[qubes-users] yggdrasil & qubes netvm question

1) Has anyone succeeded in enabling the yggdrasil network in NetVM qube? I'm thinking about Qubes standalone PC as a server machine with the ability to use NetVM as a shell box via yggdrasil IP. 2) BTW: it should open an attack surface on the NetVM. Is it right that this will open the attack

[qubes-users] "Cannot connect to qrexec agent for 60 .." - how to change this timeout?

Re all. I've slow disk on my qubes PC. Sometimes when I start VMs it tells that it can't connect to qrexec & fails to start automatically - I've to start again manually & then on the second time the disk reads faster due to cache & it succeeds. Where can I change the timeout to 90 seconds or even

[qubes-users] AMD with latest Qubes - is it now "all relatively okay"?

I've bought an old AMD PC for games (AMD FX-8350 8-core 4GHz , 16Gb RAM). It's not a laptop. Today I visited Qubes requirements page & found it has been renewed since my last visit. It now contains more detail on AMD requirements. So briefly speaking (I'dn't like to rewind entire Qubes web site to

Re: [qubes-users] Squares instead of Characters in (?)nautilus

I don't use qubes currently, but my 5 cents: 1. missing fonts or incorrect locale settings. Having said that I guess you may fix this in two ways: a) set locale (LC_*, LANG variables) according to your language in shell files in app VM in bashrc (or in template VM in /etc), b) install missing

Fwd: [qubes-users] unproven APT for Qubes 3.x

-- Forwarded message - From: Oleg Artemiev Date: Sun, Dec 9, 2018 at 12:56 PM Subject: Re: [qubes-users] unproven APT for Qubes 3.x To: Alex Cc: In other words: please someone update Qubes 3.x FAQ . On Sun, Dec 9, 2018 at 12:54 PM Oleg Artemiev wrote: > I'm in progr

Re: [qubes-users] unproven APT for Qubes 3.x

On Sun, Dec 9, 2018 at 12:46 PM Alex wrote: > On 12/9/18 8:38 AM, Oleg Artemiev wrote: > > A friend of mine told me a story: > > > > She had unproven APT like when insecure hardware being in use. > > > > Sorry, my English is not well enough (proven upper i

Re: [qubes-users] unproven APT for Qubes 3.x

In other words: please someone update Qubes 3.x FAQ . On Sun, Dec 9, 2018 at 12:54 PM Oleg Artemiev wrote: > I'm in progress of key revocation. I cannot be alive w/o terminal. > > On Sun, Dec 9, 2018 at 12:46 PM Alex wrote: > >> On 12/9/18 8:38 AM, Oleg Artemiev wrote: >

Re: [qubes-users] unproven APT for Qubes 3.x

I'm in progress of key revocation. I cannot be alive w/o terminal. On Sun, Dec 9, 2018 at 12:46 PM Alex wrote: > On 12/9/18 8:38 AM, Oleg Artemiev wrote: > > A friend of mine told me a story: > > > > She had unproven APT like when insecure hardware being in use. >

[qubes-users] unproven APT for Qubes 3.x

A friend of mine told me a story: She had unproven APT like when insecure hardware being in use. Sorry, my English is not well enough (proven upper intermediate). I will continue in Russian: --- quote - - Прикинь - словил апт в третьих кубиках - держи меня в курсе - ну ты же знаешь, что

[qubes-users] qubes r3.2 automation with ansible + gpg->gpg2 questions

Hello, list. Sorry if this has been already discussed - didn't read the mailing list long time. I've found myself in need to change templates once again as templates for too old fedora are not even updating at my side and it appears I've time to learn Qubes devops. Since Qubes OS site seem to

Re: [qubes-users] my qubes 3.2 doesn't boot after installing latest Dom0 patches yestarday

On Thu, 19 Apr 2018 11:18 awokd <aw...@danwin1210.me> wrote: > On Wed, April 18, 2018 4:20 pm, Oleg Artemiev wrote: > > It hangs w/ NMI watchdog: BUG: softlockup - CPU0 stuck for 22 s > > [swapper/0:0] > > Usually it happens after loading Dom0 startup setup or netvm

[qubes-users] my qubes 3.2 doesn't boot after installing latest Dom0 patches yestarday

It hangs w/ NMI watchdog: BUG: softlockup - CPU0 stuck for 22 s [swapper/0:0] Usually it happens after loading Dom0 startup setup or netvm startup. screen photo attached. ​ 20180418_190412.jpg

Re: [qubes-users] Is it really hard to autogenerate apropos data for all qubes utils ?

