Re: [qubes-users] What hardware to buy for security?Best way to go about FDE? & 3-way authentication? discussion!

On 12/29/2016 08:22 AM, HiringQubesExperts wrote: > Hi all, > > I am planning on buying a 13.3 - 15.6 laptop that I will specifically > use for running qubes, and containing lots and lots of highly > sensitive files. > [] > > I really hope we can start a discussion on these topics that will >

[qubes-users] What hardware to buy for security?Best way to go about FDE? & 3-way authentication? discussion!

Hi all, I am planning on buying a 13.3 - 15.6 laptop that I will specifically use for running qubes, and containing lots and lots of highly sensitive files. I will also be using tor allot, and for me the main things I care about is being able to get my setup as secure as possible. Things

Re: [qubes-users] Archlinux Community Template Qubes OS 3.2

On Mon, Dec 19, 2016 at 3:06 PM, J. Eppler wrote: > Hello, > > I just wanted to thank the person who created and uploaded the > qubes-template-archlinux 3.0.6 to the Qubes OS 3.2 rpm repo. > > Saved a lot of work. > > You can installed it with: > sudo qubes-dom0-update

Re: [qubes-users] Fedora-23 Software only shows already installed apps

On Wednesday, December 28, 2016 at 8:02:14 PM UTC-8, Andrew David Wong wrote: > I've never tried the GUI package manager interface. Can you try just > using dnf from the command-line? For example: > > $ sudo dnf install > > - -- > Andrew David Wong (Axon) > Community Manager, Qubes OS >

[qubes-users] Re: How to Backup Qubes Using New USB Hard Drive

Andrew: Success! Everything works now. When I sat down to do this, I realized that I actually only needed one USB qube, and that's the one that I do not want talking to dom0. The keyboard and mouse are already talking to dom0, which I don't want to change. It's all of the other USB devices

Re: [qubes-users] How do I get Qubes 4.0 pre-release/dev build?

On Thursday, 8 December 2016 21:48:05 UTC+1, Marek Marczykowski-Górecki wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On Thu, Dec 08, 2016 at 08:56:25AM -0800, wrote: > > Could someone maybe give some help with the error message? > > The one about missing signed tags? They are

Re: [qubes-users] notify about updates of cloned template

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-12-28 16:03, Eva Star wrote: > How to enable auto checking for updates and notify me if them > exists on the cloned template? > >> qubes-set-updates status > vms: enable > >> qvm-prefs -l fedora-24-clone > updatable: True > > But it does

[qubes-users] Re: 3.2 Install: Error unpacking qubes-template-fedora-23

My freezes for me are pretty random on dozens of different places during the Legacy and UEFI installs, something more than one RPM is broken. I'm blaming my Gigabyte Z97X Gaming mobo, F7 BIOS. I've ordered an ASRock Z97 Extreme6 mobo as that is known to work. I think it's the Gigabyte BIOS that

Re: [qubes-users] Fedora-23 Software only shows already installed apps

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-12-28 13:22, superlative wrote: > Hi, I can install packages from Debian-8 template VM Packages app > just fine. But Fedora-23 template VM doesn't have any packages > available in the Software app that I don't already have installed. >

[qubes-users] Re: 3.2 Install: Error unpacking qubes-template-fedora-23

I found the same problem on a fresh 3.2 install. One data point of something that looked odd to me is that the sha1/sha256 sums are different between the RPM that's distributed as part of the installer and the supposedly same RPM available via the repo online... The Qubes 3.2 installer iso

[qubes-users] Re: trying to pass usb-headset to arch based standalone vm

On Wednesday, December 28, 2016 at 10:39:56 PM UTC, digitaldijjn wrote: > I'm trying to get a usb headset passed to my standalone vm so that I can get > the mic working for rosetta stone. I have wine configured and the program > installed, though when I pass the mic to the vm I can't detect from

