r sys-firewall, but you can assign it to a separate VM). The
reason is that dom0 uses rpm/dnf and Fedora template is needed to handle
it properly.
Also, Fedora template is currently required for building Qubes itself
and Qubes templates.
--
Chris Laprise, tas...@posteo.net
https://github.com/
technical, but I can write).
There was an effort like that years ago. The doc is here and you can
still suggest edits:
https://www.qubes-os.org/doc/security-guidelines/
But there are also a number of other security guides on the doc page:
https://www.qubes-os.org/doc
--
Chris Laprise, tas...@p
nt to see if any
service is running because I failed to disable it at install time, I can
find and disable it now? Is the debian way a bad idea?
I do like that the template with the necessary packages installed is
significantly smaller than the fedora (1.6gb vs 2.1gb).
--
Chris Laprise, tas...
ake 'sudo' work like a regular template, or you could do what I prefer
and tie sudo to a dom0 yes/no prompt:
https://www.qubes-os.org/doc/vm-sudo/#replacing-passwordless-root-access-with-dom0-user-prompt
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.co
NOT having also ']' would be a dom0 window. Another rule
could have the names of all your templates.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because y
se to persist on startup.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubs
hat "Backup Qubes" is the best way to backup and restore
multiple VMs, but I just want to move some files between multiple VMs
and an external device. I have read the documentation and searched the
list but feel like I'm missing something. Many thanks in advance.
--
Chris Lapris
On 2/2/20 3:20 AM, David Hobach wrote:
On 2/2/20 12:40 AM, Chris Laprise wrote:
On 2/1/20 4:12 PM, curiouscuri...@mailbox.org wrote:
To remain secure, must one use a different external storage devices
per VM / security domain? Can one use a single external storage
devices to store files from
e to update cloned
partitions, which will probably make it into a future release).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Gr
llation/1107295#1107295
Its rather complicated so I suggest re-installing instead.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
any
distinctions about things like 'guardian' components... Does a
crypto-based verification tool or something doing little more than toss
data blocks from one port to another deserve the same steep (even
hyperbolic) grade scale that, say, CUPS or something even more complex
and
val only takes out 2 other exim packages.
Bernhard should look into that; it would be great if this discussion
prompted the detection and removal of an actual malware.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3
a number of GUI problems for me.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To u
f the steps (you would download the config files
from the second link to use with this):
https://github.com/tasket/Qubes-vpn-support
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You rece
es into freshly created
VMs (e.g. after reinstalling Qubes).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users&qu
able to re-connect.
The Qubes-VPN-support tool sets a max openvpn timeout of 40 seconds; on
average it will re-connect in about 20 sec. after losing the old connection:
https://github.com/tasket/Qubes-vpn-support
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/tta
On 2/16/20 10:32 AM, A E wrote:
søn. 16. feb. 2020 kl. 16.18 skrev Chris Laprise <mailto:tas...@posteo.net>>:
On 2/15/20 10:20 AM, A E wrote:
> If it isn’t possible to change the settings of the screensaver that
> Qubes OS is actually using, then I would like to
kernel.
2. Install only the 'wireguard-tools' package (from testing) in Debian
10. Otherwise, there may be a conflict between the built-in and DKMS
modules.
3. Given the above, it may now be possible to skip using HVM mode
altogether.
--
Chris Laprise, tas...@posteo.net
https
to select KDE.
Select KDE
Log in.
Yes, that doc page should also mention something about choosing KDE or
removing XFCE. Now I remember I setup /etc/sddm.conf with the following
which takes me directly to KDE:
[Autologin]
User=user
Session=plasma.desktop
--
Chris Laprise, tas...@posteo.
above link has more info about Wyng's capabilities,
command line examples and the current beta testing status. If you have
questions, feel free to post here.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3
dom0:
sudo qubes-dom0-update --action="clean all"
Then re-run your template install:
sudo qubes-dom0-update qubes-template-debian-10
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
Manager-1:1.16.4-1.fc30.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
Nothing wrong there. 1.16 is a much later version than the minimum 1.4.2
listed in the doc.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2
-usb local storage (i.e. attach a sys-usb partition
to dom0, then in dom0 format/use it as a LUKS volume).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are
y threat model. Without a threat model, a general
checklist would be impossible to provide.