On Sat, Mar 18, 2017 at 4:11 PM, Unman wrote: > On Sat, Mar 18, 2017 at 03:32:54AM -0400, Jean-Philippe Ouellet wrote: >> Unman is correct. >> >> Additionally, mandb index generation may be of lesser quality because >> our man pages are not actual man pages, but rather

[qubes-users] Re: HCL report for acer aspire v5-572pg

On Mon, Jul 24, 2017 at 6:57 PM, Oleg Artemiev <grey.o...@gmail.com> wrote: > Hello. > > No sound by dedefault, no vt-d actually sound works, sorry for mistake. > Though, this is temporary laptop till I'll have fully compatible purism one. > I'ven't removed any numbers. Thi

[qubes-users] HCL report for acer aspire v5-572pg

Hello. No sound by dedefault, no vt-d Though, this is temporary laptop till I'll have fully compatible purism one. I'ven't removed any numbers. This laptop is obviously not for Qubes. It's okay to put this onto the Qubes Web HCL. -- Bye.Olli. gpg --search-keys grey_olli , use key w/

Re: [qubes-users] Seeking moderators for unofficial Qubes IRC channels on Freenode and OFTC

i regulary open this channel since it was small in traffic volume. If I'm not late already I'd like to help. On Fri, Jul 21, 2017 at 3:27 AM, Andrew David Wong wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Dear Qubes Community, > > We're looking for

Re: [qubes-users] Re: cognitive issues when default is to use tor

On Thu, Jul 6, 2017 at 5:24 AM, cooloutac <raahe...@gmail.com> wrote: > On Wednesday, July 5, 2017 at 10:19:32 PM UTC-4, cooloutac wrote: >> On Tuesday, July 4, 2017 at 1:34:17 PM UTC-4, Oleg Artemiev wrote: >> > Hi. >> > >> > I'm not very glad w/ default

Re: [qubes-users] Re: cognitive issues when default is to use tor

On Wed, Jul 5, 2017 at 2:35 PM, wrote: > My understanding is that you shouldn't be accessing Tor through anything but > anon-whonix or a copy of that VM (this might be wrong). I'm not sure what > metadata your work applications may leak that will compromise the

Re: [qubes-users] Re: cognitive issues when default is to use tor

On Thu, Jul 6, 2017 at 5:25 AM, cooloutac <raahe...@gmail.com> wrote: > On Wednesday, July 5, 2017 at 10:24:32 PM UTC-4, cooloutac wrote: >> On Wednesday, July 5, 2017 at 10:19:32 PM UTC-4, cooloutac wrote: >> > On Tuesday, July 4, 2017 at 1:34:17 PM UTC-4, Oleg A

Re: [qubes-users] Re: certified laptop delivery to Russia

On Sun, Jul 9, 2017 at 6:13 AM, cooloutac wrote: > On Saturday, July 8, 2017 at 12:40:31 PM UTC-4, tai...@gmx.com wrote: >> On 06/26/2017 10:41 AM, cooloutac wrote: >> >> >> >> On Saturday, June 24, 2017 at 12:30:48 AM UTC-4, tai...@gmx.com wrote: >> >> >> Ah the

[qubes-users] cognitive issues when default is to use tor

Hi. I'm not very glad w/ defaults provided in Qubes OS. Are there any chances the situation 'll get fixed? Details: I've no real trust to https - this is reputation scheme. I've no real trust to tor - exit nodes sniff. I've installed new instance w/ tor as default. I've two network VMs w/

[qubes-users] marketing issue: purism team has no required ISO w/ Qubes currently

