[qubes-users] Qubes OS 4.2.0-rc5 is available for testing

2023-11-26 Thread Andrew David Wong
Dear Qubes Community,

We're pleased to announce that the fifth [release candidate 
(RC)](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for 
[testing](https://www.qubes-os.org/doc/testing/). The ISO and associated 
[verification files](https://www.qubes-os.org/security/verifying-signatures/) 
are available on the [downloads](https://www.qubes-os.org/downloads/) page. For 
more information about the changes included in this version, see the [Qubes OS 
4.2.0 release notes](https://www.qubes-os.org/doc/releases/4.2/release-notes/) 
and the [full list of bugs affecting Qubes 4.2 that have been 
fixed](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aclosed+reason%3Acompleted+label%3Aaffects-4.2+label%3A%22T%3A+bug%22+-label%3A%22R%3A+cannot+reproduce%22+-label%3A%22R%3A+declined%22+-label%3A%22R%3A+duplicate%22+-label%3A%22R%3A+not+applicable%22+-label%3A%22R%3A+self-closed%22+-label%3A%22R%3A+upstream+issue%22).

## When is the stable release?

That depends on the number of bugs discovered in this RC and their severity. As 
explained in our [release 
schedule](https://www.qubes-os.org/doc/version-scheme/#release-schedule) 
documentation, our usual process after issuing a new RC is to collect bug 
reports, triage the bugs, and fix them. This usually takes around five weeks, 
depending on the bugs discovered. If warranted, we then issue a new RC that 
includes the fixes and repeat the whole process again. We continue this 
iterative procedure until we're left with an RC that's good enough to be 
declared the stable release. No one can predict, at the outset, how many 
iterations will be required (and hence how many RCs will be needed before a 
stable release), but we tend to get a clearer picture of this with each 
successive RC, which we share in this section in each RC announcement. Here is 
the latest update:

At this point, we are hopeful that RC5 will be the final RC.

## Testing Qubes 4.2.0-rc5

Thank you to everyone who tested the previous Qubes 4.2.0 RCs! Due to your 
efforts, this new RC includes fixes for several bugs that were present in the 
previous RCs.

If you're willing to [test](https://www.qubes-os.org/doc/testing/) this new RC, 
you can help us improve the eventual stable release by [reporting any bugs you 
encounter](https://www.qubes-os.org/doc/issue-tracking/). We encourage 
experienced users to join the [testing 
team](https://forum.qubes-os.org/t/joining-the-testing-team/5190).

A full list of issues affecting Qubes 4.2.0 is available 
[here](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+label%3Aaffects-4.2).
 We strongly recommend [updating Qubes 
OS](https://www.qubes-os.org/doc/how-to-update/) immediately after installation 
in order to apply all available bug fixes.

## Upgrading to Qubes 4.2.0-rc5

If you're currently running any Qubes 4.2.0 RC, you can upgrade to the latest 
RC by [updating normally](https://www.qubes-os.org/doc/how-to-update/). 
However, please note that there have been some recent template changes, which 
are detailed in the [Qubes OS 4.2.0 release 
notes](https://www.qubes-os.org/doc/releases/4.2/release-notes/).

If you're currently on Qubes 4.1 and wish to test 4.2, please see [how to 
upgrade to Qubes 4.2](https://www.qubes-os.org/doc/upgrade/4.2/), which details 
both clean installation and in-place upgrade options. As always, we strongly 
recommend [making a full 
backup](https://www.qubes-os.org/doc/how-to-back-up-restore-and-migrate/) 
beforehand.

## Reminder: new signing key for Qubes OS 4.2

As a reminder, we published the following special announcement in [Qubes Canary 
032](https://www.qubes-os.org/news/2022/09/14/canary-032/) on 2022-09-14:

> We plan to create a new Release Signing Key (RSK) for Qubes OS 4.2. Normally, 
> we have only one RSK for each major release. However, for the 4.2 release, we 
> will be using Qubes Builder version 2, which is a complete rewrite of the 
> Qubes Builder. Out of an abundance of caution, we would like to isolate the 
> build processes of the current stable 4.1 release and the upcoming 4.2 
> release from each other at the cryptographic level in order to minimize the 
> risk of a vulnerability in one affecting the other. We are including this 
> notice as a canary special announcement since introducing a new RSK for a 
> minor release is an exception to our usual RSK management policy.

As always, we encourage you to 
[authenticate](https://www.qubes-os.org/security/pack/#how-to-obtain-and-authenticate)
 this canary by [verifying its PGP 
signatures](https://www.qubes-os.org/security/verifying-signatures/). Specific 
instructions are also included in the [canary 
announcement](https://www.qubes-os.org/news/2022/09/14/canary-032/).

As with all Qubes signing keys, we also encourage you to 
[authenticate](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-release-signing-keys)
 the new Qubes OS Release 4.2 Signing Key, which is 

[qubes-users] QSB-097: "Reptar" Intel redundant prefix vulnerability

2023-11-15 Thread Andrew David Wong
: 427F 11FD 0FAA 4B08 0123  F01C DDFA 1A3E 3687 9494
   ```

3. *Important*: At this point, you still don't know whether the key you just 
imported is the genuine QMSK or a forgery. In order for this entire procedure 
to provide meaningful security benefits, you *must* authenticate the QMSK 
out-of-band. *Do not skip this step*! The standard method is to obtain the QMSK 
fingerprint from *multiple independent sources in several different ways* and 
check to see whether they match the key you just imported. For more 
information, see [How to import and authenticate the Qubes Master Signing 
Key](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-the-qubes-master-signing-key).

   *Tip*: After you have authenticated the QMSK out-of-band to your 
satisfaction, record the QMSK fingerprint in a safe place (or several) so that 
you don't have to repeat this step in the future.

4. Once you are satisfied that you have the genuine QMSK, set its trust level 
to 5 ("ultimate"), then quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D: 1 signature not checked due to a missing key
   gpg: key FD64F4F9E9720C4D: public key "Zrubi (Qubes Documentation Signing 
Key)" imported
   gpg: key DDFA1A3E36879494: "Qubes Master Signing Key" not changed
   gpg: key 1848792F9E2795E9: public key "Qubes OS Release 4 Signing Key" 
imported
   gpg: qubes-secpack/keys/release-keys/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key D655A4F21830E06A: public key "Marek Marczykowski-Górecki (Qubes 
security pack)" imported
   gpg: key ACC2602F3F48CB21: pub

[qubes-users] XSAs released on 2023-11-14

2023-11-14 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is affected* by at least one of these XSAs.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- [XSA-446](https://xenbits.xen.org/xsa/advisory-446.html)
  - For more information, see 
[QSB-096](https://www.qubes-os.org/news/2023/11/14/qsb-096/).

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- [XSA-445](https://xenbits.xen.org/xsa/advisory-445.html)
  - Qubes OS uses only "basic" quarantine mode.

## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/11/14/xsas-released-on-2023-11-14/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/a6750749-011a-4bbc-be8c-c5f1963c59b9%40qubes-os.org.


[qubes-users] QSB-096: BTC/SRSO fixes not fully effective (XSA-446)

2023-11-14 Thread Andrew David Wong
tures/#how-to-import-and-authenticate-the-qubes-master-signing-key).

   *Tip*: After you have authenticated the QMSK out-of-band to your 
satisfaction, record the QMSK fingerprint in a safe place (or several) so that 
you don't have to repeat this step in the future.

4. Once you are satisfied that you have the genuine QMSK, set its trust level 
to 5 ("ultimate"), then quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D: 1 signature not checked due to a missing key
   gpg: key FD64F4F9E9720C4D: public key "Zrubi (Qubes Documentation Signing 
Key)" imported
   gpg: key DDFA1A3E36879494: "Qubes Master Signing Key" not changed
   gpg: key 1848792F9E2795E9: public key "Qubes OS Release 4 Signing Key" 
imported
   gpg: qubes-secpack/keys/release-keys/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key D655A4F21830E06A: public key "Marek Marczykowski-Górecki (Qubes 
security pack)" imported
   gpg: key ACC2602F3F48CB21: public key "Qubes OS Security Team" imported
   gpg: qubes-secpack/keys/security-team/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 4AC18DE1112E1490: public key "Simon Gaiser (Qubes Security Pack 
signing key)" imported
   gpg: Total number processed: 17
   gpg:   imported: 16
   gpg:  unchanged: 1
   gpg: marginals needed: 3  completes needed: 1  trust model: pgp
   gpg: depth: 0  valid:   1  signed:   6  trust: 0-, 0q, 0n, 0m, 0f, 1u
   gpg: depth: 1  valid:   6  signed:   0  trust: 6-, 0q, 0n, 0m, 0f, 0u
   ```

7. Verify signed Git tags.


Re: [qubes-users] Fedora 37 approaching EOL

2023-10-22 Thread Andrew David Wong
On 10/22/23 8:31 AM, Ulrich Windl (Google) wrote:
> Hi!
> 
> Wondering about "Dom0 upgraded to Fedora 37 
> (#6982[https://github.com/QubesOS/qubes-issues/issues/6982])":
> Is it planned to upgrade before final release?
> 
> Regards,
> Ulrich
> 

No, please see our note on dom0 and EOL:

https://www.qubes-os.org/doc/supported-releases/#note-on-dom0-and-eol

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b6f8eff9-34f3-4ac8-b2f6-9cf1076d2ed1%40qubes-os.org.


