[qubes-users] Re: How to launch qubes AppVM without qubes os?

2017-02-19 Thread Arqwer
*By all files I mean those that were in /var/lib/qubes/appvms/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7704a959-c1bf-4c06-a07f-69786eff3e92%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] How to launch qubes AppVM without qubes os?

2017-02-19 Thread Arqwer
I have all files from one of my standalone Qubes 3.0 AppVM. There are some 
programs that I can't manage to run in my current Linux setup, but they were 
running fine in that Qubes AppVM. So I want to use that AppVM under ordinary 
Linux. How can I do that?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c0479860-9c92-44b0-973e-eed1c144a613%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Why should I verify digests, if I already checked PGP signatures?

2016-10-01 Thread Arqwer
Documentation says to check digests after I verified an .iso with gpg. Why? 
Doesn't correct PGP signature mean, that .iso is good and came from Qubes 
developers? 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/92324e9b-96a0-43b8-b73b-8bfadf14256c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: WTF with userbase counter? Is Qubes OS dying?

2016-09-04 Thread Arqwer
Hmm, I guess that last column does not represent any info at beginning of 
month. (I hope so.) I think it should not be shown, to prevent misunderstanding.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/2f6f5bd8-6a95-441d-aaf6-f737cf7c9906%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] WTF with userbase counter? Is Qubes OS dying?

2016-09-04 Thread Arqwer
Statistics page (https://www.qubes-os.org/counter/) shows that number of users 
have fallen from 15 000 to less then 4000. Is it just a bug in counter, or what 
is happening?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0853a44c-50ae-47e3-8972-ae45476468fb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Isn't it bad, that compromized vm can create any number of dispVMs?

2016-08-25 Thread Arqwer
Command 
qvm-run '$dispvm' xterm 
if called from an appVM will run xterm in a new dispVM. If attacker gained 
access to an appvm, he possibly can run script, that will create thousands of 
new dispVMs and freeze my computer. I don't like this. May be it's better to 
disable this functionality by default?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5e1cb9a7-1cf3-4c8e-9d6c-084e5377ba4e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Qubes default cryptsetup. How strong is it?

2016-06-21 Thread Arqwer


> Will Qubes Manager work fine if VMs will not be available at the boot time 
> or some time after that, before user will not mount container? 
>
 
Yes. I have R3.0, and some vm's are on secondaty, encrypted drive. I mount 
it using crontab like
@reboot /my/script/to/mount/encrypted/secondary/drive
I used this instruction  
to move appvms there. But I did it not in purpose of security, but just to 
have more disk space. I store the key to that drive in dom0.

How "quick" any of available super PCs (10,649,60 cores, 125,435. TFLOP/S 
> )  can find the password (e.g 8-16 chars) encrypted with Qubes default 
> settings cryptsetup? 
>

Encryption is the hardest part of chain. If the passphrase is long 
enough.If password is 16 random lowercase and uppercasr letters, then it 
is  52^16 combinations, it is about 10^27. If you can crack 100 Peta 
passwords/S, then it will take 10^(27-17) = 10^(10) seconds to brute the 
password, which is 316 years. (Really expectation is half of it, so 158 
years on average). Of course, if those letters are not "Password12345678". 

How can we improve security to prevent this? 


If 316 years is not enough, than you can add one more character, to make 
it  16 thousands of years!

Is it a good idea to install some 3th party software tat dom0 to make 
> crypto container to store some VMs and mount it before VM start? 


I don't think so. The more different tools you use, the more there are 
chances to use something wrong.

After all, there are much easier ways to get your data.  For example 
hardware backdoor called Intel ME.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8ddbccc9-8bf7-4626-8bcd-bf6d07824872%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Password management best practices for mid-grade tinfoil hats

2016-06-21 Thread Arqwer
> Or am I growing my tinfoil hat from mid-grade to high-grade? ;)

I think no. I store all passwords in KeePassX in vault vm, and it is very 
convenient, and all passwords are in the same place. Safe place. There is 
almost no overhead - only additional press of ctrl+shift+c, ctrl+shift+v 
which is nothing. I don't see any benefit in using multiple KeePassX in 
different VMs. 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/279a467a-e557-428e-9b1e-5a25a43a9fe3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] How to exclude qubes manager from autostart?

2016-06-21 Thread Arqwer
Hello.
In R3.0 qubes  manager automatically appears on each start up. How to 
disable it?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d0486201-380f-4a69-adce-303fe1bf6eb4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] How about creating a platform for sharing notes about Qubes OS usage and customization?

2016-06-17 Thread Arqwer
May be just a dedicated mailing list, or may be something better. Qubes OS 
customization is specific, because we don't want to harm security. I'd like 
to have a place, where I can share with others how I did XYZ in qubes, but 
I don't want to  distract everyone here.
It would be perfect, if that platform would have a rating system for posts, 
just like commandlinefu.com 
. May be we 
will find some simple hacks, that will make Qubes OS much more comfortable 
to use.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/069a0568-a355-4aae-9579-b88ed6e79f86%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] How much security will I sacrefy, if I dualboot without AEM?

2016-06-09 Thread Arqwer
Documentation says, that there is a possibility, that other OS will infect 
/boot. What if I completely rewrite my hdd during os change, like , boot 
from usb and do 
dd if=windows_image of=/dev/sda
to run windows, and
dd if=qubes_backup_image of=/dev/sda
to return back to Qubes?
What if I will use different drive for windows, and take away qubes hdd, 
while windows is on?
Documentation says that other OS can infect firmware, how common is this 
attack? Is it just a possibility, or we know for sure that NSA does that, 
or that ordinary hackers can do that, or maybe there are viruses that 
attack everyone and infect firmware? Is it expensive?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/eb488a3f-0198-492c-85ad-f4662459a775%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Does Qubes play well with Computer vision, and ML?

2016-06-01 Thread Arqwer
AFAIK you will need to gave 2 GPUs if you want to pass one to VM. On PC you 
can buy one more GPU, but on laptop that might be a problem. Some laptops 
have 2 GPUs: one discrete, and one inside a CPU. Still, on some laptops 
(MSI GT72 for example), there are 2 GPUs, but they can not run 
simultaneously, only one at a time, what makes GPU passthrough impossible.

Btw, I am studing ML and CV for two years, and still never faced a 
necessity of using GPU. (May be it's just me). If there would be a case, 
when I will need a GPU, I can walkaround this problem by buying Amazon's 
virtual server with gpu. 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/38565cfc-4593-4fd9-bdd8-6c4b96192326%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Some thoughts about improvements in backup ui

2016-05-29 Thread Arqwer
R3.0
1. After I open backup dialog, qubes manager fades out. It is 
uncomfortable: I might want to use it. For example, I selected which VMs 
i'm going to backup, and realized, that my external drive is not connected 
now. I want to use qubes manager to attach external drive, but it is 
unavailable. Or I want to shut down some VMs, or start VM to send backup 
there.

2. Backup process does not block me from turning on VM that is now in 
backup process. That makes no sense. If VM should be turned off during 
backup, I should not be able to turn it on. At least without  --force 
flags. 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/42aefe58-331c-498c-964f-dbc4d0d183b9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.