Hello. Could the team please send required image of Qubes to Purism team? I want my certified laptop asap and currently have to buy it w/ Purism OS instead of Qubes OS. -- Bye.Olli. gpg --search-keys grey_olli , use key w/ fingerprint below: Key fingerprint = 9901 6808 768C 8B89 544C 9BE0 49F9

Re: [qubes-users] certified laptop delivery to Russia

On Thursday, June 15, 2017 at 5:43:42 PM UTC+3, Oleg Artemiev wrote: > On Wed, Jun 14, 2017 at 9:34 AM, Alex <alex@gmx.com> wrote: > > On 06/13/2017 10:00 PM, Oleg Artemiev wrote: > >> Has anyone sent the Qubes certified laptop to Russia? > >> Are the

Re: [qubes-users] certified laptop delivery to Russia

On Wed, Jun 14, 2017 at 9:34 AM, Alex <alex@gmx.com> wrote: > On 06/13/2017 10:00 PM, Oleg Artemiev wrote: >> Has anyone sent the Qubes certified laptop to Russia? >> Are there any delivery or customs issues that Russian citizen should >> be aware of? >> >&g

[qubes-users] certified laptop delivery to Russia

Hello. Has anyone sent the Qubes certified laptop to Russia? Are there any delivery or customs issues that Russian citizen should be aware of? How do I check that US vendor hasn't passed implant into device? My old laptop has gone. My current temporary laptop is not compatible w/ Qubes (AMD

[qubes-users] Unofficial qubes os telegram channel

Language: Russian and English. Channel: unofficial-qubes-os-telegram Welcome. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] Re: [qubes-devel] usability request

2017-03-23 13:51 GMT+03:00 Oleg Artemiev <grey.o...@gmail.com>: >> ровно до того момента пока вы считаете корректным использовать >> несколько способов энкапсуляции смысла. Хочешь узнать о чём - пиши в gpg >> формате. Да я считаю гпг способом кодирования смысла. У м

[qubes-users] Re: [qubes-devel] usability request

> ровно до того момента пока вы считаете корректным использовать > несколько способов энкапсуляции смысла. Хочешь узнать о чём - пиши в gpg > формате. Да я считаю гпг способом кодирования смысла. У меня в локации нельзя > использовать шифрование но можно использовать кодирование -- You

[qubes-users] Re: [qubes-devel] usability request

И я буду анноить Вас отсутствием русского списка рассылки про Qubes ровно до того момента пока вы считаете корректным использовать несколько способов энкапсуляции 2017-03-23 13:47 GMT+03:00 Oleg Artemiev <grey.o...@gmail.com>: > В русском каннари намеренно использована машинно неперевод

[qubes-users] Re: [qubes-devel] usability request

Oleg Artemiev <grey.o...@gmail.com>: > Please do not try to get a clue why this is sent here. This is > thinking flow. I had never ever been doing a meaning full cannary and > commitment into a project. > I willl test qubes. Since I alreaday do and I enjoy Qubes OS and all >

[qubes-users] How do I know - is that a MAJOR usability issue? (subject replaced)

Hello. Currently I'm not that busy but steel overloaded by technical debt. I've cleaned the tech debt for some organisation units outside of my usual daily interest. всё хорошо. :) Баг не касается ничего существенного. Пошёл в обязательный ребут. Сходимость очередей на запуск на уровне

[qubes-users] Re: [qubes-devel] usability request

VM (thinking it has same clean state) provided As I understand security vs usability - this is all about mistrusts from operating system - to cleanup a block you have to unlock. But where the lock() is subject to search. 2017-03-23 13:25 GMT+03:00 Oleg Artemiev <grey.o...@gmail.com>: > On

Re: [qubes-users] usability major bug?

On Wed, Mar 22, 2017 at 3:32 PM, Holger Levsen <hol...@layer-acht.org> wrote: > On Wed, Mar 22, 2017 at 03:08:00PM +0300, Oleg Artemiev wrote: >> > why do you have to reboot? >> Cost of reboot in __understanding__ what the hell is the reason is >> less than cost of

Re: [qubes-users] usability major bug?