[qubes-users] Qubes OS 4.2.0-rc4 is available for testing

2023-10-13 Thread Andrew David Wong
Dear Qubes Community,

We're pleased to announce that the fourth [release candidate 
(RC)](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for 
[testing](https://www.qubes-os.org/doc/testing/). The ISO and associated 
[verification files](https://www.qubes-os.org/security/verifying-signatures/) 
are available on the [downloads](https://www.qubes-os.org/downloads/) page.

## Main changes from RC3 to RC4

- Fixed: ["qvm-move fails, deletes origin file anyway" 
(#8516)](https://github.com/QubesOS/qubes-issues/issues/8516)
- Fixed: ["`90-default.policy` not upgraded after in-place upgrade from 4.1 to 
4.2" (#8458)](https://github.com/QubesOS/qubes-issues/issues/8458)
- Fixed: ["Qube Manager freezes while opening settings" 
(#8387)](https://github.com/QubesOS/qubes-issues/issues/8387)
- Fixed: ["Error when attempting to update dom0 in the Qube Manager" 
(#8117)](https://github.com/QubesOS/qubes-issues/issues/8117)
- Fixed: ["XScreenSaver & XScreenSaver Settings not opening window" 
(#8266)](https://github.com/QubesOS/qubes-issues/issues/8266)
- Fixed: ["Setting no-strict-reset option via salt on already attached devices 
doesn't work" (#8514)](https://github.com/QubesOS/qubes-issues/issues/8514)
- Fixed: ["qvm-copy-to-vm incorrect progress report" 
(#1519)](https://github.com/QubesOS/qubes-issues/issues/1519)
- Fixed: ["qubes-video-companion-receiver missing dependency on acl package" 
(#8426)](https://github.com/QubesOS/qubes-issues/issues/8426)
- Fixed: ["OpenBSD 7.3 ISO doesn't boot anymore" 
(#8502)](https://github.com/QubesOS/qubes-issues/issues/8502)
- Fixed: ["Kernel compile bogs down rest of system" 
(#8176)](https://github.com/QubesOS/qubes-issues/issues/8176)
- Fixed: ["rpm-oxide makes unjustified assumptions about RPM ABI" 
(#8522)](https://github.com/QubesOS/qubes-issues/issues/8522)
- Fixed: ["yk-auth YubiKey PAM script incorrectly expects \0 to be appended to 
hash" (#8517)](https://github.com/QubesOS/qubes-issues/issues/8517)
- Fixed: ["Qubes Application Menu isn't updated when using salt to modify 
menu-items" (#8494)](https://github.com/QubesOS/qubes-issues/issues/8494)
- Fixed: ["Different values for `menu-items` and `default-menu-items` are not 
preserved when cloning templates" 
(#8518)](https://github.com/QubesOS/qubes-issues/issues/8518)
- Fixed: ["Fix handling of menu items in GUI VM" 
(#8528)](https://github.com/QubesOS/qubes-issues/issues/8528)
- Fixed: ["Firefox does not start on 4.2-rc3 after upgrading template" 
(#8571)](https://github.com/QubesOS/qubes-issues/issues/8571)
- Fixed: ["Qubes R4.2.0-rc2 Qubes OS Global Config tool not see qubes-u2f 
installed in sys-usb" 
(#8463)](https://github.com/QubesOS/qubes-issues/issues/8463)
- Fixed: ["global config: policy rules for U2F incorrectly assume wildcard 
argument" (#8525)](https://github.com/QubesOS/qubes-issues/issues/8525)
- Fixed: ["Pipewire on some systems causes a lot of underruns" 
(#8576)](https://github.com/QubesOS/qubes-issues/issues/8576)
- Fixed: ["Listing PCI devices breaks when there is some with non- PCI 
domain" (#6932)](https://github.com/QubesOS/qubes-issues/issues/6932)
- Done: ["Prepare R4.1 -> R4.2 upgrade tool" 
(#7832)](https://github.com/QubesOS/qubes-issues/issues/7832)
- Done: ["Phase out legacy qrexec policy files" 
(#8000)](https://github.com/QubesOS/qubes-issues/issues/8000)
- Done: ["Better qrexec service configuration format" 
(#8153)](https://github.com/QubesOS/qubes-issues/issues/8153)
- Done: ["QRexec services should be able to specify the user they must run as" 
(#6354)](https://github.com/QubesOS/qubes-issues/issues/6354)
- Done: ["Qube Manager: Enable the 'restart qube' button for named disposables" 
(#8382)](https://github.com/QubesOS/qubes-issues/issues/8382)
- Done: ["Utilize memory hotplug to add VM memory by qmemman" 
(#7956)](https://github.com/QubesOS/qubes-issues/issues/7956)

For an overview of major changes from Qubes 4.1 to 4.2, please see the [Qubes 
OS 4.2.0 release 
notes](https://www.qubes-os.org/doc/releases/4.2/release-notes/).

## When is the stable release?

That depends on the number of bugs discovered in this RC and their severity. As 
explained in our [release 
schedule](https://www.qubes-os.org/doc/version-scheme/#release-schedule) 
documentation, our usual process after issuing a new RC is to collect bug 
reports, triage the bugs, and fix them. This usually takes around five weeks, 
depending on the bugs discovered. If warranted, we then issue a new RC that 
includes the fixes and repeat the whole process again. We continue this 
iterative procedure until we're left with an RC that's good enough to be 
declared the stable release. No one can predict, at the outset, how many 
iterations will be required (and hence how many RCs will be needed before a 
stable release), but we tend to get a clearer picture of this with each 
successive RC, which we share in this section in each RC announcement. Here is 
the latest update:

At this point, we are hopeful 

[qubes-users] Fedora 37 approaching EOL

2023-10-12 Thread Andrew David Wong
Dear Qubes Community,

Fedora 37 is currently 
[scheduled](https://fedorapeople.org/groups/schedule/f-39/f-39-key-tasks.html) 
to reach EOL ([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 
2023-11-21. We strongly recommend that all users 
[upgrade](https://www.qubes-os.org/doc/templates/fedora/#upgrading) their 
Fedora templates and standalones to [Fedora 
38](https://www.qubes-os.org/news/2023/05/26/fedora-38-templates-available/) 
before then. For more information, see [Upgrading to avoid 
EOL](https://www.qubes-os.org/doc/how-to-update/#upgrading-to-avoid-eol).

There are two ways to upgrade your template to a new Fedora release:

- *Recommended*: [Install a fresh template to replace the existing 
one.](https://www.qubes-os.org/doc/templates/fedora/#installing) *This option 
may be simpler for less experienced users.* After you install the new template, 
redo all desired template modifications and [switch everything that was set to 
the old template to the new 
template](https://www.qubes-os.org/doc/templates/#switching). You may want to 
write down the modifications you make to your templates so that you remember 
what to redo on each fresh install. To see a log of package manager actions, 
open a terminal in the old Fedora template and use the `dnf history` command.

- *Advanced*: [Perform an in-place upgrade of an existing Fedora 
template.](https://www.qubes-os.org/doc/templates/fedora/in-place-upgrade/) 
This option will preserve any modifications you've made to the template, *but 
it may be more complicated for less experienced users.*

For a complete list of template releases that are supported for your specific 
Qubes release, see our [supported template 
releases](https://www.qubes-os.org/doc/supported-releases/#templates). Please 
note that no user action is required regarding the OS version in dom0 (see our 
[note on dom0 and 
EOL](https://www.qubes-os.org/doc/supported-releases/#note-on-dom0-and-eol)).


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/10/12/fedora-37-approaching-eol/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/24a1cbd8-c6e8-46fb-839b-57af7a3086f2%40qubes-os.org.


[qubes-users] XSAs released on 2023-10-10

2023-10-10 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is affected*.
Therefore, *user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- [XSA-442](https://xenbits.xen.org/xsa/advisory-442.html)
  - Please see [QSB-095](https://www.qubes-os.org/news/2023/10/10/qsb-095/) for 
details.

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- [XSA-440](https://xenbits.xen.org/xsa/advisory-440.html)
  - Denial of service (DoS) only
- [XSA-441](https://xenbits.xen.org/xsa/advisory-441.html)
  - Denial of service (DoS) only
- [XSA-443](https://xenbits.xen.org/xsa/advisory-443.html)
  - Qubes OS does not use pygrub.
- [XSA-444](https://xenbits.xen.org/xsa/advisory-444.html)
  - Denial of service (DoS) only

## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/10/10/xsas-released-on-2023-10-10/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7cdb04e5-735c-4eb9-bdf5-9f77b48d1127%40qubes-os.org.