[qubes-users] Re: HCL - Lenovo X1 Carbon 4th Gen

I was able to fix the suspend issue not working but updating my kernel to 4.8.12 using: sudo qubes-dom0-update --enablerepo=qubes-dom0-unstable kernel But then WIFI driver failed to reload after exiting suspsend, which got fixed following the steps here:

[qubes-users] notify about updates of cloned template

How to enable auto checking for updates and notify me if them exists on the cloned template? > qubes-set-updates status vms: enable > qvm-prefs -l fedora-24-clone updatable: True But it does not check for updates! -- Regards -- You received this message because you are subscribed to the

[qubes-users] Heads Bootloader

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Trammell Hudson spoke a couple of days ago about a custom bootloader designed to minimally load the OS in a secure manner, and mentioned he got it compatible with Qubes. Does anyone here have any experience with this? Talk:

[qubes-users] HCL - Lenovo X1 Carbon 4th Gen

isit https://groups.google.com/d/optout. Qubes-HCL-LENOVO-20FBCTO1WW-20161228-173545.yml Description: application/yaml

[qubes-users] trying to pass usb-headset to arch based standalone vm

I'm trying to get a usb headset passed to my standalone vm so that I can get the mic working for rosetta stone. I have wine configured and the program installed, though when I pass the mic to the vm I can't detect from within rosetta stone. I've heard that a way to work around this is to use a

Re: [qubes-users] RFC: adding qubes images to the (qubes) repo

if offloading is done for isos: ship the master key with qubes and provide a convenience command to the user. this command should download (e.g. via torrent) and verify the image (a step the user can'd do wrong anymore). this command could spawn a dispvm, install torrent software, load the

Re: [qubes-users] Firewall Rules for Printer Access?

Thanks for suggesting a network printer. That might be what I have to end up doing. But before I try that, I want to keep trying USB printer. I'll try the USB passthrough method as soon as I figure out how to install qubes-usb-proxy on my Fedora-23 template VM Software app. I created a new

Re: [qubes-users] VMs die when screen is locked for too long

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, Dec 28, 2016 at 09:54:08AM +, Fred wrote: > I've noticed this problem a few times now: > > If the screen is locked for too long (this problem doesn't seem to occur > if I unlock the screen a short time after the screen locking) when I >

Re: [qubes-users] Synaptic touchpad not working through usbVM

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, Dec 28, 2016 at 09:57:38AM +, Fred wrote: > Hi all, > > My touchpad doesn't work now that I've started using a usbVM. If I > attach a USB mouse I get a prompt asking me if I wish to allow it. For > the touchpad no prompt and it doesn't

[qubes-users] Fedora-23 Software only shows already installed apps

Hi, I can install packages from Debian-8 template VM Packages app just fine. But Fedora-23 template VM doesn't have any packages available in the Software app that I don't already have installed. The only Software Sources that show up in Fedora-23 template VM Software app is "Qubes OS

Re: [qubes-users] How to use bonjour (mDNS/DNS-SD) in a Qube?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, Dec 28, 2016 at 10:14:01AM +, Fred wrote: > > So I have iTunes in a Qube -- the best place for it IMHO ;-). > > I'd like to be able to use AirPlay. Since I'm not bridged and the > AirPlay protocol uses mDNS/DNS-SD I need a way for the

Re: [qubes-users] Re: Q3.2 installation issues - x not starting on XPS13 HVW8J

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Mon, Dec 26, 2016 at 12:59:52PM +0100, Niels ten Oever wrote: > On 12/24/2016 01:52 PM, Niels ten Oever wrote: > > Hello all, > > > > Merry christmas and thanks a lot for your awesome work on Qubes. I have > > been trying to install Qubes

Re: [qubes-users] RFC: adding qubes images to the (qubes) repo

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-12-28 11:11, john.david.r.smith wrote: >>> this may be a source of errors for some users, or even insecure >>> (mitm + exchanging the master signing key information on the >>> website + patching the downloaded image). >> >> I know what you

Re: [qubes-users] RFC: adding qubes images to the (qubes) repo

the problem is (as you wrote) 'supposed to be verified out-of-band'. for some less technical people, even verifying the signature is a huge step. i am a fan of providing easy accessible security and using already existing infrastructure. (in case of the dom0 repo, an ultimately trusted source).