On Wed, Mar 22, 2017 at 1:52 PM, Holger Levsen <hol...@layer-acht.org> wrote: > Hi Oleg, > > you missed on important bit of information: > > On Wed, Mar 22, 2017 at 12:12:58PM +0300, Oleg Artemiev wrote: >> I have to reboot Qubes R3.2 a few times a day. What do I do

[qubes-users] usability major bug?

I have to reboot Qubes R3.2 a few times a day. What do I do wrong? reproduceable: daily on my workstation impact: ability to run 10-15 VMs is not guaranteed . My harware is strong enough to be able to run that count of qubes (it is normal to me). Has this been already reported? -- Bye.Olli.

[qubes-users] Is it really hard to autogenerate apropos data for all qubes utils ?

The most annoying thing is not that I have to do some manual intervention to start my music VM for unknown to me reason. This : apropos qmemman qmemman: nothing appropriate. is most annoying thing in Qubes project. when something goes wrong I have to get out of my console and look into qubes

Re: [qubes-users] do I really need these packages in dom0 :?

On Sun, Mar 5, 2017 at 1:29 PM, Andrew David Wong wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > from above only netcf-libs is required indirectly by xen > related package. So is it safe to drop all other from above > w/ rpm -e ? Yes.

Re: [qubes-users] do I really need these packages in dom0 :?

On Fri, Mar 3, 2017 at 12:34 AM, Oleg Artemiev <grey.o...@gmail.com> wrote: > On Thu, Mar 2, 2017 at 11:01 PM, Marek Marczykowski-Górecki > <marma...@invisiblethingslab.com> wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA256 >> >> On Mon, Feb 2

Re: [qubes-users] do I really need these packages in dom0 :?

On Thu, Mar 2, 2017 at 11:01 PM, Marek Marczykowski-Górecki <marma...@invisiblethingslab.com> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On Mon, Feb 27, 2017 at 06:23:22AM +0300, Oleg Artemiev wrote: >> After installing qubes 3.2 looked into dom0 u

[qubes-users] strange firefox behavior

Firefox asks for "choose what I share" but usual controls are absent in settings - I cannot disable automatic reporting. What should be a reason? Feedora 23 template, Qubes 3.2 -- Bye.Olli. gpg --search-keys grey_olli , use key w/ fingerprint below: Key fingerprint = 9901 6808 768C 8B89 544C

[qubes-users] i18n regression bug in Qubes 3.2 - what details will be helpful?

switching keyboard layouts seem to hang for a few seconds from time to time , but indication doesn't hang. This is very annoying. This seem to happen on high loads when 6 or more VMs are running. Any extra details to show to localize the bug? -- Bye.Olli. gpg --search-keys grey_olli , use key

Re: [qubes-users] fedora installer by abilities = ugly wood

On Tue, Feb 28, 2017 at 2:20 AM, Chris Laprise <tas...@openmailbox.org> wrote: > On 02/21/2017 12:54 AM, Oleg Artemiev wrote: \>>> I mean apart from what the installer can support, in your case (I've read >>> some of your other partitioning messages) it seems unneces

[qubes-users] Re: [qubes-devel] is intent to automatically remove empty subdirs in QubesIncoming acceptable?

On Tue, Feb 28, 2017 at 2:12 AM, Marek Marczykowski-Górecki <marma...@invisiblethingslab.com> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On Tue, Feb 28, 2017 at 01:23:24AM +0300, Oleg Artemiev wrote: >> Hello. >> >> From anti-forensic po

Re: [qubes-users] why some times I have to kill VM before it functions properly?

On Tue, Feb 28, 2017 at 1:02 AM, Oleg Artemiev <grey.o...@gmail.com> wrote: > On Tue, Feb 28, 2017 at 12:06 AM, Chris Laprise <tas...@openmailbox.org> > wrote: >> On 02/27/2017 03:08 PM, Oleg Artemiev wrote: >>> >>> [olli@dom0 ~]$ qvm-run -p cherehap

[qubes-users] is intent to automatically remove empty subdirs in QubesIncoming acceptable?