Yes. Although the security faq linked above and additional security
guides exist here:
https://www.qubes-os.org/doc/#security-guides
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https:/
I should have also linked this, which is a guide for devices:
https://www.qubes-os.org/doc/device-handling-security/#usb-security
Finally, reading the ITL blog from 2010 onward provides a lot of Qubes
insight:
https://blog.invisiblethings.org/
--
Chris Laprise, tas...@posteo.net
https
ket/wyng-backup/wiki/Making-incredibly-fast-LVM-backups-with-Wyng
The link to the general wiki is here:
https://github.com/tasket/wyng-backup/wiki
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
diting needed
2. Double-checks the firewall at startup
3. Improves the re-connection behavior of openvpn (doesn't wait very
long periods after a connection is lost)
What is the problem you were having?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/tt
ncredibly-fast-LVM-backups-with-Wyng
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To un
t-kernel) that isn't there at the moment. I'll
fix that. The tools work fine as it is.
Interesting...
As an aside, is there any work being done to enable Debian's default
AppArmor setting "out of the box"?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
htt
On 3/3/20 7:36 AM, tetrahe...@danwin1210.me wrote:
On Sun, Feb 16, 2020 at 10:50:55AM -0500, Chris Laprise wrote:
If the process seems too complicated, you can try my VPN support tool,
which automates most of the steps (you would download the config files
from the second link to use with this
A gist for extracting volumes with a shell script was just posted here:
https://gist.github.com/tasket/48b30124990e1c78c80c8716f819430a
Its about 80 lines.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106
point where its useful to everybody. But
that could change, maybe even this year.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Goo
pshot is changed, the system only needs to write
some new blocks in a different location and replace some pointers in the
snapshot's metadata to point to the new location. This all can save a
lot of time and disk space.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://t
ful to
ignore and integrated it into VM management functions.
You could use LVM thin pools with KVM, but IIRC you would have to
automate snapshot handling yourself or find an additional package to do
it (if such exists).
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitt
service that can flash a
known good/uncompromised firmware suite onto one of your machines, or
find a system vendor like Insurgo or NitroKey that sell re-flashed
systems and uses anti-interception measures (like tamper-evident
packaging and signatures) in addition to offering Qubes pre-installed.
On 2/25/20 3:02 PM, Chris Laprise wrote:
Hello Qubers,
'Wyng' is a backup program I've been working on for a while that can
quickly backup "thin LVM" storage, the kind Qubes uses by default:
Version v0.2beta5 has been released! It includes minor bug fixes an
On 3/5/20 1:45 PM, Mark Fernandes wrote:
On Thu, 5 Mar 2020 at 18:21, Chris Laprise <mailto:tas...@posteo.net>> wrote:
On 3/5/20 7:31 AM, Mark Fernandes wrote:
> I want to get a genuine copy of Qubos, from here in the UK
(United Kingdom).
>
> The onl
use to boot into Qubes from USB stick or DVD. Maybe you could use
it to try the storage pool technique without having to do an install.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received
commands,
and even then many settings like 'Memory' and 'Applications' are trivial.
Finally... It should be possible to write a recovery script for this
situation, which presents the user with a list of VMs to recover and
optionally allows you to recover the contents of /va
the
Qubes servers, so it can't be reinstalled as the same version.
When that happens, you can use '--action=upgrade' instead and it should
grab the latest available version.
https://www.qubes-os.org/doc/reinstall-template/
--
Chris Laprise, tas...@posteo.net
https:
On 3/23/20 10:13 AM, Peter Funk wrote:
Dear Chris,
Chris Laprise schrieb am Sonntag, den 22.03.2020 um 13:17:
...
The perceived "mess" is actually rather organized, and has nothing
to do with LVM thin pools.
...
I beg your pardon for stealing this discussion thread to ask a somewh
On 3/23/20 7:23 AM, Stumpy wrote:
On 2020-03-22 13:24, Chris Laprise wrote:
On 3/20/20 10:08 PM, Stumpy wrote:
I'm trying to reinstall the whonix ws template but while seems to
find it it then says there is no match?
[zack@dom0 ~]$ sudo qubes-dom0-update --action=reinstall
qubes-tem
Boot Start End Sectors Size Id Type
/dev/xvda1 2048 18946047 18944000 *9G* 83 Linux
/dev/xvda2 18946048 20969471 2023424 988M 82 Linux swap / Solaris
Have you tried the 'resize2fs' command?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://t
s-vpn-support was to automate the setup and improve the
connection handling of Openvpn so re-connection doesn't take 5 minutes.