[qubes-users] QSB-095: Missing IOMMU TLB flushing on x86 AMD systems

2023-10-10 Thread Andrew David Wong
n quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D: 1 signature not checked due to a missing key
   gpg: key FD64F4F9E9720C4D: public key "Zrubi (Qubes Documentation Signing 
Key)" imported
   gpg: key DDFA1A3E36879494: "Qubes Master Signing Key" not changed
   gpg: key 1848792F9E2795E9: public key "Qubes OS Release 4 Signing Key" 
imported
   gpg: qubes-secpack/keys/release-keys/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key D655A4F21830E06A: public key "Marek Marczykowski-Górecki (Qubes 
security pack)" imported
   gpg: key ACC2602F3F48CB21: public key "Qubes OS Security Team" imported
   gpg: qubes-secpack/keys/security-team/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 4AC18DE1112E1490: public key "Simon Gaiser (Qubes Security Pack 
signing key)" imported
   gpg: Total number processed: 17
   gpg:   imported: 16
   gpg:  unchanged: 1
   gpg: marginals needed: 3  completes needed: 1  trust model: pgp
   gpg: depth: 0  valid:   1  signed:   6  trust: 0-, 0q, 0n, 0m, 0f, 1u
   gpg: depth: 1  valid:   6  signed:   0  trust: 6-, 0q, 0n, 0m, 0f, 0u
   ```

7. Verify signed Git tags.

   ```shell_session
   $ cd qubes-secpack/
   $ git tag -v `git describe`
   object 266e14a6fae57c9a91362c9ac784d3a891f4d351
   type commit
   tag marmarek_sec_266e14a6
   tagger Marek Marczykowski-Górecki 1677757924 +0100
   
   Tag for commit 266e14a6fae57c9a91362c9ac784d3a891f4d351
   gpg: Signature made Thu 02 Mar 2023 03:52:04 AM PST
   gpg:using RSA key 2D1771FE4D767EDC76B089FAD655A4

[qubes-users] XSAs released on 2023-09-25

2023-09-27 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is affected*.
Therefore, *user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- [XSA-439](https://xenbits.xen.org/xsa/advisory-439.html)
  - Please see [QSB-094](https://www.qubes-os.org/news/2023/09/27/qsb-094/) for 
details.

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- (none)

## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/09/27/xsas-released-on-2023-09-25/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5c334e27-25fb-4b75-16da-def3dbf8a298%40qubes-os.org.


[qubes-users] QSB-094: x86/AMD: Divide speculative information leak

2023-09-27 Thread Andrew David Wong
w far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D: 1 signature not checked due to a missing key
   gpg: key FD64F4F9E9720C4D: public key "Zrubi (Qubes Documentation Signing 
Key)" imported
   gpg: key DDFA1A3E36879494: "Qubes Master Signing Key" not changed
   gpg: key 1848792F9E2795E9: public key "Qubes OS Release 4 Signing Key" 
imported
   gpg: qubes-secpack/keys/release-keys/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key D655A4F21830E06A: public key "Marek Marczykowski-Górecki (Qubes 
security pack)" imported
   gpg: key ACC2602F3F48CB21: public key "Qubes OS Security Team" imported
   gpg: qubes-secpack/keys/security-team/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 4AC18DE1112E1490: public key "Simon Gaiser (Qubes Security Pack 
signing key)" imported
   gpg: Total number processed: 17
   gpg:   imported: 16
   gpg:  unchanged: 1
   gpg: marginals needed: 3  completes needed: 1  trust model: pgp
   gpg: depth: 0  valid:   1  signed:   6  trust: 0-, 0q, 0n, 0m, 0f, 1u
   gpg: depth: 1  valid:   6  signed:   0  trust: 6-, 0q, 0n, 0m, 0f, 0u
   ```

7. Verify signed Git tags.

   ```shell_session
   $ cd qubes-secpack/
   $ git tag -v `git describe`
   object 266e14a6fae57c9a91362c9ac784d3a891f4d351
   type commit
   tag marmarek_sec_266e14a6
   tagger Marek Marczykowski-Górecki 1677757924 +0100
   