Hello. >From anti-forensic point of view empty dir in some app-VM in QubesIncoming (except dom0) leaking fact of presence a VM some time ago. All we need is add command like "rm /home/user/QubesIncoming/*/* -p --ignore-fail-on-non-empty" into default VM startup script for all linux based

Re: [qubes-users] why some times I have to kill VM before it functions properly?

On Tue, Feb 28, 2017 at 12:06 AM, Chris Laprise <tas...@openmailbox.org> wrote: > On 02/27/2017 03:08 PM, Oleg Artemiev wrote: >> >> [olli@dom0 ~]$ qvm-run -p cherehapa /bin/ls | head >> su: warning: cannot change directory to /home/user: No such file or >> dir

[qubes-users] why some times I have to kill VM before it functions properly?

[olli@dom0 ~]$ qvm-run -p cherehapa /bin/ls | head su: warning: cannot change directory to /home/user: No such file or directory b xterm and other gui programs do not start. Though if I kill VM the problem disappear. I run Qubes 3.2 with Feb 2017 updates . -- Bye.Olli. gpg --search-keys

[qubes-users] do I really need these packages in dom0 :?

After installing qubes 3.2 looked into dom0 updates. Found some that I possibly ok to remove: [olli@dom0 ~]$ rpm -q --whatrequires tigervnc-server-minimal anaconda-gui-23.19.10-4.fc23.x86_64 [olli@dom0 ~]$ rpm -q --whatrequires anaconda-gui initial-setup-gui-0.3.37-1.fc23.x86_64 [olli@dom0 ~]$

Re: [qubes-users] Two qubes multinoot

On Sat, Feb 25, 2017 at 6:50 PM, john.david.r.smith <john.david.r.sm...@openmailbox.org> wrote: > On 25/02/17 04:14, Oleg Artemiev wrote: >> >> Hi. >> >> If I want to run VMs from one Qubes in another > why would you even dualboot two qubesversions? Some ac

[qubes-users] Two qubes multinoot

Hi. If I want to run VMs from one Qubes in another - would it be possible to have different coloring for the same VM in different Qubes OS instances? Is this possible from a VM to attack Dom0 by altering VM image files or this is just files and adversary able to rewrite image in one Qubes has

Re: [qubes-users] Re: qubes-rufus-windows7

On Feb 23, 2017 10:07 PM, "руслан шатдинов" wrote: четверг, 23 февраля 2017 г., 20:45:43 UTC+3 пользователь руслан шатдинов написал: > hello > i wrote QubesOS on my USB-flash with DD-form option, but Windows7 doesnt see this USB-flash-disk > but > ACRONIS can see this disk >

[qubes-users] Dual boot and two swaps?

Say I've one enrypted swap and one not from other linux. Would Qubes ignore unencrupted swap from other distribution or I should make it to? If so - how do I? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and

[qubes-users] Re: shrink ntfs from qubes - what do use for this?

On Sat, Feb 4, 2017 at 7:45 PM, Oleg Artemiev <grey.o...@gmail.com> wrote: > Last time I wanted such a thing I was using a tool like partition > magic (boot from toolset disk). It was a few years ago. Is there a > relatively safe way to shrink a win7 partition from linux w/o >

Re: [qubes-users] Disable sys-net autostart?

Just asked the same question and then found this thread. %)Thanks for answer. Could you be so kind to provide more details: >> Since I created the net VM I'm unable to boot anymore. It hangs during the >> sys-net startup. The error message I get after a few minutes is: >> BUG: soft lockup -

[qubes-users] sys-net, sys-firewall starting independent to start on boot in properties

How do I disable autostart of sys-net, sys-firewall? Qubes manager setting seem to be ignored. Qubes r3.2 -- Bye.Olli. gpg --search-keys grey_olli , use key w/ fingerprint below: Key fingerprint = 9901 6808 768C 8B89 544C 9BE0 49F9 5A46 2B98 147E Blog keys (the blog is mostly in Russian):

