[qubes-users] Re: Printer recommendation / scanner implications?

On Thu, Oct 14, 2021 at 3:11 PM Jean-Philippe Ouellet wrote: > As for firmware security: I assume all printers are probably > vulnerable (and/or backdoored?) beyond any hope of being reasonable, > and would like to put a simple trusted device in front to force all > incoming data t

[qubes-users] Printer recommendation / scanner implications?

Hi, I figure someone on this list might have done some research from a perspective sharing similar goals. Does anyone have a recommendation for a reasonable printer? My rough objectives are as follows: 1. "Well-supported by linux." In practice I imagine this means speaking standard protocols,

[qubes-users] Excessive swapping & non-optimal qmemman heuristics

Hey all, Am I the only one who seems to have noticed chrome reaching max mem & swapping way more often than used to happen in the past? Some of my workflows result in having a bunch of tabs (not even _that_ many, maybe 20-30+) open in DispVMs. Unfortunately, this reaches the 4gb max pretty

Re: [qubes-users] Any virtualizer / emulator working in Qubes OS?

Currently: anything that doesn't require nested virt, meaning anything that actually emulates instead of trying to use vmx (via kvm, etc.). Examples include qemu using its tcg backend instead of kvm, and bochs. On Thu, Sep 19, 2019 at 11:58 AM Patrick Schleizer wrote: > > Is there any

[qubes-users] Portable external laptop monitors?

Hello, I'm curious if anyone has tried using any portable eternal laptop monitors in Qubes, like the DisplayLink-powered USB ones? Some examples of the kind of monitors I'm talking about: - ASUS MB169B+ -- https://www.asus.com/uk/Monitors/MB169BPlus/ - ASUS ZenScreen MB16AC --

Re: [qubes-users] HCL - 20HRCTO1WW Lenovo Thinkpad X1 Carbon

On Wed, Jan 23, 2019 at 11:45 PM Berne Campbell wrote: > > Lenovo Thinkpad X1 Carbon 20HRCTO1WW > > I had to disable secure-boot to boot of USB stick for installation (Used > Rufus in Windows in DD mode, MBR partition scheme). Perhaps a signed shim > could be used to ease installation. > >

[qubes-users] Lenovo BIOS update hashes (was: HCL - Lenovo Thinkpad X1 Carbon 4th gen (20FB))

On Tue, Apr 4, 2017 at 3:40 AM Jean-Philippe Ouellet wrote: > The latest BIOS hashes I observe are: > $ sha256sum n1*17* > 4b5488be128d9c022cd4924476d48e38dd55c38809db0f3a6c06f1a2d2ad0217 n1fuj17w.exe > 918c836905db7709433b4dc03eddcbb04ccb8773f31f5b22b5b92388b56a3002

Re: [qubes-users] How to use sudo/nm-applet in qubes 4.0 in fedora-2X-minimal

On Mon, May 28, 2018 at 7:04 AM wrote: > > I installed qubes-template-fedora-26-minimal, upgraded it to release version > 28 (paid attention to the python2-xcffib bug) and cloned it to make a > network-"for-all-things-networking"-VM-only template. > > So far, as written in qubes

Re: [qubes-users] Re: QSB #43: L1 Terminal Fault speculative side channel (XSA-273)

On Thu, Sep 6, 2018 at 8:28 AM, 'awokd' via qubes-users wrote: > On Tue, September 4, 2018 2:05 am, pixel fairy wrote: >> On Monday, September 3, 2018 at 1:21:27 AM UTC-7, Marek >> Marczykowski-Górecki wrote: >> >>> On Mon, Sep 03, 2018 at 01:46:11AM -0500, Andrew David Wong wrote: >>> On

Re: [qubes-users] Re: Unable to reset PCI device 0000:02.00.0

On Tue, Sep 4, 2018 at 9:17 PM, Patrick wrote: > On Sunday, September 2, 2018 at 3:34:34 PM UTC-4, Jean-Philippe Ouellet wrote: >> On Sun, Sep 2, 2018 at 10:12 AM, Patrick Bouldin >> wrote: >> > On Sunday, September 2, 2018 at 10:10:55 AM UTC-4, Patrick Bouldin wrot

Re: [qubes-users] Re: Unable to reset PCI device 0000:02.00.0

On Sun, Sep 2, 2018 at 10:12 AM, Patrick Bouldin wrote: > On Sunday, September 2, 2018 at 10:10:55 AM UTC-4, Patrick Bouldin wrote: >> Qubes 4.0 Error - "Start failed: Requested operation is not valid: PCI >> device :02:00.0 is in use by driver xenlight, domain sys-usb >> >> I don't know how