   Tag for commit 266e14a6fae57c9a91362c9ac784d3a891f4d351
   gpg: Signature made Thu 02 Mar 2023 03:52:04 AM PST
   gpg:using RSA key 2D1771FE4D767EDC76B089FAD655A4F21830E06A
   gpg: Good signature from "Marek Marczykowski-Górecki (Qubes security pack)" 
[full]
   ```

   The exact output will differ, but the final line should always start with 
`gpg: Good signature from...` followed by an appropriate key. The `[full]` 

Re: [qubes-users] Update problem with a 'debian-12-minimal' based template

2023-09-27 Thread Andrew David Wong
On 9/26/23 10:29 PM, Viktor Ransmayr wrote:
> Hello community,
> 
> I've started to update my Debian-based VMs from 11 to 12.
> 
> As part of this exercise, I also switched from 'debian-11' to 
> 'debian-12-minimal' as the initial template to clone from.
> 
> In general I'm quite happy with the results in one working Test-VM. - 
> However, when the system tries to update the new template, I consistently 
> get the following error:
> 
> 
> 
> Updating debian-12-vrsq
> 
> Error on updating debian-12-vrsq: Command '['sudo', 'qubesctl', 
> '--skip-dom0', '--targets=debian-12-vrsq', '--show-output', 'state.sls', 
> 'update.qubes-vm']' returned non-zero exit status 20.
> debian-12-vrsq:
>   --
>   _error:
>   Failed to return clean data
>   retcode:
>   1
>   stderr:
>   Traceback (most recent call last):
> File "/var/tmp/.root_dd8a91_salt/salt-call", line 27, in 
> 
>   salt_call()
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/scripts.py", line 
> 437, in salt_call
>   import salt.cli.call
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/cli/call.py", line 
> 3, in 
>   import salt.cli.caller
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/cli/caller.py", 
> line 12, in 
>   import salt.channel.client
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/channel/client.py", 
> line 13, in 
>   import salt.crypt
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/crypt.py", line 26, 
> in 
>   import salt.payload
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/payload.py", line 
> 12, in 
>   import salt.loader.context
> File 
> "/var/tmp/.root_dd8a91_salt/pyall/salt/loader/__init__.py", line 15, in 
> 
>   import salt.config
> File 
> "/var/tmp/.root_dd8a91_salt/pyall/salt/config/__init__.py", line 107, in 
> 
>   _DFLT_IPC_WBUFFER = int(_gather_buffer_space() * 0.5)
>   ^^
> File 
> "/var/tmp/.root_dd8a91_salt/pyall/salt/config/__init__.py", line 95, in 
> _gather_buffer_space
>   import salt.grains.core
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/grains/core.py", 
> line 30, in 
>   import salt.modules.cmdmod
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/modules/cmdmod.py", 
> line 32, in 
>   import salt.utils.templates
> File 
> "/var/tmp/.root_dd8a91_salt/pyall/salt/utils/templates.py", line 21, in 
> 
>   import salt.utils.http
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/utils/http.py", 
> line 27, in 
>   import salt.ext.tornado.simple_httpclient
> File 
> "/var/tmp/.root_dd8a91_salt/pyall/salt/ext/tornado/simple_httpclient.py", 
> line 9, in 
>   from salt.ext.tornado.http1connection import HTTP1Connection, 
> HTTP1ConnectionParameters
> File 
> "/var/tmp/.root_dd8a91_salt/pyall/salt/ext/tornado/http1connection.py", 
> line 31, in 
>   from salt.ext.tornado import iostream
> File 
> "/var/tmp/.root_dd8a91_salt/pyall/salt/ext/tornado/iostream.py", line 42, 
> in 
>   import urllib3.util.ssl_match_hostname
>   ModuleNotFoundError: No module named 'urllib3'
>   [ERROR   ] An un-handled exception was caught by Salt's global 
> exception handler:
>   ModuleNotFoundError: No module named 'urllib3'
>   Traceback (most recent call last):
> File "/var/tmp/.root_dd8a91_salt/salt-call", line 27, in 
> 
>   salt_call()
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/scripts.py", line 
> 437, in salt_call
>   import salt.cli.call
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/cli/call.py", line 
> 3, in 
>   import salt.cli.caller
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/cli/caller.py", 
> line 12, in 
>   import salt.channel.client
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/channel/client.py", 
> line 13, in 
>   import salt.crypt
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/crypt.py", line 26, 
> in 
>   import salt.payload
> File "/var/tmp/.root_dd8a91_salt/pyall/salt/payload.py", line 
> 12, in 
>   import salt.loader.context
> File 
> "/var/tmp/.root_dd8a91_salt/pyall/salt/loader/__init__.py", line 15, in 
> 
>   import salt.config
> File 
> "/var/tmp/.root_dd8a91_salt/pyall/salt/config/__init__.py", line 107, in 
> 
>   _DFLT_IPC_WBUFFER = int(_gather_buffer_space() * 0.5)
>   ^^
> File 
> "/var/tmp/.root_dd8a91_salt/pyall/salt/config/__init__.py", line 95, in 
> _gather_buffer_space
>   import 

[qubes-users] XSAs released on 2023-09-20

2023-09-20 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is not affected*.
Therefore, *no user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- (none)

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- [XSA-438](https://xenbits.xen.org/xsa/advisory-438.html)
  - Shadow paging is not built-in.

## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/09/20/xsas-released-on-2023-09-20/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6fc17a42-23b1-dc44-1886-48c6c0e7e174%40qubes-os.org.


[qubes-users] Tickets for Qubes OS Summit 2023 are now available!

2023-09-19 Thread Andrew David Wong
Dear Qubes Community,

The following announcement is from 3mdeb:

[![Tickets are available for Qubes OS Summit 
2023](https://www.qubes-os.org/attachment/posts/qubes-os-summit-2023-tickets.png)](https://www.qubes-os.org/attachment/posts/qubes-os-summit-2023-tickets.png)

We have options for everyone:

- Virtual Qubes Pass for online attendees
- On-site Qubes Pass for those ready to join us in Berlin

Number of the On-site Qubes Passes is limited, so book only if you will be 
there. Both tickets are free. Read more at: 


Have insights to share?   
Want to be a sponsor? 


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/09/19/tickets-for-qubes-os-summit-2023-now-available/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/67264932-83a1-a0f8-390a-a117cfc5423a%40qubes-os.org.


[qubes-users] Qubes Canary 036

2023-09-13 Thread Andrew David Wong
just 
imported is the genuine QMSK or a forgery. In order for this entire procedure 
to provide meaningful security benefits, you *must* authenticate the QMSK 
out-of-band. *Do not skip this step*! The standard method is to obtain the QMSK 
fingerprint from *multiple independent sources in several different ways* and 
check to see whether they match the key you just imported. See 
[here](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-the-qubes-master-signing-key)
 for more details and ideas for how to do that.

   *Tip*: Record the genuine QMSK fingerprint in a safe place (or several) so 
that you don't have to repeat this step in the future.

4. Once you are satisfied that you have the genuine QMSK, set its trust level 
to 5 ("ultimate"), then quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D: 1 signature not checked due to a missing key
   gpg: key FD64F4F9E9720C4D: public key "Zrubi (Qubes Documentation Signing 
Key)" imported
   gpg: key DDFA1A3E36879494: "Qubes Master Signing Key" not changed
   gpg: key 1848792F9E2795E9: public key "Qubes OS Release 4 Signing Key" 
imported
   gpg: qubes-secpack/keys/release-keys/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key D655A4F21830E06A: public key "Marek Marczykowski-Górecki (Qubes 
security pack)" imported
   gpg: key ACC2602F3F48CB21: public key "Qubes OS Security Team" imported
   gpg: qubes-secpack/keys/security-team/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 4AC18DE1112E1490: public key "Simon Gaiser (Qubes Security

Re: [qubes-users] Re: The NitroPC Pro is Qubes-certified!

2023-09-07 Thread Andrew David Wong
On 9/7/23 1:38 PM, Leo28C wrote:
> Is it "not certified" as in it doesn't run at all, or is it just to stop
> people from paying an extra 3 grand when the OS is software-rendered?
> 

When Nitrokey asked for the NitroPC Pro to be Qubes-certified, they did not ask 
for any discrete graphics configurations to be included in the evaluation, so 
the Qubes hardware certification team has not tested any such configuration.

On 9/7/23 5:15 PM, Sven Semmler wrote:
> Certification includes giving one machine to the Qubes OS team, so it can be 
> used in ongoing regression testing. It appears Nitrokey has provided the 
> variant without the discrete GPU [...]
> 

This is correct, except that it is actually two units:

https://www.qubes-os.org/doc/certified-hardware/#hardware-certification-process

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d04e85fb-dc7b-d55c-4429-0a07e7791af8%40qubes-os.org.


[qubes-users] Re: The NitroPC Pro is Qubes-certified!

2023-09-07 Thread Andrew David Wong
On 9/6/23 10:57 AM, Andrew David Wong wrote:
> Dear Qubes Community,
> 
> It is our pleasure to announce that the [NitroPC 
> Pro](https://shop.nitrokey.com/shop/product/nitropc-pro-523) is [officially 
> certified](https://www.qubes-os.org/doc/certified-hardware/) for Qubes OS 
> Release 4!
> 
> ## The NitroPC Pro: a secure, powerful workstation
> 
> The [NitroPC Pro](https://shop.nitrokey.com/shop/product/nitropc-pro-523) is 
> a workstation for high security and performance requirements. The open-source 
> [Dasharo coreboot](https://github.com/Dasharo/coreboot) firmware ensures high 
> transparency and security while avoiding backdoors and security holes in the 
> firmware. The device is certified for compatibility with Qubes OS 4.X by the 
> Qubes developers. Carefully selected components ensure high performance, 
> stability, and durability. The Dasharo Entry Subscription guarantees 
> continuous firmware development and fast firmware updates. 
> 
> [![Photo of NitroPC 
> Pro](https://www.qubes-os.org/attachment/posts/nitropc-pro.jpg)](https://shop.nitrokey.com/shop/product/nitropc-pro-523)
> 
> Here's a summary of the main component options available for this mid-tower 
> desktop PC:
> 
> | Component| Options  
> |
> |- | 
>  |
> | Motherboard  | MSI PRO Z690-A DDR5 (Wi-Fi optional) 
> |
> | Processor| 12th Generation Intel Core i5-12600K or 
> i9-12900K|
> | Memory   | 16 GB to 128 GB DDR5 
> |
> | NVMe storage (optional)  | Up to two NVMe PCIe 4.0 x4 SSDs, up to 2 TB 
> each |
> | SATA storage (optional)  | Up to two SATA SSDs, up to 7.68 TB each  
> |
> | Integrated graphics  | Intel UHD 770
> |
> | Discrete graphics (optional) | Nvidia Geforce RTX 4070 or 4090  
> |
> | Wireless (optional)  | Wi-Fi 6E, 2400 Mbps, 802.11/a/b/g/n/ac/ax, 
> Bluetooth 5.2 |
> | Operating system (optional)  | Qubes OS 4.1 or Ubuntu 22.04 LTS 
> |
> 
> [...]
> 

*Important addendum*: As indicated in the table above, when configuring your 
NitroPC Pro on the Nitrokey website, there is an option for a discrete graphics 
card (e.g., Nvidia GeForce RTX 4070 or 4090) in addition to integrated graphics 
(e.g., Intel UHD 770, which is always included because it is physically built 