[qubes-users] looks like sha-1 is over

a little bit offtopic, everyone is using sha-256, I guess, http://shattered.it/ but, btw - any comments to this in Qubes contex: cut- How is GIT affected? GIT strongly relies on SHA-1 for the identification and

Re: [qubes-users] asus n56vz HCL update

On Wed, Feb 22, 2017 at 12:32 PM, Chris Laprise wrote: > Since this is an update of his Qubes R2 report already in the HCL, I have > enough info to include it for R3.2. I have the CPU model (from the body of > Oleg's first message), the chipset model, graphics, etc. Okay,

Re: [qubes-users] asus n56vz HCL update

On Wed, Feb 22, 2017 at 3:29 AM, Zrubi wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 >> My idea is that if Qubes team wants to get additional information >> from users about spare parts - the HCL should get divided by at >> least two parts: >> 1) laptop model

[qubes-users] qubes r3.2 i18n (dom0 updates not installed) - delayed switch to alternate language in VM, but not in dom0

Hello. I've some times to wait a significant amount of time for Russian input to be available. Alt Shift and mouse both switch language indicator for Xfce, but Russian chars are not appearing in VM within a few seconds when switching from VM to VM - all imput is still in English. asus

Re: [qubes-users] asus n56vz HCL update

On Tue, Feb 21, 2017 at 3:34 AM, Zrubi <m...@zrubi.hu> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On 02/21/2017 02:59 AM, Oleg Artemiev wrote: > >> Attached file has more details. As usually I've replaced some >> potentially unique numbers w/ XX

Re: [qubes-users] fedora installer by abilities = ugly wood

On Mon, Feb 20, 2017 at 11:09 PM, Chris Laprise <tas...@openmailbox.org> wrote: >>> On 02/20/2017 09:16 AM, Oleg Artemiev wrote: > I mean apart from what the installer can support, in your case (I've read > some of your other partitioning messages) it seems unnecessary. Yes,

[qubes-users] asus n56vz HCL update

-- Qubes release 3.2 (R3.2) Brand:ASUSTeK COMPUTER INC. Model:N56VZ BIOS: X Xen:4.6.1 Kernel:4.4.14-11 RAM: 16 Gigabytes CPU: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz Chipset: Intel Corporation 3rd Gen

Re: [qubes-users] fedora installer by abilities = ugly wood

On Mon, Feb 20, 2017 at 4:01 PM, Chris Laprise <tas...@openmailbox.org> wrote: > On 02/20/2017 09:16 AM, Oleg Artemiev wrote: >> >> once uefi detected in BIOS - no chance to make it install non-uefi >> version of grub - no chance to continue w/o special efi partition &

Re: [qubes-users] qubes partitioning questsion

On Mon, Feb 20, 2017 at 1:10 PM, Andrew David Wong wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 >> I'm about to upgrade from Qubes 3.0 to Qubes 3.2 now. >> >> I've two terabites (1 ssd and 1 hdd) in my laptop and 16Gigs of >> memory. Is separation to different

[qubes-users] fedora installer by abilities = ugly wood

once uefi detected in BIOS - no chance to make it install non-uefi version of grub - no chance to continue w/o special efi partition btrfs partitioning has no option to tweak raid level for data and metadata - only both. Custom partitioning made non intuitive and uncomfortable. and comparing to

Re: [qubes-users] Re: Riseup Services Likely Compromised

On Fri, Feb 17, 2017 at 4:21 PM, Michael Carbone wrote: > Me: >> Michael Carbone: >>> Me: Qubes users beware. Riseup Services (including email)are likely compromised by State actors. For more info and to verify above statement visit

Re: [qubes-users] Re: How to launch qubes AppVM without qubes os?