Re: [qubes-users] OpenSSD

On Sat, Aug 25, 2018 at 6:48 PM, wrote: > Anyone using OpenSSD in their laptops? I'm not aware of any traditional 2.5" SSD form-factor hardware from the OpenSSD project. AFAIK all they've produced are large boards suitable for research in the SSD space. Interesting research project, but it

Re: [qubes-users] Qubes 4.0 SSD Encryption

On Sat, Aug 25, 2018 at 3:41 PM, taii...@gmx.com wrote: > On 08/24/2018 11:44 AM, brendan.h...@gmail.com wrote: >> >> And if your OPAL drive is backdoored by the manufacturer for a government, >> your drive is backdoored whether you're using OPAL or not and depending on >> what you wanted > to

Re: [qubes-users] Shredding VM images

On Mon, Aug 20, 2018 at 6:06 PM, Steve Coleman wrote: > On 08/20/18 12:49, Chris Laprise wrote: >> >> On 08/20/2018 11:34 AM, tierl...@gmail.com wrote: >>> >>> What's the most convenient way to wipe these images? (I'm just talking >>> about individual VM images) >> >> >> To clarify on your first

Re: [qubes-users] X470 and IOMMU Groups...

On Wed, Aug 8, 2018 at 1:30 PM, <3mp...@gmail.com> wrote: > Hi everyone, > > actually I'm a happy Qubes 3.2 user on Intel platform for more than a year > now ! > > I'm looking to upgrade my actual Skylake build with an AMD one with the new > Ryzen Pinnacle Ridge CPU (R7 2700) and installing

[qubes-users] gpg --recv currently broken in debian-9 templates (w/ workaround)

Magic strings for people searching the archives to be able to find this: $ gpg --keyserver ... --recv 0x... gpg: keyserver receive failed: Connection refused or $ gpg --keyserver ... --recv 0x... gpg: keyserver receive failed: No keyserver available The problem is with dirmngr (a

Re: [qubes-users] Problem with Qubes4 rc4 -- "GLX is not supported."

On Thu, Feb 8, 2018 at 8:42 AM, donoban wrote: > On 02/06/2018 04:02 PM, billol...@gmail.com wrote: >> I've installed Qubes 4 rc4 on an external hard drive. It works >> pretty well. However, I tried to run a game "FreeOrion" and >> received the following error using the

Re: [qubes-users] How to get to command line for dom0?

On Sat, Jan 20, 2018 at 3:46 PM, Kyle Breneman wrote: > I am trying to follow these steps to upgrade from Fedora 23 to Fedora 24 > (and then from 24 to 26), but I got stuck right away because I cannot figure > out how to get to a command line window for dom0. Can someone

Re: [qubes-users] Moving dom0 screenshots immediately to VMs

On Sat, Jan 20, 2018 at 4:51 AM, Alex Dubois <bowa...@gmail.com> wrote: > On Saturday, 20 January 2018 06:21:36 UTC, Jean-Philippe Ouellet wrote: >> On Fri, Jan 19, 2018 at 3:55 AM, <wordswithn...@gmail.com> wrote: >> > I've been working on a solution for this, b

Re: [qubes-users] Re: QSB #37: Information leaks due to processor speculative execution bugs (XSA-254, Meltdown & Sepctre)

On Thu, Jan 18, 2018 at 3:49 PM, Vít Šesták wrote: > On Thursday, January 18, 2018 at 7:00:42 PM UTC+1, Nik H wrote: >> On Jan 16, 2018, at 2:56 AM, Vít Šesták <…@v6ak.com> wrote: >> > >> > * If an application does not mitigate

Re: [qubes-users] Moving dom0 screenshots immediately to VMs

On Fri, Jan 19, 2018 at 3:55 AM, wrote: > I've been working on a solution for this, but unfortunately there are too > many factors that I'm not familiar with. > > My goal is to to able to: > > 1) Take a screenshot using the dom0 hotkey > 2) In the "Screenshot" dialogue,

Re: [qubes-users] Xfce launcher loses dom0 entries

On Thu, Nov 9, 2017 at 4:20 PM, Chris Laprise wrote: > On Qubes R4-rc2, after reinstalling a template I noticed that only my > guest-vm entries remained in the Xfce launcher menu. > > How do I get the dom0 items back? For archive searchers: sudo qubes-dom0-update

Re: [qubes-users] Boot QUBES with kexec

On Sun, Dec 10, 2017 at 12:19 PM, Robert Walz wrote: > On Sun, Dec 10, 2017 at 5:35 PM, Holger Levsen > wrote: >> >> On Sun, Dec 10, 2017 at 03:05:11PM +0100, Robert Walz wrote: >> > Does anybody know how to kexec the xen hypervisor? >> >>

Re: [qubes-users] Where is ability to backup and restore backups on 4?