into the CPU). Please note that NitroPC Pro configurations that include 
discrete graphics cards are *not* Qubes-certified. The only NitroPC Pro 
configurations that are Qubes-certified are those that contain *only* 
integrated graphics.

> 
> This announcement is also available on the Qubes website:
> https://www.qubes-os.org/news/2023/09/06/nitropc-pro-qubes-certified/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/43000146-1ac7-8419-0e9f-9565f970db97%40qubes-os.org.


[qubes-users] XSAs released on 2023-09-05

2023-09-05 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is not affected*.
Therefore, *no user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- (none)

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- [XSA-437](https://xenbits.xen.org/xsa/advisory-437.html)
  - This affects only 32-bit ARM processors, which Qubes OS does not support.

## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/09/05/xsas-released-on-2023-09-05/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/39fa7f7b-7920-c77e-18e5-4ffac09ea7a2%40qubes-os.org.


[qubes-users] Qubes OS 4.2.0-rc3 is available for testing

2023-09-03 Thread Andrew David Wong
Dear Qubes Community,

We're pleased to announce that the third [release candidate 
(RC)](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available for 
[testing](https://www.qubes-os.org/doc/testing/). The ISO and associated 
[verification files](https://www.qubes-os.org/security/verifying-signatures/) 
are available on the [downloads](https://www.qubes-os.org/downloads/) page.

## Explanation for the early RC

We [announced 
RC2](https://www.qubes-os.org/news/2023/08/28/qubes-os-4-2-0-rc2-available-for-testing/)
 approximately one week ago. Normally, RC2 would have been tested for 
[approximately five 
weeks](https://www.qubes-os.org/doc/version-scheme/#release-schedule) before we 
announced RC3. However, RC2 contained several bugs (listed below), some of 
which prevented certain users from testing it. These bugs have been fixed in 
RC3. We've decided to release RC3 early, as an exception to our usual policy, 
in order to get these fixes out as quickly as possible so that more users can 
test 4.2 for longer before the eventual stable release.

## Main changes from RC2 to RC3

- Fixed: ["Installer in R4.2 does not warn about incompatible hardware" 
(#8345)](https://github.com/QubesOS/qubes-issues/issues/8345)
- Fixed: ["Wi-Fi firmware missing from default templates on 4.2.0-rc2 ISO" 
(#8452)](https://github.com/QubesOS/qubes-issues/issues/8452)
- Fixed: ["Qubes R4.2.0-rc2 cannot be installed on legacy BIOS system" 
(#8462)](https://github.com/QubesOS/qubes-issues/issues/8462)
- Fixed: ["R4.2 (rc1, rc2) unable to boot on Thinkpad T430 when UEFI is 
enabled" (#8464)](https://github.com/QubesOS/qubes-issues/issues/8464)

For an overview of major changes from Qubes 4.1 to 4.2, please see the [Qubes 
OS 4.2.0 release 
notes](https://www.qubes-os.org/doc/releases/4.2/release-notes/).

## When is the stable release?

That depends on the number of bugs discovered in this RC and their severity. As 
explained in our [release 
schedule](https://www.qubes-os.org/doc/version-scheme/#release-schedule) 
documentation, our usual process after issuing a new RC is to collect bug 
reports, triage the bugs, and fix them. This usually takes around five weeks, 
depending on the bugs discovered. If warranted, we then issue a new RC that 
includes the fixes and repeat the whole process again. We continue this 
iterative procedure until we're left with an RC that's good enough to be 
declared the stable release. No one can predict, at the outset, how many 
iterations will be required (and hence how many RCs will be needed before a 
stable release), but we tend to get a clearer picture of this with each 
successive RC, which we share in this section in each RC announcement.

At this point, we can say that there will be at least one more RC after this 
one.

## Testing Qubes 4.2.0-rc3

Thank you to everyone who tested the previous Qubes 4.2.0 RCs! Due to your 
efforts, this new RC includes fixes for several bugs that were present in the 
previous RCs.

If you're willing to [test](https://www.qubes-os.org/doc/testing/) this new RC, 
you can help us improve the eventual stable release by [reporting any bugs you 
encounter](https://www.qubes-os.org/doc/issue-tracking/). We encourage 
experienced users to join the [testing 
team](https://forum.qubes-os.org/t/joining-the-testing-team/5190).

A full list of issues affecting Qubes 4.2.0 is available 
[here](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+label%3Aaffects-4.2).
 We strongly recommend [updating Qubes 
OS](https://www.qubes-os.org/doc/how-to-update/) immediately after installation 
in order to apply all available bug fixes.

## Upgrading to Qubes 4.2.0-rc3

If you're currently running any Qubes 4.2.0 RC, you can upgrade to the latest 
RC by [updating normally](https://www.qubes-os.org/doc/how-to-update/). 
However, please note that there have been some recent template changes, which 
are detailed in the [Qubes OS 4.2.0 release 
notes](https://www.qubes-os.org/doc/releases/4.2/release-notes/).

If you're currently on Qubes 4.1 and wish to test 4.2, please see [how to 
upgrade to Qubes 4.2](https://www.qubes-os.org/doc/upgrade/4.2/), which details 
both clean installation and in-place upgrade options. As always, we strongly 
recommend [making a full 
backup](https://www.qubes-os.org/doc/how-to-back-up-restore-and-migrate/) 
beforehand.

## Reminder: new signing key for Qubes OS 4.2

As a reminder, we published the following special announcement in [Qubes Canary 
032](https://www.qubes-os.org/news/2022/09/14/canary-032/) on 2022-09-14:

> We plan to create a new Release Signing Key (RSK) for Qubes OS 4.2. Normally, 
> we have only one RSK for each major release. However, for the 4.2 release, we 
> will be using Qubes Builder version 2, which is a complete rewrite of the 
> Qubes Builder. Out of an abundance of caution, we would like to isolate the 
> build processes of the current stable 4.1 release and the upcoming 4.2 
> release from each other at the 

Re: [qubes-users] Error installing Debian-12 template

2023-08-28 Thread Andrew David Wong
On 8/28/23 1:53 PM, Ulrich Windl wrote:
> Hi!
> 
> Following the instructions at 
> https://www.qubes-os.org/doc/templates/debian/#installing I repeatedly got 
> this error messages:
> 
> $ sudo qubes-dom0-update qubes-template-debian-12
> Redirecting to 'qvm-template install  debian-12'
> Downloading 'qubes-template-debian-12-0:4.0.6-202307240307'...
> qubes-template-debian-12-0:4.0.6-202307240307:   0%| | 0.00/1.50G [00:00 ?B/sError canonicalizing file: failed to fill whole buffer
> qubes-template-debian-12-0:4.0.6-202307240307:   0%| | 0.00/1.50G [00:00 ?B/s
> 'qubes-template-debian-12-0:4.0.6-202307240307' download failed, retrying...
> qubes-template-debian-12-0:4.0.6-202307240307:   0%| | 0.00/1.50G [00:00 ?B/sError canonicalizing file: failed to fill whole buffer
> qubes-template-debian-12-0:4.0.6-202307240307:   0%| | 0.00/1.50G [00:00 ?B/s
> 'qubes-template-debian-12-0:4.0.6-202307240307' download failed, retrying...
> qubes-template-debian-12-0:4.0.6-202307240307:   0%| | 0.00/1.50G [00:00 ?B/sError canonicalizing file: failed to fill whole buffer
> qubes-template-debian-12-0:4.0.6-202307240307:   0%| | 0.00/1.50G [00:00 ?B/s
> 'qubes-template-debian-12-0:4.0.6-202307240307' download failed, retrying...
> qubes-template-debian-12-0:4.0.6-202307240307:   0%| | 0.00/1.50G [00:00 ?B/sError canonicalizing file: failed to fill whole buffer
> qubes-template-debian-12-0:4.0.6-202307240307:   0%| | 0.00/1.50G [00:01 ?B/s
> 'qubes-template-debian-12-0:4.0.6-202307240307' download failed, retrying...
> qubes-template-debian-12-0:4.0.6-202307240307:   0%| | 0.00/1.50G [00:00 ?B/sError canonicalizing file: failed to fill whole buffer
> qubes-template-debian-12-0:4.0.6-202307240307:   0%| | 0.00/1.50G [00:00 ?B/s
> Error: 'qubes-template-debian-12-0:4.0.6-202307240307' download failed.
> 
> I have no idea what might be wrong. Most likely the instructions are 
> incomplete.
> 
> 
> Kind regards,
> 
> Ulrich
> 

Marek posted about this on the forum:

https://forum.qubes-os.org/t/debian-12-templates-available/20604/9

I think it should be working now, since it's past 22:00 UTC. Could you try 
again?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/af000bcf-e6ff-2f5e-ffc2-9f45a69fb85b%40qubes-os.org.


[qubes-users] Qubes OS 4.2.0-rc2 is available for testing

2023-08-28 Thread Andrew David Wong
Dear Qubes Community,

We're pleased to announce that the second [release 
candidate](#what-is-a-release-candidate) (RC) for Qubes OS 4.2.0 is now 
available for [testing](https://www.qubes-os.org/doc/testing/). Qubes 4.2.0-rc2 
is available on the [downloads](https://www.qubes-os.org/downloads/) page.

## What's new in Qubes 4.2.0-rc2?

- Dom0 upgraded to Fedora 37
- Xen updated to version 4.17
- Default Debian template upgraded to Debian 12
- Default Fedora and Debian templates use Xfce instead of GNOME
- SELinux support in Fedora templates
- Several GUI applications rewritten, including:
  - Applications Menu
  - Qubes Global Settings
  - Create New Qube
  - Qubes Update
- Unified `grub.cfg` location for both UEFI and legacy boot
- PipeWire support
- fwupd integration for firmware updates
- Optional automatic clipboard clearing
- Official packages built using Qubes Builder v2
- Split GPG and Split SSH management in Qubes Global Settings

Please see the [Qubes OS 4.2.0 release 
notes](https://www.qubes-os.org/doc/releases/4.2/release-notes/) for details.

## When is the stable release?

That depends on the number of bugs discovered in this release candidate and 
their severity. As explained in our [release 
schedule](https://www.qubes-os.org/doc/version-scheme/#release-schedule) 
documentation, our usual process after issuing a new release candidate is to 
collect bug reports, triage the bugs, and fix them. This usually takes around 
five weeks, depending on the bugs discovered. If warranted, we then issue a new 
release candidate that includes the fixes and repeat the whole process again. 
We continue this iterative procedure until we're left with a release candidate 
that's good enough to be declared the stable release. No one can predict, at 
the outset, how many iterations will be required (and hence how many release 
candidates will be needed before a stable release), but we tend to get a 
clearer picture of this with each successive release candidate, which we'll 
share in this section in future release candidate announcements. The feedback 
we receive on this release candidate will determine whether another one is 
required.

## Testing Qubes 4.2.0-rc2

Thank you to everyone who tested 4.2.0-rc1! Due to your efforts, this new 
release candidate includes fixes for several bugs that were present in the 
first release candidate.

If you're willing to [test](https://www.qubes-os.org/doc/testing/) this new 
release candidate, you can help us improve the eventual stable release by 