It also checks the firewall to make sure leak prevention is in place
before initiating connections.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
http
On 3/29/20 5:16 AM, scurge1tl wrote:
Chris Laprise:
On 3/27/20 5:02 AM, scurge1tl wrote:
Hello all,
I would like to ask about proper setting of AppVM flow if using
Mullvad VPN. I would like to connect to the clearnet following way: Me
- -> Tor -> VPN -> clearnet.
When setting u
download
[nate@dom0 ~]$
You can ignore the warnings when removing.
To fix the above, use 'qubes-template-whonix-ws-15' for the package name.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 18
.
To see a more detailed log you should use 'journalctl -u qubes-vpn-handler'.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to th
an attack succeeds with a privilege escalation, then the
whole OS in the standalone may be compromised permanently. OTOH, an
appVM's OS would bounce back to a good state when restarting it.
Also, after some time standalone VMs will use more disk space when you
have multiple instances.
--
Ch
On 4/9/20 3:34 AM, taran1s wrote:
Chris Laprise:
On 4/8/20 6:25 AM, taran1s wrote:
I try to set the VPN in my laest qubes with your guide on
https://github.com/tasket/Qubes-vpn-support. I use the version
1.4.3. and followed the guide.
My setting from mullvad is UDP (default) for Linux. No
M in the
first place, to enforce network containment as strongly as possible.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Gr
grated graphics. "Discrete
graphics" usually means Nvidia, which is poorly supported in open source
operating systems.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received thi
of the
security benefit you just described. Perhaps I ought to clone Debian 10
Template, install what I want, and then make an AppVM based on that?
That's reasonable and I think its what Qubes users do in most situations.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https:/
e traffic initiated
from inside the VPN VM is permitted (note this is how the Qubes vpn doc
now does it as well, with Marek's approval).
This doesn't affect the fail-safes for traffic initiated from either
side of the VPN VM (e.g. nothing can go 'around' the VPN link)
ns error: --ca fails
with 'mull>
Apr 15 12:22:12 ovpn qubes-vpn-setup[788]: Options error: Please correct
these >
Hmmm. Its not showing the full "Options error" lines. Try redirecting
the output to a text file instead:
sudo journalctl -u qubes-vpn-handler >log.txt
--
On 4/17/20 7:12 AM, taran1s wrote:
Chris Laprise:
On 4/15/20 6:35 AM, taran1s wrote:
In the point 3 of https://github.com/tasket/Qubes-vpn-support/ guide
there is the cd Qubes-vpn-support command as the first one. This assumes
that the file is unzipped already, right? So I unzip it in the
d
'privacy.firstparty.isolate' set to True, 'privacy.resistFingerprinting'
set to True, in addition to using the User-Agent Switcher extension. I
think these are a good idea whether or not you use a tunnel or proxy.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.
On 4/11/20 3:10 PM, Sven Semmler wrote:
On Sat, Apr 11, 2020 at 02:48:17PM -0400, Chris Laprise wrote:
I've never had a problem with KDE in dom0 as long as the display manager is
switched to sddm and BIOS is set to integrated graphics. "Discrete graphics"
usually means Nvidia,
On 4/20/20 8:12 AM, taran1s wrote:
Chris Laprise:
On 4/17/20 7:12 AM, taran1s wrote:
Chris Laprise:
On 4/15/20 6:35 AM, taran1s wrote:
In the point 3 of https://github.com/tasket/Qubes-vpn-support/ guide
there is the cd Qubes-vpn-support command as the first one. This
assumes
that the
On 4/20/20 9:31 AM, taran1s wrote:
Chris Laprise:
On 4/20/20 8:12 AM, taran1s wrote:
Chris Laprise:
On 4/17/20 7:12 AM, taran1s wrote:
Chris Laprise:
On 4/15/20 6:35 AM, taran1s wrote:
In the point 3 of https://github.com/tasket/Qubes-vpn-support/ guide
there is the cd Qubes-vpn
On 4/20/20 3:01 PM, taran1s wrote:
Chris Laprise:
You'll need to put the files in the vpn directory, not a subdirectory
like "mullvad_config_linux".