On Thu, Dec 7, 2017 at 12:22 PM, 'Tom Zander' via qubes-users <qubes-users@googlegroups.com> wrote: > On Thursday, 7 December 2017 17:38:15 CET Jean-Philippe Ouellet wrote: >> Remember that the "R4" you're speaking of is still just a release >> candidate - it is *no

Re: [qubes-users] Where is ability to backup and restore backups on 4?

On Thu, Dec 7, 2017 at 11:59 AM, Bernhard wrote: > On 12/07/2017 03:37 PM, Zrubi wrote: >> On 12/07/2017 03:04 PM, r...@tuta.io wrote: >> > Dont tell me the geniuses behind this thought it was more >> > streamlined to remove the feature and make it only command >> > line >> >>

Re: [qubes-users] Where is ability to backup and restore backups on 4?

On Thu, Dec 7, 2017 at 9:04 AM, wrote: > Dont tell me the geniuses behind this thought it was more streamlined to > remove the feature and make it only command line On Thu, Dec 7, 2017 at 9:45 AM, wrote: > Lmao wow... usually developer's try to progress

Re: [qubes-users] Hibernate Lenovo X1

On Sun, Dec 3, 2017 at 5:36 PM, beso wrote: > "systemctl hibernate: > Failed to execute operation. Sleep verb not supported." > > How to solve this issue? Xen does not support hibernating, therefore Qubes does not either. Use suspend instead of hibernate. -- You received

Re: [qubes-users] USB Keyboard thoughts...

On Fri, Dec 1, 2017 at 1:10 PM, Matty South wrote: > I love the Qubes project! I've been thinking of ways to improve the security > when it comes to USB Keyboards. > > I'm sure a lot of us who use Qubes as our day-to-day OS have a nice keyboard > attached to the system.

[qubes-users] Qubes workstation / gaming desktop thread (November 2017)

On Thu, Nov 23, 2017 at 12:01 AM, taii...@gmx.com wrote: > You can make a libre firmware workstation that can play the latest games in > a VM for $500 total. Bullshit! ;) I really want you to be right, but I'm having trouble seeing how, so I want you to prove it! If you can

Re: [qubes-users] Possible privacy concerns with Qubes 4 and the transition away from paravirtualization?

On Mon, Nov 20, 2017 at 6:04 PM, taii...@gmx.com <taii...@gmx.com> wrote: > On 11/20/2017 04:36 AM, Jean-Philippe Ouellet wrote: > >> That statement is demonstrably false. For example, we don't filter >> CPUID vendor IDs in either mode. > > How come? See discussion

Re: [qubes-users] Possible privacy concerns with Qubes 4 and the transition away from paravirtualization?

On Mon, Nov 20, 2017 at 5:59 PM, taii...@gmx.com wrote: > On 11/19/2017 07:17 PM, riggedegg...@gmail.com wrote: > > Does this hold any water? Does the switch from paravirtualization to > HVM/SLAT degrade privacy by allowing easier hardware fingerprinting? > > It holds no water. >

Re: [qubes-users] Possible privacy concerns with Qubes 4 and the transition away from paravirtualization?

On Sun, Nov 19, 2017 at 7:17 PM, wrote: > Here's one such comment, taken from an r/privacy Reddit thread. > > "[...]paravirtualization makes hardware profiling impossible unless an > exploit is found to defeat it." That statement is demonstrably false. For example, we

[qubes-users] Migrating data from R3 to R4 without making a backup

Hello, I've written a script [1] to import VMs directly from a Qubes R3 hard drive into a Qubes R4 machine without needing to make a backup first. I would definitely recommend making a full backup on R3 and restore on R4 instead of using this. I just figured I'd share in case anybody else is

Re: [qubes-users] Re: Qubes Canary #13

On Fri, Nov 17, 2017 at 2:47 PM, wrote: > On Friday, September 29, 2017 at 6:31:15 PM UTC-7, Andrew David Wong wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA512 >> >> Dear Qubes community, >> >> On 2017-09-12, we published Qubes Canary #13. The text of this canary

Re: [qubes-users] build usb-vm and net-vm using openbsd?

On Wed, Nov 8, 2017 at 3:37 PM, ludwig jaffe wrote: > Hi, I saw that the linux kernel has some flaws > (http://www.openwall.com/lists/oss-security/2017/11/06/8) in the usb stack, > so I am > thinking about security against common errors, I would suggest to use > OpenBSD

Re: [qubes-users] Re: Question to Mirage OS firewall users

On Wed, Nov 8, 2017 at 3:09 PM, wrote: > On Thursday, April 13, 2017 at 1:33:53 PM UTC+1, Thomas Leonard wrote: >> On Thursday, April 13, 2017 at 11:08:11 AM UTC+1, Foppe de Haan wrote: >> > On Thursday, April 13, 2017 at 10:00:20 AM UTC+2, Thomas Leonard wrote: >> > >