On Sun, Feb 19, 2017 at 1:10 PM, Arqwer wrote: > *By all files I mean those that were in /var/lib/qubes/appvms/ you will be able to run that programs seamless only by using same Linux distro that was used as a template VM for your appVM. Also you will need all dependent

[qubes-users] what is better - btrfs or ssd cache w/ qubes? (was qubes partitioning questsion)

uks - it seems better fitting into plausible deniability - looks like no trace of encryption is on the disk - no luks standard container is visible on the raw disk read. More reading here: https://help.ubuntu.com/community/EncryptedFilesystemHowto Russian speaking users could look at http://www.bog.pp.ru

Re: [qubes-users] qubes partitioning questsion

On Sat, Feb 18, 2017 at 9:59 PM, Oleg Artemiev <grey.o...@gmail.com> wrote: > > > On Feb 18, 2017 21:07, "Manuel Amador (Rudd-O)" <rud...@rudd-o.com> wrote: > > Separate /usr is not supported. > > I have separated /usr over 2 years and had no problem. Un

Re: [qubes-users] qubes partitioning questsion

nged rarely. BTW - I'm not sure where temporary images are stored when Qubes starts an App VM. The idea is get most reads from ssd and most writes to hdd. On February 18, 2017 8:21:10 AM PST, Oleg Artemiev <grey.o...@gmail.com> wrote: > > Hello, > > I'm about to upgrade from Qu

[qubes-users] offtopic: bitmask vpn

've seen a post asking for invite there. Got time to read about service. 'ven't found anything much more interesting than other vpn service. A lot of market advert claims that show things also available for other vpn services. Lack of technical explanation what innovations they made w/ their

Re: [qubes-users] I have a bank vm, how do you restrict

On Sat, Feb 11, 2017 at 2:35 AM, Oleg Artemiev <grey.o...@gmail.com> wrote: > On Wed, Feb 8, 2017 at 2:36 AM, Chris Laprise <tas...@openmailbox.org> wrote: >> On 02/07/2017 04:47 AM, Oleg Artemiev wrote: >>>>> I have a bank vm, how do you restrict the brow

Re: [qubes-users] I have a bank vm, how do you restrict

On Wed, Feb 8, 2017 at 2:36 AM, Chris Laprise <tas...@openmailbox.org> wrote: > On 02/07/2017 04:47 AM, Oleg Artemiev wrote: >> >> On Tue, Feb 7, 2017 at 11:57 AM, '0xDEADBEEF00' via qubes-users >> <qubes-users@googlegroups.com> wrote: >>>> >>&

[qubes-users] Re: [qubes-devel] Re: Devilspie2 integration

On Tue, Feb 7, 2017 at 1:41 PM, Andrew David Wong wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > [Please keep the list CCed.] why do we use operating systems at all? Because them provide some set of default pretty functionality/environment from the

[qubes-users] Shouldn't this be specially noted in Qubes HCL? (was: what about usb to jtag interface?)

On Thu, Feb 9, 2017 at 6:38 PM, pixel fairy <pixelfa...@gmail.com> wrote: > On Thursday, February 9, 2017 at 3:54:03 AM UTC-8, Oleg Artemiev wrote: >> I've heared that new intel mother boards will have (or already have) >> ability to access jtag interface via USB. > y

[qubes-users] what about usb to jtag interface?

I've heared that new intel mother boards will have (or already have) ability to access jtag interface via USB. JTAG is about debugging hardware via special interface. Does this mean that USB qube is now useless as a security border on such a mother board? -- Bye.Olli. gpg --search-keys

Re: [qubes-users] qubes regularry attaches and detaches usb card reader

> On 2017-02-04 20:22, Oleg Artemiev wrote: >> Currently I've all usb controllers attached to Dom0. >> Subj: >> >> Is there any process that should do it usually in Dom0? >> > > Sorry, I'm not sure what you mean. Are you asking about how to create > a USB

Re: [qubes-users] HCL Suggestions?

On Tue, Feb 7, 2017 at 12:51 PM, Zrubi <m...@zrubi.hu> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On 02/07/2017 10:29 AM, Oleg Artemiev wrote: > >> Could you, please, point me into what is already automated (repo + >> path) and related b

Re: [qubes-users] I have a bank vm, how do you restrict

On Tue, Feb 7, 2017 at 11:57 AM, '0xDEADBEEF00' via qubes-users wrote: >> I have a bank vm, how do you restrict the browser from being able to go else >> where? Do you add the iprules in the vm or do you create a proxyvm and add >> the iprules there? >> >> I've tried

Re: [qubes-users] HCL Suggestions?