[reporting any bugs you 
encounter](https://www.qubes-os.org/doc/issue-tracking/). We encourage 
experienced users to join the [testing 
team](https://forum.qubes-os.org/t/joining-the-testing-team/5190).

A full list of issues affecting Qubes 4.2.0 is available 
[here](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+label%3Aaffects-4.2).
 We strongly recommend [updating Qubes 
OS](https://www.qubes-os.org/doc/how-to-update/) immediately after installation 
in order to apply all available bug fixes.

## Upgrading to Qubes 4.2.0-rc2

[In-place upgrades from Qubes 4.1 to Qubes 
4.2](https://www.qubes-os.org/doc/upgrade/4.2/) are now implemented and ready 
for testing! As always, we strongly recommend [making a full 
backup](https://www.qubes-os.org/doc/how-to-back-up-restore-and-migrate/) 
beforehand.

Current Qubes 4.2.0-rc1 systems should be [updated 
normally](https://www.qubes-os.org/doc/how-to-update/), but please note that 
some templates have changed from the first release candidate. These changes are 
listed [above](#whats-new-in-qubes-420-rc2).

## Reminder: new signing key for Qubes OS 4.2

As a reminder, we published the following special announcement in [Qubes Canary 
032](https://www.qubes-os.org/news/2022/09/14/canary-032/) on 2022-09-14:

> We plan to create a new Release Signing Key (RSK) for Qubes OS 4.2. Normally, 
> we have only one RSK for each major release. However, for the 4.2 release, we 
> will be using Qubes Builder version 2, which is a complete rewrite of the 
> Qubes Builder. Out of an abundance of caution, we would like to isolate the 
> build processes of the current stable 4.1 release and the upcoming 4.2 
> release from each other at the cryptographic level in order to minimize the 
> risk of a vulnerability in one affecting the other. We are including this 
> notice as a canary special announcement since introducing a new RSK for a 
> minor release is an exception to our usual RSK management policy.

As always, we encourage you to 
[authenticate](https://www.qubes-os.org/security/pack/#how-to-obtain-and-authenticate)
 this canary by [verifying its PGP 
signatures](https://www.qubes-os.org/security/verifying-signatures/). Specific 
instructions are also included in the [canary 
announcement](https://www.qubes-os.org/news/2022/09/14/canary-032/).

As with all Qubes signing keys, we also encourage you to 

[qubes-users] Re: Debian 12 templates available

2023-08-27 Thread Andrew David Wong
> [supported template releases]

Link: https://www.qubes-os.org/doc/supported-releases/#templates

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d7c83cfc-b52c-3edb-4edd-1b174d658fb9%40qubes-os.org.


[qubes-users] Debian 12 templates available

2023-08-27 Thread Andrew David Wong
Dear Qubes Community,

The following new templates are now available:

*Qube OS 4.1*
- Debian 12
- Debian 12 [minimal](https://www.qubes-os.org/doc/templates/minimal/)

*Qubes OS 4.2-rc1*
- Debian 12
- Debian 12 [minimal](https://www.qubes-os.org/doc/templates/minimal/)
- Debian 12 [Xfce](https://www.qubes-os.org/doc/templates/xfce/)

There are two ways to upgrade your template to a new Debian release:

- *Recommended*: [Install a fresh template to replace the existing 
one.](https://www.qubes-os.org/doc/templates/debian/#installing) *This option 
may be simpler for less experienced users.* After you install the new template, 
redo all desired template modifications and [switch everything that was set to 
the old template to the new 
template](https://www.qubes-os.org/doc/templates/#switching). You may want to 
write down the modifications you make to your templates so that you remember 
what to redo on each fresh install. In the old Debian template, see 
`/var/log/dpkg.log` and `/var/log/apt/history.log` for logs of package manager 
actions.

- *Advanced*: [Perform an in-place upgrade of an existing Debian 
template.](https://www.qubes-os.org/doc/templates/debian/in-place-upgrade/) 
This option will preserve any modifications you've made to the template, *but 
it may be more complicated for less experienced users.*

For a complete list of template releases that are supported for your specific 
Qubes release, see our [supported template releases]. Please note that no user 
action is required regarding the OS version in dom0 (see our [note on dom0 and 
EOL](https://www.qubes-os.org/doc/supported-releases/#note-on-dom0-and-eol)).


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/08/27/debian-12-templates-available/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/dd4c2c8f-a747-be3c-63b4-5eacf2365dc8%40qubes-os.org.


Re: [qubes-users] "GVFS is not available"

2023-08-27 Thread Andrew David Wong
On 8/27/23 10:43 AM, Demi Marie Obenour wrote:
> On Sat, Aug 26, 2023 at 10:39:22PM -0700, Andrew David Wong wrote:
>> On 8/26/23 8:55 AM, ales...@magenta.de wrote:
>>> Steve Coleman:
>>>>
>>>>
>>>> On Sat, Aug 12, 2023, 12:54 PM >>> <mailto:ales...@magenta.de>> wrote:
>>>>
>>>> ales...@magenta.de <mailto:ales...@magenta.de>:
>>>>  > I am using a fresh installation of Qubes 4.1.1.
>>>>  >
>>>>  > When I use the File Manager Preferences tab there is a message
>>>>  > indicating that GVFS is not available.
>>>>
>>>>
>>>> You need to install the gvfs package in the template you are using for 
>>>> your AppVM.
>>>>
>>>> It's not a standard package installed by default because it relies on many 
>>>> other packages. Do a search in your flavor repository (fedora,debian,etc) 
>>>> for the package and install it in your template, and then restart your 
>>>> AppVM.
>>>>
>>>>
>>>> https://wiki.gnome.org/Projects/gvfs <https://wiki.gnome.org/Projects/gvfs>
>>>
>>> But this is not an AppVM or a template, I think. I am seeing this message 
>>> from Dom0 environment.
>>>
>>> Troubleshooting Steps:
>>> a) Boot Qubes 4 and enter password to start login session
>>> b) Open Qubes menu in top panel
>>> c) Open System Tools, File Manager Settings
>>> d) Open Advanced tab
>>>
>>> The window title is "[Dom0] File Manager Preferences".
>>>
>>> Here is the message under a title "Missing dependencies" and inside a blue 
>>> box:
>>>
>>>> It looks like gvfs is not available.
>>>> Important features ... will not work.
>>>
>>> It seems like this must be a problem I must fix.
>>>
> 
>> No. It is recommended to avoid using the GUI file manager in dom0.
> 
> Should the default install omit the GUI file manager in dom0?  Having it
> and telling people not to use it is rather strange.

Yes: https://github.com/QubesOS/qubes-issues/issues/2458

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c835b83b-6c17-b11b-c069-7fc276d2ae57%40qubes-os.org.


Re: [qubes-users] "GVFS is not available"

2023-08-26 Thread Andrew David Wong
On 8/26/23 8:55 AM, ales...@magenta.de wrote:
> Steve Coleman:
>>
>>
>> On Sat, Aug 12, 2023, 12:54 PM > > wrote:
>>
>>     ales...@magenta.de :
>>  > I am using a fresh installation of Qubes 4.1.1.
>>  >
>>  > When I use the File Manager Preferences tab there is a message
>>  > indicating that GVFS is not available.
>>
>>
>> You need to install the gvfs package in the template you are using for your 
>> AppVM.
>>
>> It's not a standard package installed by default because it relies on many 
>> other packages. Do a search in your flavor repository (fedora,debian,etc) 
>> for the package and install it in your template, and then restart your AppVM.
>>
>>
>> https://wiki.gnome.org/Projects/gvfs 
> 
> But this is not an AppVM or a template, I think. I am seeing this message 
> from Dom0 environment.
> 
> Troubleshooting Steps:
> a) Boot Qubes 4 and enter password to start login session
> b) Open Qubes menu in top panel
> c) Open System Tools, File Manager Settings
> d) Open Advanced tab
> 
> The window title is "[Dom0] File Manager Preferences".
> 
> Here is the message under a title "Missing dependencies" and inside a blue 
> box:
> 
>> It looks like gvfs is not available.
>> Important features ... will not work.
> 
> It seems like this must be a problem I must fix.
> 

No. It is recommended to avoid using the GUI file manager in dom0.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c95a5da8-c67c-04df-abcf-860ebf37e6e8%40qubes-os.org.


[qubes-users] CORRECTION: Qubes OS Summit 2023: OCTOBER 6-8 in Berlin

2023-08-25 Thread Andrew David Wong
Dear Qubes Community,

_My apologies for the incorrect subject line in my previous email. The correct 
month is OCTOBER, not September!_

In conjunction with [3mdeb](https://3mdeb.com/), the fifth edition of our Qubes 
OS Summit will be held live this year from October 6 to 8 in Berlin, Germany! 
For more information about this event, including the CFP (which is open until 
October 2), please see: 

[![Qubes OS Summit 2023 
poster](https://www.qubes-os.org/attachment/posts/qubes-os-summit-2023.png)](https://www.qubes-os.org/attachment/posts/qubes-os-summit-2023.png)


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/08/25/qubes-os-summit-2023/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5d1e397d-9d25-d6a7-9be9-9a30a9d2db81%40qubes-os.org.


[qubes-users] Qubes OS Summit 2023: September 6-8 in Berlin

2023-08-25 Thread Andrew David Wong
Dear Qubes Community,

In conjunction with [3mdeb](https://3mdeb.com/), the fifth edition of our Qubes 
OS Summit will be held live this year from October 6 to 8 in Berlin, Germany! 
For more information about this event, including the CFP (which is open until 
October 2), please see: 

[![Qubes OS Summit 2023 
poster](https://www.qubes-os.org/attachment/posts/qubes-os-summit-2023.png)](https://www.qubes-os.org/attachment/posts/qubes-os-summit-2023.png)


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/08/25/qubes-os-summit-2023/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8bdb30a5-93cb-fb09-5d60-d62005cf37e0%40qubes-os.org.


[qubes-users] XSAs released on 2023-08-08

2023-08-09 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is affected*.
Therefore, *user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- [XSA-432](https://xenbits.xen.org/xsa/advisory-432.html): See 
[QSB-092](https://www.qubes-os.org/news/2023/08/08/qsb-092/) for details.
- [XSA-434](https://xenbits.xen.org/xsa/advisory-434.html): See 
[QSB-093](https://www.qubes-os.org/news/2023/08/09/qsb-093/) for details.
- [XSA-435](https://xenbits.xen.org/xsa/advisory-435.html): See 
[QSB-093](https://www.qubes-os.org/news/2023/08/09/qsb-093/) for details.

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- (none)

## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/08/09/xsas-released-on-2023-08-08/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1977072f-92f4-40da-811e-953472551c73%40qubes-os.org.


[qubes-users] QSB-093: Transient execution vulnerabilities in AMD and Intel CPUs

2023-08-09 Thread Andrew David Wong
ated
   gpg: keybox '/home/user/.gnupg/pubring.kbx' created
   gpg: requesting key from 
'https://keys.qubes-os.org/keys/qubes-master-signing-key.asc'
   gpg: /home/user/.gnupg/trustdb.gpg: trustdb created
   gpg: key DDFA1A3E36879494: public key "Qubes Master Signing Key" imported
   gpg: Total number processed: 1
   gpg:   imported: 1
   ```