Re: [qubes-users] Re: [qubes-devel] Qubes R3.2 - Severe graphics issues/glitches ? (HCL Report included)

On Fri, Nov 3, 2017 at 1:18 PM, 'Marek Jenkins' via qubes-users wrote: > >> > Hi Jean-Philippe, >> > >> > thanks for your advice. >> > >> > I have read the docs over here regarding kernel updates: >> > https://www.qubes-os.org/doc/software-update-dom0/ >> > >> > So

[qubes-users] Re: [qubes-devel] Qubes R3.2 - Severe graphics issues/glitches ? (HCL Report included)

Moving discussion from qubes-devel to qubes-users: On Thu, Nov 2, 2017 at 3:47 PM, 'Marek Jenkins' via qubes-devel <qubes-de...@googlegroups.com> wrote: > On Thursday, November 2, 2017 at 7:03:12 PM UTC+1, Jean-Philippe Ouellet > wrote: >> >> On Thu, Nov 2, 2017 at 1:13

Re: [qubes-users] Question about qubes s hypervisor

On Thu, Oct 19, 2017 at 1:25 AM, blacklight wrote: > We all know well why xen was chosen as the hypervisor for qubes instead of > kvm, since this has been stated in multiple places by the devs. But i wonder > how feasable it would be to use bhyve as a hypervisor for

Re: [qubes-users] How to avoid hostname leaks when using MAC randomization in debian-9

On Wed, Aug 23, 2017 at 11:25 AM, 'Brotherfill' via qubes-users wrote: > Hi, > To avoid hostname leaks I add # at the beginning of line 'send > host-name=gethostname' in /etc/dhcp/dhclient.conf > Do you suggest to use this method or to set a static ip? AFAIK the

Re: [qubes-users] sys-usb and usb read-only

On Fri, Aug 11, 2017 at 4:41 AM, Nicolas Mojon wrote: > Hi, > > I would like to know if on the new 4.0 it is possible to lock down data in a > VM like that nothing can go out of the VM (like no internet or copypaste > through dom0). I would like to make that specially

Re: [qubes-users] UEFI secureboot issue

On Tue, Aug 1, 2017 at 7:50 PM, cooloutac wrote: > Qubes doesn't support secure boot unfortunately. I think its batshit crazy > to consider a pc even reasonably secure without it. Secure boot in reality is quite far from the boot chain panacea its name may suggest. If you

Re: [qubes-users] Re: Qubes OS 4.0 first release candidate (rc1) has been released!

On Tue, Aug 1, 2017 at 7:46 PM, cooloutac wrote: > am I reading this right? There is no qubes-manager in 4.0? Does that mean > everything must be done in a terminal? Tell me I read that wrong lol. tl;dr - https://github.com/QubesOS/qubes-issues/issues/2132 -- You

Re: [qubes-users] Qubes OS 4.0 first release candidate (rc1) has been released!

On Tue, Aug 1, 2017 at 7:02 AM, Rusty Bird wrote: > Zrubi: >> So I would really appreciate some statement if Qubes will really drop >> KDE support. I can accept that, but then I not waste my time trying to >> make it work. Instead focusing to fix the XFCE issues I have

Re: [qubes-users] Bootloader not installed on USB

On Fri, Jul 28, 2017 at 6:48 AM, Nero wrote: > I'm installing Qubes on Macbook Air. > I partitioned (EFI, Macos journalled) my SSD but Qubes installer do not see > any partitions on SSD but see my 32GB USB stick. > 1. Why I can not install on SSD? > > Ok, trying to install on

Re: [qubes-users] Seeking moderators for unofficial Qubes IRC channels on Freenode and OFTC

On Thu, Jul 27, 2017 at 5:22 PM, Franz <169...@gmail.com> wrote: > > > On Thu, Jul 27, 2017 at 4:13 PM, cooloutac wrote: >> >> On Friday, July 21, 2017 at 12:26:35 PM UTC-4, PR wrote: >> > Hello >> > >> > >> > >> > Am 21.07.2017 9:39 vorm. schrieb "Noor Christensen" >> >

Re: [qubes-users] Printing and scanning with Qubes - a love story

On Thu, Jul 20, 2017 at 12:32 PM, js...@riseup.net <js...@riseup.net> wrote: > Jean-Philippe Ouellet: >> On Qubes, it's a completely different story. First, I pass my USB >> printer or scanner through to a DispVM. To print, I just copy the file >> to the DispVM, open

[qubes-users] Printing and scanning with Qubes - a love story

Hello fellow Qubesers, Qubes continues to make me feel all warm and fuzzy inside, and makes me want to share it with the world. I've been quite busy with real-world things recently and had to use several different printers & scanners. Prior experience has conditioned me to expect frustration, or

Re: [qubes-users] Qubes Community Event in Cologne, Germany on July 15th

On Mon, Jun 26, 2017 at 9:10 AM, Robert Mittendorf wrote: > Hello fellow Qubes users, > > the "Kölner Kreis", a group of regulars that are interested in IT-Security > and IT-Forensics, will organize a "Qubes Community Event" in Cologne on July > 15th 10.00 - 16.00. > >

Re: [qubes-users] Long-time Beta Users, do you wipe or upgrade?