Re: [qubes-users] RFC: adding qubes images to the (qubes) repo

>the problem is (as you wrote) 'supposed to be verified out-of-band'. >for some less technical people, even verifying the signature is a huge >step. >i am a fan of providing easy accessible security and using already >existing infrastructure. (in case of the dom0 repo, an ultimately >trusted

Re: [qubes-users] RFC: adding qubes images to the (qubes) repo

this may be a source of errors for some users, or even insecure (mitm + exchanging the master signing key information on the website + patching the downloaded image). I know what you mean, but it's worth remembering that the Qubes Master Signing Key fingerprint is supposed to be verified

Re: [qubes-users] Re: Split GPG: thunderbird+enigmail stopped cache password

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-12-28 06:41, 5qtbx9+9hwav8wa98xp4 via qubes-users wrote: >> In that case, there's no need to change the documentation, since >> it already works as described (i.e., without a key passphrase). > > Before the update was working fine with the

Re: [qubes-users] RFC: adding qubes images to the (qubes) repo

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-12-28 04:39, john.david.r.smith wrote: > currently when i have qubes and need a new image (e.g. to > reinstall/install on a new machine), i need to download the image > from qubes-os.org and then check the signature. > > this may be a

Re: [qubes-users] Problem copying something from the work VM to dom0

On 12/28/2016 11:35 AM, 5qvig7+72wbojzjmyk1fzj62f3msv2h6s8ffn8 via qubes-users wrote: Hello everyone; I'm trying to copy a file from my work VM to dom0, I followed the doc on this matter https://www.qubes-os.org/doc/copy-from-dom0/ So I used the following line, qvm-run --pass-io work 'cat

[qubes-users] Problem copying something from the work VM to dom0

Hello everyone; I'm trying to copy a file from my work VM to dom0, I followed the doc on this matter https://www.qubes-os.org/doc/copy-from-dom0/ So I used the following line, qvm-run --pass-io work 'cat /home/user/Downloads/theme.tar.gz' > /Downloads/theme.tar.gz However I get this error:

[qubes-users] Re: Split GPG: thunderbird+enigmail stopped cache password

In that case, there's no need to change the documentation, since it already works as described (i.e., without a key passphrase). Before the update was working fine with the password. Now the QUBES_GPG_AUTOACCEPT is no longer respect as one have to type in the password every single time. With

[qubes-users] RFC: adding qubes images to the (qubes) repo

currently when i have qubes and need a new image (e.g. to reinstall/install on a new machine), i need to download the image from qubes-os.org and then check the signature. this may be a source of errors for some users, or even insecure (mitm + exchanging the master signing key information on

Re: [qubes-users] How to use bonjour (mDNS/DNS-SD) in a Qube?

Oh forgot to add. I did try setting the NetVM for the Windows HVM to sys-net to no avail. Thought that might give a non-NAT'd direct connection. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving

[qubes-users] How to use bonjour (mDNS/DNS-SD) in a Qube?

So I have iTunes in a Qube -- the best place for it IMHO ;-). I'd like to be able to use AirPlay. Since I'm not bridged and the AirPlay protocol uses mDNS/DNS-SD I need a way for the multicast to work from a Qube without violating any of the Qubes careful network design. e.g. One idea is to

[qubes-users] Synaptic touchpad not working through usbVM

Hi all, My touchpad doesn't work now that I've started using a usbVM. If I attach a USB mouse I get a prompt asking me if I wish to allow it. For the touchpad no prompt and it doesn't work even if I set the RPC policy for InputMouse to allow. Thoughts? -- You received this message because you

[qubes-users] VMs die when screen is locked for too long

I've noticed this problem a few times now: If the screen is locked for too long (this problem doesn't seem to occur if I unlock the screen a short time after the screen locking) when I unlock the screen the VMs that were running are now in a yellow state. There is an error message about error