Is there any particular comand, instead of unzip, to not create the
sub-directory but unzip it in the vpn directory di
On 4/21/20 7:03 AM, taran1s wrote:
Chris Laprise:
The 'No such file' error is the one to correct. As I said earlier, you
will need to move the files out of the "mullvad_config_linux"
subdirectory into the vpn dir. It can't find the .crt file because its
in the subdire
g sudo cp any_country_I_need.ovpn
vpn-client.conf right?
Yes, that will work. To change without restarting the VPN VM, you can do:
sudo service qubes-vpn-handler stop
sudo cp some_location.ovpn vpn-client.conf
sudo service qubes-vpn-handler start
--
Chris Laprise, tas...@posteo.net
https://g
ork that the remote service sees.
I have no idea if Whonix will let you do this.
This should work for most VPNs, as Patrick and I and others have tested
it (though I haven't tested Whonix specifically with Mullvad). The only
constraint is that the VPN use TCP instead of UDP.
--
Chris L
e do not think like Journalists of Human Rights Workers,
nor vice versa.
Perhaps not, but very likely we are trainable.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this mess
s
that purpose well in my view. It'll likely not be a gaming box, a
screaming video or CAD rendering beast or even support bleeding-edge
hardware.
Qubes is a serious tool in the very serious and uncompromising world
where the bar for what is considered dangerous information is lowered on
On 7/7/20 9:57 AM, Andrew David Wong wrote:
Only Intel systems are affected. AMD systems are not affected.
Per usual!
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this
experience, at least on all the Qubes-related fronts. I very much get
the attraction of OS X, but in 2020 the only real appeal of Mac hardware
is the exterior design and 16:10 screen. OTOH, a business model from HP,
Lenovo or Dell should net you the best Qubes compatibility and you can
get a to
y.
Finally, there is a VPN tool and one to enhance VM internal security.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
&quo
On 8/3/20 4:11 AM, fiftyfourthparal...@gmail.com wrote:
On Sunday, 2 August 2020 22:42:31 UTC+8, Chris Laprise wrote:
You can check out my github for some interesting stuff. The
'Qubes-scripts' project has a (serial) template updater that lets you
select by certain cr
elay execution. Or you
could even try adding the .desktop file to /home using rc.local.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed
On 8/3/20 10:18 AM, fiftyfourthparal...@gmail.com wrote:
On Monday, 3 August 2020 18:36:28 UTC+8, Chris Laprise wrote:
'curl' would only be used in a Whonix template. This is to signal
Qubes'
proxy to start the Tor-based updateVM as soon as possible. It should
not
to install 'kernel-latest-qubes-vm' from dom0 to get a
5.x kernel for VMs (the 5.x kernels have wg module included), then
install the wireguard-tools package without dependencies in your template.
I'll be switching to wireguard in the next few weeks so I'll be updating
the
trating to
describe and use.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubs
On 8/5/20 7:40 AM, Chris Laprise wrote:
On 8/5/20 3:46 AM, anneeyr...@gmail.com wrote:
Can I just delete the firewall-vm and the net-vm and create new ones
afterwards and shall I just create them in the same way when creating
new app-vm’s or standalone-vm’s or how shall I create them when I
ten, I just don't see anything / the framebuffer isn't passed
from Xen to dom0.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subsc
On 8/5/20 7:56 AM, Chris Laprise wrote:
On 8/5/20 6:54 AM, Dylanger Daly wrote:
On Wednesday, August 5, 2020 at 4:04:32 PM UTC+10 dylang...@gmail.com
wrote:
When trying to install Qubes 4.0.3 or 4.1 (Test ISO) into a Ryzen
4750U based laptop, I see xen output, it relinquishes vga to
combination of normal security and Qubes security should yield
extra benefits, which I think Qubes-VM-hardening does.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message
s a sizable hole in Qubes security. The best advice I can give
is to avoid using Fedora templates and pay attention to Qubes Security
Bulletins when they mention which dom0 components will be updated (and
pay close attention when running qubes-dom0-update to look for the
mentioned components)
h their own versions;
they have to manipulate the metadata to hold back packages from
receiving updates.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you a
On 8/6/20 12:23 PM, fiftyfourthparal...@gmail.com wrote:
On Friday, 7 August 2020 00:13:52 UTC+8, Chris Laprise wrote:
IIRC that setting refers to checking packages, not the repomd.xml
files.