On Thu, Jun 22, 2017 at 11:21 AM, Eric Duncan wrote: > Currently running Qubes 3.2 on one machine. Have a need to install it on > another. > > To all of you long-term beta users of 3.x and now 4.x... > > 1a) Are upgrades simple to RTM versions of Qubes? > > Or 1b) Do you

Re: [qubes-users] Re: Best Laptop For Qubes

As for Purism, I have my gripes too, but at the end of the day I think their existence provides a net-positive benefit to the community and commodity hardware landscape. Personally, I think Purism's marketing is perhaps a bit... overoptimistic to a technical audience? And I do think they

Re: [qubes-users] Best Laptop For Qubes

On Mon, Jun 26, 2017 at 3:50 PM, wrote: > I know this question has been asked many times but there is still no > definitive answer. The Purism laptops do not have TPM support and in the HCL > list there is not a machine that ticks every box without issues. What >

Re: [qubes-users] Where to bulk-download mailing list archives?

On Mon, Nov 14, 2016 at 3:48 PM, Marek Marczykowski-Górecki <marma...@invisiblethingslab.com> wrote: > On Mon, Nov 14, 2016 at 01:21:29AM -0500, Jean-Philippe Ouellet wrote: >> Does anyone know of a convenient place to grab the complete archives >> of this list?

Re: [qubes-users] ERROR: Cannot execute qrexec-daemon! after completely new installation of QUBES R3.2

On Thu, May 25, 2017 at 4:46 AM, Jean-Philippe Ouellet <j...@vt.edu> wrote: > On Wed, May 24, 2017 at 6:45 AM, frigge <m...@sfricke.com> wrote: >> Hi qubes-users, >> >> I installed a completely fresh installtion of QUBES R3.2 on a Lenovo v570 >> notebook

Re: [qubes-users] ERROR: Cannot execute qrexec-daemon! after completely new installation of QUBES R3.2

On Wed, May 24, 2017 at 6:45 AM, frigge wrote: > Hi qubes-users, > > I installed a completely fresh installtion of QUBES R3.2 on a Lenovo v570 > notebook and if I try to start any VM, I receive the following error: > > $ qvm-star sys-net > --> Creating volatile image:

Re: [qubes-users] Re: Can't rename appvm?

On Sun, May 21, 2017 at 4:41 PM, Gaiko wrote: > On Friday, May 19, 2017 at 9:35:26 PM UTC-4, cooloutac wrote: >> On Friday, May 19, 2017 at 2:48:03 PM UTC-4, Gaiko wrote: >> > I tried to rename my anon-whonix appvm through the qubes-manager, right >> > click, vm

Re: [qubes-users] HCL

FWIW, considering the trade-off between marginally improved performance and hardware support, I've had better overall experiences with hardware that's 1-2 years old. - Just some random guy on the internet's personal opinion... -- You received this message because you are subscribed to the

Re: [qubes-users] Re: start application on startup

On Sun, May 21, 2017 at 4:49 AM, wrote: > On Sunday, May 21, 2017 at 4:47:19 AM UTC+10, aforete wrote: >> Am I doing something wrong here? is there any other way to start >> applications once a vm starts? > > Yes, you can do the following in your AppVM: > > 1) make the

Re: [qubes-users] Split SSH

Cross referencing for better archives: https://github.com/QubesOS/qubes-issues/issues/1962#issuecomment-296310537 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: [qubes-users] CLI: How to read out the currently set base image for disposable VMs?

On Sat, May 20, 2017 at 4:10 PM, Unman wrote: > On Sat, May 20, 2017 at 09:28:48PM +0200, Johannes Graumann wrote: >> See subject line ;) >> >> Joh > > ls -l /var/lib/qubes/dvmdata/* > > This will show you which dvmTemplate is being used to generate the > disposableVMs

Re: [qubes-users] https://www.qubes-os.org/doc/vpn/

On Sat, May 20, 2017 at 1:36 PM, fooyreb wrote: > Helo, So, I've setup a proxyVM for the VPN, via the "CLI version" > https://www.qubes-os.org/doc/vpn/ > > However, when I suspend Qubes, and wakeup Qubes, the networking is lost, > I then have to shut down or alter the network