   (See 
[here](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-the-qubes-master-signing-key)
 for more ways to obtain the QMSK.)

2. View the fingerprint of the PGP key you just imported. (Note: `gpg>` 
indicates a prompt inside of the GnuPG program. Type what appears after it when 
prompted.)

   ```shell_session
   $ gpg --edit-key 0x427F11FD0FAA4B080123F01CDDFA1A3E36879494
   gpg (GnuPG) 2.2.27; Copyright (C) 2021 Free Software Foundation, Inc.
   This is free software: you are free to change and redistribute it.
   There is NO WARRANTY, to the extent permitted by law.
   
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   gpg> fpr
   pub   rsa4096/DDFA1A3E36879494 2010-04-01 Qubes Master Signing Key
Primary key fingerprint: 427F 11FD 0FAA 4B08 0123  F01C DDFA 1A3E 3687 9494
   ```

3. *Important*: At this point, you still don't know whether the key you just 
imported is the genuine QMSK or a forgery. In order for this entire procedure 
to provide meaningful security benefits, you *must* authenticate the QMSK 
out-of-band. *Do not skip this step*! The standard method is to obtain the QMSK 
fingerprint from *multiple independent sources in several different ways* and 
check to see whether they match the key you just imported. See 
[here](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-the-qubes-master-signing-key)
 for more details and ideas for how to do that.

   *Tip*: Record the genuine QMSK fingerprint in a safe place (or several) so 
that you don't have to repeat this step in the future.

4. Once you are satisfied that you have the genuine QMSK, set its trust level 
to 5 ("ultimate"), then quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported

[qubes-users] Changing the way we use milestones in the issue tracker

2023-08-09 Thread Andrew David Wong
## Summary

Issues will no longer be assigned to milestones by default. Most issues won't 
have milestones. The Qubes developers will manually assign issues to 
milestones. We'll use labels like "affects-4.1" and "affects-4.2" to represent 
affected releases instead of milestones. The "Release TBD" and "Non-release" 
milestones are being phased out, as are milestones of the form "Release X.Y 
updates." Read on for a more detailed explanation.

## How milestones work right now

Currently, our milestone guidelines are as follows:

- Every issue should be assigned to *exactly one* milestone.
- For *bug reports*, the milestone designates the *earliest supported release* 
in which that bug is believed to exist.
- For *enhancements* and *tasks*, the milestone indicates that the goal is to 
implement or do that thing *in* or *for* that release.

For example, if you were to report a bug that affects both 4.1 and 4.2 right 
now, it would be assigned to the "Release 4.1 updates" milestone, because 4.1 
is the earliest supported release that the bug is believed to affect. As 
another example, if you were to open an enhancement issue right now, it would 
most likely be assigned to the "Release TBD" milestone, which means something 
like, "This enhancement, if it is ever implemented, will be implement in some 
Qubes release or other, but it has not yet been determined which specific Qubes 
release that will be." If it were decided that this enhancement would be 
implemented for 4.2, for example, then the issue's milestone would be changed 
to "Release 4.2."

## Problems with the current system

Some people find our current use of milestones to be counterintuitive. For 
example, suppose that a bug is reported that affects both 4.1 and 4.2. The 
Qubes devs decide that it's not too serious, so it's okay just to fix it in 4.2 
and leave it be in 4.1. Some people have the intuition that the issue should be 
reassigned to the 4.2 milestone, since the devs just decided that's where it'll 
be fixed. However, under the current rules, that would be wrong, since the bug 
still affects 4.1, and 4.1 is the earliest affected supported release.

Similarly, suppose that someone reported a bug against 4.0, but it's one of 
those "we'll get around to fixing it someday, maybe" sort of bugs. Some people 
would be tempted to assign this issue to the "Release TBD" milestone on the 
grounds that the plan is to fix it at some yet-to-be-determined point in the 
distant future. However, this would again be wrong under the current rules, 
since the milestone for a bug report is supposed to represent the earliest 
supported release in which the bug is believed to exist, which is 4.0.

The current method also presents problems when it comes time to close old 
issues. As many of you have probably noticed, I recently closed a large number 
of issues that were on the "Release 4.0 updates" milestone, since 4.0 reached 
EOL over one year ago, and those issues had not seen any activity in over a 
year. The problem arises when an issue affects more than one release. For 
example, there were some issues that affected both 4.0 and 4.1. In accordance 
with our milestone rules, those issues were assigned to the 4.0 milestone. When 
it came time to bulk-close the old 4.0 issues, issues were closed even though 
they also affect 4.1, which is still supported. The fact that those issues also 
affect 4.1 wasn't represented in a label or milestone (just in a free-text 
comment), so I had no way to filter them out when performing the bulk close 
action.

Finally, each milestone has a progress indicator that shows the percentage of 
completed issues on that milestone, but this indicator isn't very useful when 
every issue that affects a given release gets assigned to that milestone, 
regardless of whether the devs actually plan to act on it. When every release 
ships with a partially-completed milestone, it becomes an unreliable indicator.

## Analyzing the nature of milestones

Let's step back for a moment and think about what milestones are and what 
purpose they're supposed to serve. An issue tracking system doesn't actually 
*have* to have milestones at all. They're an optional feature. All an issue 
tracking system really needs is a single type of "tag" functionality (what 
GitHub calls "labels"). You can re-create almost any other type of issue 
tracking functionality (including milestones) with just tags. From this 
perspective, GitHub's milestones are basically the same as labels, except for 
two distinctive features:

- Unlike labels, milestones are mutually exclusive. An issue can have an 
unlimited number of labels, but it can be assigned to at most one milestone.
- Unlike labels, milestones have progress indicators.

So, if we're going to use milestones, it makes sense to use them in a way that 
takes advantage of these distinctive features.

## How we plan to use milestones going forward

Issues will no longer immediately be assigned to milestones. 

[qubes-users] QSB-092: Buffer overrun in Linux netback driver (XSA-432)

2023-08-08 Thread Andrew David Wong
ore ways to obtain the QMSK.)

2. View the fingerprint of the PGP key you just imported. (Note: `gpg>` 
indicates a prompt inside of the GnuPG program. Type what appears after it when 
prompted.)

   ```shell_session
   $ gpg --edit-key 0x427F11FD0FAA4B080123F01CDDFA1A3E36879494
   gpg (GnuPG) 2.2.27; Copyright (C) 2021 Free Software Foundation, Inc.
   This is free software: you are free to change and redistribute it.
   There is NO WARRANTY, to the extent permitted by law.
   
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   gpg> fpr
   pub   rsa4096/DDFA1A3E36879494 2010-04-01 Qubes Master Signing Key
Primary key fingerprint: 427F 11FD 0FAA 4B08 0123  F01C DDFA 1A3E 3687 9494
   ```

3. *Important*: At this point, you still don't know whether the key you just 
imported is the genuine QMSK or a forgery. In order for this entire procedure 
to provide meaningful security benefits, you *must* authenticate the QMSK 
out-of-band. *Do not skip this step*! The standard method is to obtain the QMSK 
fingerprint from *multiple independent sources in several different ways* and 
check to see whether they match the key you just imported. See 
[here](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-the-qubes-master-signing-key)
 for more details and ideas for how to do that.

   *Tip*: Record the genuine QMSK fingerprint in a safe place (or several) so 
that you don't have to repeat this step in the future.