That's why an attacker can't replace packages with their own versions;
th
m thinking of here is when an
attacker tries to MiTM while having the cooperation of the certificate
authority.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message be
wonder if
Qubes devs would agree to a standard format going forward to make it
easier + reliable.
A concern: I've noticed that a lot of Qubes mirrors are often offline.
Would this create vulnerabilities?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.c
uilder to confidently upgrade either Linux or Xen. I did make a
sloppy attempt with ISO Master to replace the Qubes 4.0.3 installer ISO
kernel with the Ubuntu 5.8.0 kernel but due to my ignorance about the
format I couldn't get it to initiate the boot process.
--
Chris Laprise, tas...@pos
open to replace Fedora in dom0 with
something else.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users&qu
e best option seems to be Debian template, install KDE with
'tasksel' command, then run 'systemsettings5' to select the KDE theme or
color scheme.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4
ginal Message-
From: qubes-users@googlegroups.com On Behalf Of
Chris Laprise
Sent: Monday, August 10, 2020 9:18 AM
To: qubes-users@googlegroups.com
Subject: Re: [qubes-users] Why Fedora?
This email originated from outside the organization
On 8/10/20 12:05 PM, Toptin wrote:
Dear Qubes Users,
On 8/10/20 5:22 PM, Toptin wrote:
Chris Laprise:
On 8/10/20 12:30 PM, Toptin wrote:
Jeff Kayser:
Here is one reason to use Fedora.
https://www.fossmint.com/which-linux-distribution-does-linus-torvalds-use/
Ah, see... Mr Torvalds is your God. That isn't a reason at all. But
thanks yo
;IntelME in software' environment.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To u
be carried out
with javascript from websites.
OTOH, a state actor wishing to attack a Qubes system might have better
luck with the RPM MITM against Fedora that we discussed in another thread.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2
'm not liking this new Google Groups look
On Friday, 14 August 2020 at 00:06:42 UTC+8 Chris Laprise wrote:
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you
here is no network available and I'm not sure
what to do here.
The PV VMs also do not start cleanly from qvm-run and apps only run in
the VMs when the VM is already running.
I'm looking for pointers on getting networking running and for general
overall smooth operation...
-
x27;d have something committed by now?
On Monday, August 10, 2020 at 8:21:05 PM UTC+10 Chris Laprise wrote:
I've experimented a bit with Ubuntu and some different kernels. I was
not able to get 5.7.0 kernel graphics to work at all (not even
vga/framebuffer), while 5.8.0 and 5.8.1 work bea
r. I tried with BIOS and also with one of the EFI options.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qu
tity.
This doesn't affect list subscribers much, as we can read messages in
our email clients. But Google knows the many 'casual' list users who are
not subscribed are not 'casual' users of the entire web, and they are
likely to sign in just to get at a handful of
is takes months or forever. My short list is:
1. Secure copy+paste
2. Auto snap-back (like read-only) for guest root
3. Isolated NICs via passthrough
4. Split GPG
Probably a good place to get tips for these would be Whonix forum, since
they also use non-Qubes virtualization.
--
Chris Laprise,
a different view; it will show the
VGA section with a line 'configuration: driver=' if
its working or the 'driver' part will be absent if its not working.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 7
On 8/20/20 12:29 AM, 54th Parallel wrote:
On Thursday, 20 August 2020 at 06:58:35 UTC+8 Chris Laprise wrote:
Not an issue with dom0 KDE here. But I did have this problem with
k/ubuntu on my new AMD Ryzen Thinkpad... graphics driver was not
working
and defaulted to a non
g the
current VM name exist. Its a good way to specialize appVMs without
creating new templates.
Should also mention that snaps and flatpaks may be a better fit for
adding apps at boot-time, since there is a chance you can do it quicker
using little more than 'mv'.
--
Chris Laprise, ta
Any advice will be greatly appreciated.
There was some discussion about that I think in the above thread. IIRC
altering a 4.0 iso was a manageable task but using above Xen version
with it appeared unlikely... while altering a 4.1 iso seems much harder.
I think I just finished building my firs
23:19, Chris Laprise wrote: > > On 9/17/20 5:00 PM, Ondřej Fiala wrote: > > Hello, > > > > first a little bit of background: I am trying to install Qubes 4.0.3 on a system with Ryzen 3600
& GTX1650. After some tweaks, I have managed to get it to display the boot menu. How
801 - 900 of 1261 matches
Mail list logo