Re: [qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

On Sun, May 14, 2017 at 4:20 PM, Andrew David Wong wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 2017-05-14 03:51, Holger Levsen wrote: >> On Sat, May 13, 2017 at 02:55:12PM -0500, Andrew David Wong wrote: you really dont protect your gpg key with a

Re: [qubes-users] how to check integrity about DVD

On Tue, May 16, 2017 at 9:41 PM, Andrew David Wong wrote: > On 2017-05-16 16:42, h...@e.shapoo.ch wrote: >> I verified signature about qubes ISO file by gpg.Then I burned it to DVD. >> But I can't trust that DVD was burned without corruption. >> So I want to verify integrity

Re: [qubes-users] Games on Qubes + Whonix

On Mon, May 15, 2017 at 9:40 AM, wrote: > Hello! I'm a beginner and maybe ask a stupid question. I know that Qubes OS > itself does not support 3D graphics. But can I play games (Steam) if I > connect to Qubes Whonix as a virtual machine? It's a Linux distribution and >

Re: [qubes-users] Windows 7 HVM Install

On Mon, May 15, 2017 at 5:24 PM, Sam Hentschel wrote: > Hey all! > > Decided to try out making a windows 7 install just in case I needed it > for school. > > I downloaded a 64-bit windows 7 enterprise iso and proceeded with the > installation doing: > > $ qvm-create

Re: [qubes-users] Help adding documentation to Qubes Repository

On Sat, May 13, 2017 at 4:22 PM, Andrew David Wong wrote: > On 2017-05-13 14:27, Zbigniew Łukasiak wrote: >> This is something I am also struggling with - but shouldn't there >> be a sign-off line in all the commit comments as described in >>

Re: [qubes-users] Why should I clone a template?

On Sat, May 20, 2017 at 8:43 PM, Todd Lasman wrote: > The dogma, as I understand it, is that it's safer to clone a template, make > changes to the clone, then base your AppVM's off of that cloned template. > > - From the Qubes website: > "It is highly recommended to clone the

Re: [qubes-users] Lenovo X1 Carbon 1.gen

On Sun, May 21, 2017 at 10:00 AM, Finsh wrote: > i recently got interested in the Qubes and i'm thinking on installing it > on a Lenovo X1 Carbon 1gen Type: 3460-1F4. > > I couldn't find this specific Model in the HCL, are there any known issues? I also ran on a 1st gen

Re: [qubes-users] Windows hanging at starting up screen (changing xen video -> cirrus not working?)

On Sat, Apr 29, 2017 at 10:34 AM, Gaiko Kyofusho wrote: > I am trying to setup a win7 template. I started with the: > > qvm-create --hvm-template win7-x64-template -l green > > which seemed to work well enough, then tried to install windows (win7 pro > x64). When I

Re: [qubes-users] OpenWhisper Systems Signal not quite right in Qubes 3.2/Fedora23/Chromium

On Sun, May 7, 2017 at 10:05 PM, Neal Rauhauser wrote: > I installed Qubes 3.2 on a Dell Precision M4600 (slick) and I've been trying > to migrate a portion of my day to day work to it. > > I have many contacts who use Open Whisper Systems Signal App for > communication.

Re: [qubes-users] How to get trusted iso?

On Sun, May 7, 2017 at 2:41 PM, cooloutac wrote: > On Monday, May 1, 2017 at 3:03:05 PM UTC-4, Chris Laprise wrote: >> On 05/01/2017 02:33 PM, cooloutac wrote: >> > I know I can't buy one, so how do I get an a fresh iso if my machine >> > is compromised? Obviously, someone

Re: [qubes-users] Re: GPU passthrough: 2000 USD bounty

I don't know anything about your specific hardware, but it is true that secondary GPUs are often not connected to the display itself, but rather the rendering takes place there and then the rendered frames are passed back to the host and to the integrated gpu to be put on your display. From a

Re: [qubes-users] Focus Stealing, how to stop it?

On Fri, Apr 21, 2017 at 10:00 PM, Andrew David Wong <a...@qubes-os.org> wrote: > On 2017-04-20 21:56, Jean-Philippe Ouellet wrote: >> On Thu, Apr 20, 2017 at 10:17 PM, taii...@gmx.com <taii...@gmx.com> >> wrote: >>> How do I stop focus stealing? I have ac

Re: [qubes-users] say it out (loud) - Qubes OS Stickers

On Fri, Apr 21, 2017 at 8:16 AM, Franz <169...@gmail.com> wrote: > On Thu, Apr 20, 2017 at 7:57 PM, cooloutac wrote: >> On Thursday, April 20, 2017 at 6:07:45 PM UTC-4, Francesco wrote: >> > On Thu, Apr 20, 2017 at 4:16 PM, J. Eppler >> > I really

Re: [qubes-users] Bug with copy and paste to different window

On Fri, Apr 21, 2017 at 5:22 AM, evo wrote: > I have a problem with an appVM based on Fedora24. > I open LibreOffice and Scribus, then i want to copy and paste from > office. But if i copy it from office and go to the scribus-window the > window is not activated... it just

Re: [qubes-users] Focus Stealing, how to stop it?

