14 UTC+10, Unman wrote: > On Wed, Nov 16, 2016 at 10:26:34AM +, Unman wrote: > > On Tue, Nov 15, 2016 at 09:50:58PM -0800, Sec Tester wrote: > > > So i wanted to uninstall that rubbish image editor "imagemagick" > > > > > > Ran: sudo apt-get remove

[qubes-users] Re: Genymotion in Qubes

> Nice question. I would also like to know. > > Have you setup a Win7 HVM? > > This maybe be the best place to try setup Genymotion. > More simple should be use an emulator that doesn't require virtualbox in windows7 because for linux I haven't find something -- You received this message because

Re: [qubes-users] Re: One step foerward, two steps back on Macbook 11,1 - can't boot into Qubes

On Wednesday, 16 November 2016 11:33:03 UTC+11, dumbcyber wrote: > On Tuesday, 15 November 2016 18:14:00 UTC+11, Jean-Philippe Ouellet wrote: > > On Tue, Nov 15, 2016 at 12:17 AM, dumbcyber <> wrote: > > > On Tuesday, 15 November 2016 10:28:52 UTC+11, Marek Marczykowski-Górecki > > > wrote: >

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

If you really do belong to some massive enterprise I am sure your dell/hpe/whatever rep will be able to give you a yes/no answer on what laptops support IOMMU. There is no "uncertainty", if it supports linux plus IOMMU and SLAT or RVI (any recent cpu) it supports qubes. Ask your rep and get it

Re: [qubes-users] Just Broke Debian-8 Template

On Wed, Nov 16, 2016 at 10:26:34AM +, Unman wrote: > On Tue, Nov 15, 2016 at 09:50:58PM -0800, Sec Tester wrote: > > So i wanted to uninstall that rubbish image editor "imagemagick" > > > > Ran: sudo apt-get remove imagemagick > > > > VM crashed. Error in VM manager says "qrexec not

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

Am 16.11.2016 um 11:53 schrieb taii...@gmx.com: The "certified" program is stupid in its current form I agree but what is stopping you from buying a dell business or hpe machine with iommu/TPM and using that? The uncertainty whether it will work with Qubes 4.0 at all as it is very improbable

Re: [qubes-users] Using distribution kernel in Template VM

On 16/11/2016 00:31, Marek Marczykowski-Górecki wrote: >> Is there any way to debug this further? Have any steps been >> missed? > > Check if u2mfn module was built automatically. Simply login on the > template console and check `modinfo u2mfn`. If it's not there, build > it using `dkms

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

The "certified" program is stupid in its current form I agree but what is stopping you from buying a dell business or hpe machine with iommu/TPM and using that? Nobody says you have to buy stuff from whatever company gives kickbacks. (purism "coreboot" with FSP is just a shimboot loader, FSP

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

Am 15.11.2016 um 14:46 schrieb Andrew David Wong: If you plan to be using the same machines for Qubes 4.x, you should also take into consideration the updated requirements for Qubes-certified hardware, which will go into effect for 4.x:

Re: [qubes-users] Re: Fedora 24 template available for Qubes 3.2

On Wed, 16 Nov 2016 01:14:24 +0100, Marek Marczykowski-Górecki wrote: > On Wed, Nov 16, 2016 at 12:28:17AM +0100, yaqu wrote: > > > You have tried to remove fedora-23 using dnf, while some appVMs > > > still were using it as a template. Dnf has displayed an

Re: [qubes-users] Just Broke Debian-8 Template

On Tue, Nov 15, 2016 at 09:50:58PM -0800, Sec Tester wrote: > So i wanted to uninstall that rubbish image editor "imagemagick" > > Ran: sudo apt-get remove imagemagick > > VM crashed. Error in VM manager says "qrexec not connected" > > Tried to restart, VM manager Error says "can not start

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

I have purchased systems that had just that but the proprietary bios still did not properly implement the iommu. This is considered a "pro" level technology and you are generally SOL if you buy a consumer level laptop (even some "enterprise" ones) - If you don't care about ME the best choice

[qubes-users] Qubes at 33c3

Hi all, For those going to 33c3, some of the Qubes team and related projects will be there. It will likely be part of the Secure OS/Desktops assembly as with last year: https://events.ccc.de/congress/2016/wiki/Projects:Qubes https://events.ccc.de/congress/2016/wiki/Assembly:Secure_Desktops

Re: [qubes-users] vPro and Qubes

Accidentally sent before I was finished, didn't include: https://www.crowdsupply.com/raptorcs/talos - open source hardware, thus making it more difficult for unaccountable hardware backdoors (ME = software supported by hardware VS a true hardware backdoor) There are ARM devices like the

Re: [qubes-users] vPro and Qubes

Intel ME (2006+ systems)/AMD PSP (for FM2/AM4), malicious firmware, exploits for the various devices on your system (the IOMMU is initialized too late on x86 to protect the host from DMA exploits in the pre-OS boot window) The sky truly is the limit. If you want *reasonably* secure computing

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

On Tuesday, November 15, 2016 at 2:46:51 PM UTC+1, Andrew David Wong wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 2016-11-15 03:52, pixel fairy wrote: > > management is interested in qubes, but still need windows for some tasks. > > this means buying a laptop that comes with

[qubes-users] Re: vPro and Qubes

On Wednesday, November 16, 2016 at 9:03:12 AM UTC+1, nezn...@xy9ce.tk wrote: > If i have intel processor with the vPro technology - should i afraid some > "factory vulnerabilities" of that technology and some manipulation with my > BIOS. Or security of Qubes is higher of that level? Qubes

[qubes-users] vPro and Qubes

If i have intel processor with the vPro technology - should i afraid some "factory vulnerabilities" of that technology and some manipulation with my BIOS. Or security of Qubes is higher of that level? -- You received this message because you are subscribed to the Google Groups "qubes-users"