On Sun, Feb 5, 2017 at 3:39 PM, Andrew David Wong <a...@qubes-os.org> wrote: > On 2017-02-04 15:10, Oleg Artemiev wrote: >>> This is a good time to mention that we're in need of an HCL >>> maintainer. Our longtime volunteer HCL maintainer, Zrubi, no >>> long

[qubes-users] offtopic: need recommendations for relatively secure linux distro for netbook

Hello. This is definitely an offtopic for this mailing list, but since a lot of people concerned on security here - I ask for recomendations. Since this is offtopic - please prefer direct email answers. I've two old netbooks (those slow laptops that were popular years ago) and need to organize

[qubes-users] qubes regularry attaches and detaches usb card reader

Currently I've all usb controllers attached to Dom0. Subj: Is there any process that should do it usually in Dom0? -- Bye.Olli. gpg --search-keys grey_olli , use key w/ fingerprint below: Key fingerprint = 9901 6808 768C 8B89 544C 9BE0 49F9 5A46 2B98 147E Blog keys (the blog is mostly in

Re: [qubes-users] Re: Two ways of "true" security.

Hi On Sat, Feb 4, 2017 at 3:38 PM, Rusty Bird wrote: >> > I have successfully castrated ME firmware on 2 Haswell laptops so I'd go >> > for something more recent but well supported by Linux, reflash and put a >> > non-Intel network card for peace of mind. >> Could

[qubes-users] shrink ntfs from qubes - what do use for this?

Last time I wanted such a thing I was using a tool like partition magic (boot from toolset disk). It was a few years ago. Is there a relatively safe way to shrink a win7 partition from linux w/o destroyng already installed win7 or current linux tools for this are known to be not stable enough?

[qubes-users] symlinks in /va/lib/qubes for files

Hello. I'm thinking about upgrading from 3.0 by reinstalling. Subj? I remember I had some troubles w/ qubes utilities when had install with many mount points under /var/lib/qubes and attempted to symlink some dirs to another path in dom0. Sorry - more than 1.5 years ago - don't remember

Re: [qubes-users] HCL Suggestions?

> This is a good time to mention that we're in need of an HCL > maintainer. Our longtime volunteer HCL maintainer, Zrubi, no longer > has the time to do it. We all owe Zrubi a debt of gratitude for > keeping up this thankless task for so long! :) > > Any volunteers? Why not to just script-out this

Re: [qubes-users] "Backup VMs" does not backup salt configuration

Hi. On Wed, Feb 1, 2017 at 11:56 PM, john.david.r.smith wrote: > On 01/02/17 21:30, qu...@posteo.de wrote: >> I have now nearly a complete salt configuration for all my templates so I >> do not need to backup them anymore and save a lot of space by this. >> >>

Re: [qubes-users] user behavioral analytics

The only interface to this I can think of is running analysing software inside a VM and export it to other VM via dom0 scripting. Also you may mount VM drives inside Dom0 (security risk enen when mounting r/o!) and monitor file system access w/ some software designed for this. You also may mount a

[qubes-users] transparent encripting proxy w/ Qubes?

I've found recently discussion on a forum on trusts for javascript code that is loaded from network and pretends to realize easy to use encryption of mail. Agreed that here you have to trust vendor of the code ultimately. Question I keep since I'm using Qubes - is it possible anyway to have no

[qubes-users] qubes as base for small team work?

I've a stalled business project that has been reincarnated to planning state last month. Previously we planned to use qubes as a base OS for our final product. Though, after a 1.5 year of a project suspend, old target was re-planned as a few-years-later as business ideas were changed/reordered.

[qubes-users] fixed desktop numbers for VMs or at least fixed start desktop for a VM?

I'm lazy enough to still use old Qubes. Is it possible to assign fixed start desktop (or range) for a VM in new Qubes? Ability to bind last window position for next session start is also a good motivation to upgrade. Qubrs VM manager may appear on diffrent desktop and this is annoying. It would be