On Thu, Apr 20, 2017 at 10:17 PM, taii...@gmx.com wrote: > How do I stop focus stealing? I have accidentally entered ssh passwords in > to other windows as they keep stealing focus for irrelevant things. AFAIK there is no consensus on how to best solve this problem. It has come

Re: [qubes-users] qubes manager add start terminal

On Mon, Apr 17, 2017 at 9:39 AM, Eva Star wrote: > On 04/17/2017 03:11 AM, Unman wrote: > >> I've done some manager hacking myself - some of it now incorporated in >> release. >> If you dont want to build a package then you can simply start hacking in >>

Re: [qubes-users] Secure Handling of Encrypted Drives

On Sun, Apr 16, 2017 at 7:59 PM, Andrew David Wong <a...@qubes-os.org> wrote: > On 2017-04-12 13:05, Sam Hentschel wrote: >> On Wednesday, April 12, 2017 at 3:20:30 PM UTC-4, Chris Laprise >> wrote: >>> On 04/12/2017 02:37 PM, Jean-Philippe Ouellet wrote: >>>

Re: [qubes-users] HW RNG on dom0?

On Mon, Apr 10, 2017 at 8:23 AM, Johannes Graumann wrote: > I am wondering whether > 1) under QubesOS a (USB) HW RNG like http://www.bitbabbler.org/ is usable Yes. You would need to do some work to make it feed entropy in a safe way though. > and if yes > 2) where

Re: [qubes-users] HDMI-related threats in Qubes OS

On Sun, Apr 9, 2017 at 9:42 AM, Vít Šesták wrote: > > * DDC (PIN 15+16) – needed for getting the resolution etc., present even in > current version of VGA. While there is some attack surface, it seems to be > rather small. Note

Re: [qubes-users] DispVM Configuration

On Wed, Apr 5, 2017 at 11:59 PM, Sam Hentschel wrote: > Hey all! > > So far so good with QubesOS on my end. Have almost everything up and > running to have this as my daily carry. It's amazing how little RAM all > these VMs actually require; and the CPU! None! > >

Re: [qubes-users] realized why I always lose sound in the vms

On Wed, Apr 5, 2017 at 11:29 PM, cooloutac wrote: > The sound mixer app I installed xfe in mutes things when I lower the volume > all the way by accident. Never realized till now lol. I always have to go > into dom0 alsamixer. > > Is there a better plugin to use? Does a

Re: [qubes-users] Qubes 4.0 Alpha release date

On Wed, Apr 5, 2017 at 7:50 AM, wrote: > Hello everyone, > > > First, thanks a lot for working on a reasonably secure operating system > and publish it for free. > > With the recent critical security issue in Xen PV, it would be nice to > consider to release an alpha version

Re: [qubes-users] How much important is TPM?

On Tue, Apr 4, 2017 at 6:21 PM, taii...@gmx.com wrote: > On 04/04/2017 12:36 PM, Steve Coleman wrote: > >> On 04/04/2017 10:29 AM, taii...@gmx.com wrote: >> >>> Opal is proprietary garbage, >> >> >> Actually its an open standard, not controlled by any government or >>

[qubes-users] Re: [qubes-devel] Re: QSB #29: Critical Xen bug in PV memory virtualization code (XSA-212)

On Tue, Apr 4, 2017 at 11:35 AM, Hack wrote: >> Dear Qubes community, >> >> We have just published Qubes Security Bulletin (QSB) #29: >> Critical Xen bug in PV memory virtualization code (XSA-212). >> >> [...] >> >> Discussion >> === >> >> This is another bug

Re: [qubes-users] How do I...?

On Tue, Apr 4, 2017 at 8:56 AM, Samuel Hentschel wrote: > Hey Qubes Community, > > I'm a "new" QubesOS user; as in this is my first time trying it to > make it my daily carry. I have a couple questions that you guys may > be able to help me with. Hey Sam, welcome to the

Re: [qubes-users] Re: HCL - Lenovo Thinkpad X1 Carbon 4th gen (20FB)

care :) On Tue, Feb 28, 2017 at 1:29 AM, Jean-Philippe Ouellet <j...@vt.edu> wrote: > On Mon, Feb 27, 2017 at 3:42 PM, Chris Laprise <tas...@openmailbox.org> wrote: >> On 02/27/2017 03:11 PM, Holger Levsen wrote: >>> On Sun, Feb 26, 2017 at 02:56:53PM -0500, Jean-Philipp

Re: [qubes-users] Re: Testers wanted

On Sun, Apr 2, 2017 at 4:49 PM, Eva Star wrote: > On 04/02/2017 09:23 PM, John Casey wrote: >> Apologies as I am not totally familiar with mailing list etiquette, but >> would it be better to include the mailing list so as to maintain a record >> of volunteers? > > Or

[qubes-users] Re: Custom qrexec services

On Sat, Jan 28, 2017 at 9:04 PM, Marek Marczykowski-Górecki wrote: > 1. write USB - _unidirectional_ service to write an fs image into USB > stick (service into USB VM) I like this idea (mostly got tired of ... | qvm-run -p sys-usb 'dd of=/dev/sda') and wrote my

Re: [qubes-users] Security and dispVM firefox customization

If you are concerned about the size of your anonymity set then you ought to be using unmodified TBB in a whonix-ws-based template rather than Firefox in a DispVM. We don't currently make guarantees about the cross-machine uniformity of DispVM browsers. There are ways to fingerprint the default

Re: [qubes-users] Simple Dom0 password manager for an imperfect-but-strong security upgrade?

On Thu, Mar 30, 2017 at 6:21 PM, Shane Optima wrote: > Maybe if you (or someone) could write a Firefox extension to modify all > browser page titles to be a concatenation of the page title and a short token > of characters generated from a salted hash of the URL (so that

Re: [qubes-users] Simple Dom0 password manager for an imperfect-but-strong security upgrade?

On Thu, Mar 30, 2017 at 5:31 AM, Chris Laprise wrote: > xdotool also lets you inject keystrokes into windows. > > With a shortcut-key assignment this can be easily scripted by the user (you > said this was for power users). Automatically injecting the keystrokes removes

Re: [qubes-users] Simple Dom0 password manager for an imperfect-but-strong security upgrade?

On Thu, Mar 30, 2017 at 5:31 AM, Chris Laprise wrote: > You don't even need to rely on the window title for the security aspect: The > _QUBES_VMNAME window property will tell you. For example: > > $ CUR_WINDOW=`xdotool getwindowfocus` > $ VMNAME=`xprop _QUBES_VMNAME -id

Re: [qubes-users] How much important is TPM?

On Tue, Mar 28, 2017 at 2:40 AM, Vít Šesták wrote: > AFAIU, TPM is useful mostly for AEM. But AEM requires Intel TXT (which is > missing even on some high-end CPUs). But TXT has various vulnerabilities. How > much real protection

Re: [qubes-users] Maybe a silly question

On Fri, Mar 24, 2017 at 10:51 AM, Manuel Cornejo wrote: > Doesn't Qubes need and antivirus? What happend if on Qubes we set a VM with > Windows 7 in it? Would you install antivirus on the virtual machine hoping > that is going to be (the same /more) effective than

Re: [qubes-users] Why does Qubes not work with nested virtualization?

It actually does work for limited use cases. I sometimes run Qubes inside Qubes for quickly testing things ;) The outer VM must be HVM, and the inner-inner VMs must be PVM, or else you must enable some less-tested and potentially dangerous code paths in Xen (nestedhvm=1) which Qubes (on purpose)

Re: [qubes-users] Simple Dom0 password manager for an imperfect-but-strong security upgrade?

- If we consider a compromised VM with: - passwords saved in the browser: an attacker can obtain all passwords - your proposed password manager: an attacker can still obtain all passwords, just needs to wait for them to be used - If we consider a non-compromised VM with: - passwords saved

Re: [qubes-users] Simple Dom0 password manager for an imperfect-but-strong security upgrade?

On Fri, Mar 24, 2017 at 2:55 AM, Shane Optima wrote: > However, I justed noticed that R3.2 introduced a Dom0-to-hyperboard[1] copy > function, and since Dom0 knows the window title text... couldn't there be > another hypervisor keyboard shortcut that would use the window

Re: [qubes-devel] Re: [qubes-users] usability major bug?

On Wed, Mar 22, 2017 at 8:08 AM, Oleg Artemiev wrote: > On Wed, Mar 22, 2017 at 1:52 PM, Holger Levsen wrote: >> Hi Oleg, >> >> you missed on important bit of information: >> >> On Wed, Mar 22, 2017 at 12:12:58PM +0300, Oleg Artemiev wrote: >>> I have

Re: [qubes-users] Tip: How to speed up QubesOS shutdown

On Tue, Mar 14, 2017 at 7:11 PM, haaber wrote: > I dont't have any e820 pci device as far as I know, but shutdown is > definitely a problem. xfce shuts down, and then I have a black screen > with a blinking cursor, and, afaik unless I brutally remove electricity. > No clue if this

  1   2   >