4. Once you are satisfied that you have the genuine QMSK, set its trust level 
to 5 ("ultimate"), then quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A

[qubes-users] Update for QSB-090: Zenbleed (CVE-2023-20593, XSA-433)

2023-08-02 Thread Andrew David Wong
 order for this entire procedure 
to provide meaningful security benefits, you *must* authenticate the QMSK 
out-of-band. *Do not skip this step*! The standard method is to obtain the QMSK 
fingerprint from *multiple independent sources in several different ways* and 
check to see whether they match the key you just imported. See 
[here](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-the-qubes-master-signing-key)
 for more details and ideas for how to do that.

   *Tip*: Record the genuine QMSK fingerprint in a safe place (or several) so 
that you don't have to repeat this step in the future.

4. Once you are satisfied that you have the genuine QMSK, set its trust level 
to 5 ("ultimate"), then quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D: 1 signature not checked due to a missing key
   gpg: key FD64F4F9E9720C4D: public key "Zrubi (Qubes Documentation Signing 
Key)" imported
   gpg: key DDFA1A3E36879494: "Qubes Master Signing Key" not changed
   gpg: key 1848792F9E2795E9: public key "Qubes OS Release 4 Signing Key" 
imported
   gpg: qubes-secpack/keys/release-keys/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key D655A4F21830E06A: public key "Marek Marczykowski-Górecki (Qubes 
security pack)" imported
   gpg: key ACC2602F3F48CB21: public key "Qubes OS Security Team" imported
   gpg: qubes-secpack/keys/security-team/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 4AC18DE1112E1490: public key "Simon Gaiser (Qubes Security Pack 
signing key)" imported
   gpg: Total nu

[qubes-users] XSAs released on 2023-08-01

2023-08-01 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is not affected*.
Therefore, *no user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- (none)

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- [XSA-436](https://xenbits.xen.org/xsa/advisory-436.html)
  - This affects only ARM processors, which Qubes OS does not support.

## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/08/01/xsas-released-on-2023-08-01/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d78c1ed3-28ce-6134-1ad9-074cdc1f477d%40qubes-os.org.


Re: [qubes-users] Disabling Hibernation universally

2023-07-29 Thread Andrew David Wong
On 7/29/23 8:48 AM, ales...@magenta.de wrote:
> I am still in the process of configuring Qubes (4.1.1). I am trying now to 
> disable Hibernation at all level of the system.
> 
> I couldn't find any reference of Hibernation in the official documentation or 
> the Wiki. Could someone describe the way to disable it universally?
> 

Xen does not hibernation, so it is already "disabled" by default.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1601b435-abc4-5d3e-c08a-c265259336f9%40qubes-os.org.


[qubes-users] QSB-091: Windows PV drivers potentially compromised

2023-07-27 Thread Andrew David Wong
: you are free to change and redistribute it.
   There is NO WARRANTY, to the extent permitted by law.
   
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   gpg> fpr
   pub   rsa4096/DDFA1A3E36879494 2010-04-01 Qubes Master Signing Key
Primary key fingerprint: 427F 11FD 0FAA 4B08 0123  F01C DDFA 1A3E 3687 9494
   ```

3. *Important*: At this point, you still don't know whether the key you just 
imported is the genuine QMSK or a forgery. In order for this entire procedure 
to provide meaningful security benefits, you *must* authenticate the QMSK 
out-of-band. *Do not skip this step*! The standard method is to obtain the QMSK 
fingerprint from *multiple independent sources in several different ways* and 
check to see whether they match the key you just imported. See 
[here](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-the-qubes-master-signing-key)
 for more details and ideas for how to do that.

   *Tip*: Record the genuine QMSK fingerprint in a safe place (or several) so 
that you don't have to repeat this step in the future.

4. Once you are satisfied that you have the genuine QMSK, set its trust level 
to 5 ("ultimate"), then quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D: 1 signature not checked due to a missing key
   gpg: key FD64F4F9E9720C4D: public key "Zrubi (Qubes Documentation Signing 
Key)" imported
   gpg: key DDFA1A3E36879494: "Qubes Master Signing Key" not changed
   gpg: key 1848792F9E2795E9: public key &q

[qubes-users] XSAs released on 2023-07-24

2023-07-24 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is affected*.
Therefore, *user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- [XSA-433](https://xenbits.xen.org/xsa/advisory-433.html)
  - See [QSB-090](https://www.qubes-os.org/news/2023/07/24/qsb-090/) for 
details.

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- (none)

## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/07/24/xsas-released-on-2023-07-24/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e9bc749c-703f-8c92-7e41-52f5e118bfa8%40qubes-os.org.


[qubes-users] QSB-090: Zenbleed (CVE-2023-20593, XSA-433)

2023-07-24 Thread Andrew David Wong
thod is to obtain the QMSK 
fingerprint from *multiple independent sources in several different ways* and 
check to see whether they match the key you just imported. See 
[here](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-the-qubes-master-signing-key)
 for more details and ideas for how to do that.

   *Tip*: Record the genuine QMSK fingerprint in a safe place (or several) so 
that you don't have to repeat this step in the future.

4. Once you are satisfied that you have the genuine QMSK, set its trust level 
to 5 ("ultimate"), then quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D: 1 signature not checked due to a missing key
   gpg: key FD64F4F9E9720C4D: public key "Zrubi (Qubes Documentation Signing 
Key)" imported
   gpg: key DDFA1A3E36879494: "Qubes Master Signing Key" not changed
   gpg: key 1848792F9E2795E9: public key "Qubes OS Release 4 Signing Key" 
imported
   gpg: qubes-secpack/keys/release-keys/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key D655A4F21830E06A: public key "Marek Marczykowski-Górecki (Qubes 
security pack)" imported
   gpg: key ACC2602F3F48CB21: public key "Qubes OS Security Team" imported
   gpg: qubes-secpack/keys/security-team/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 4AC18DE1112E1490: public key "Simon Gaiser (Qubes Security Pack 
signing key)" imported
   gpg: Total number processed: 17
   gpg:   imported: 16
   gpg:  unchanged: 1
   gpg: marginals needed: 3  completes needed: 1  trust model: pgp
   gpg

Re: [qubes-users] QubesIncoming folder in /tmp ??

2023-06-30 Thread Andrew David Wong
On 6/30/23 3:27 AM, haaber wrote:
> Hi I was wondering if it would not me preferable (at least in some VM's)
> to delocalise the QubesIncoming folder in /tmp to have it "cleaned up"
> regularly. It's a pain to do so manually. Is there a problem doing so ? 
> What would be the cleanest way to do it? A symlink ??  thank you, Bernhard
> 

I thought there was already an open issue for this, but I couldn't find one, so 
I just opened this:

https://github.com/QubesOS/qubes-issues/issues/8307

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/155da573-87c0-1c9e-6c4b-66f8edcc%40qubes-os.org.


Re: [qubes-users] split firefox & thunderbird credentials?

2023-06-23 Thread Andrew David Wong
On 6/22/23 7:38 AM, haaber wrote:
> I was wondering if the awesome split-ssh and split-gpg  family could be
> extended by a split-mozilla brother, that outsources passwords to vault
> without exposing them? The lack of such a feature obliges me *not* to
> save them within the two apps, which is a terrible pain, of corse 
> 
> thanks in advance
> 

Rusty wrote this:

https://github.com/rustybird/qubes-app-split-browser

(Disclaimers: It's unofficial. I haven't tried it myself.)

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1326f48c-856d-5a66-c838-b8a250fec2e8%40qubes-os.org.


Re: [qubes-users] Q4.1 xfce - "clicks in the void"

2023-06-06 Thread Andrew David Wong
On 6/5/23 3:39 AM, haaber wrote:
> I often experience clicks that get lost "in the void" meaning that the
> actual xfce windows does not seem to receive them.
> 
> Typical example: I use firefox, and a noscript pop-up ("load
> anonymously") with a button to click on: but I can't. What helps then,
> is changing the virtual screen (go away) and coming back: after this, 
> the click arrives again at the destination window. Very annoying!
> 
> Am I alone with this problem???  Best, Bernhard
> 

There's a longstanding bug where certain types of windows sometimes can't be 
clicked until focus is removed from that window, then given back again. I 
usually alt+tab to another window, then back to the original window to fix 
this. I'm not sure if you're experiencing the same thing, but it sounds 
similar. Also, I'm not sure if this is the right issue for what I'm describing, 
but it seems to fit:

https://github.com/QubesOS/qubes-issues/issues/3267

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5e20a937-deef-665a-f9dc-56b519d840df%40qubes-os.org.


[qubes-users] Qubes OS 4.2.0-rc1 is available for testing

2023-06-03 Thread Andrew David Wong
Dear Qubes Community,

We're pleased to announce that the first [release 
candidate](#what-is-a-release-candidate) for Qubes OS 4.2.0 is now available 
for [testing](https://www.qubes-os.org/doc/testing/). This [minor 
release](#what-is-a-minor-release) includes several new features and 
improvements over Qubes OS 4.1.0. Qubes 4.2.0-rc1 is available on the 
[downloads](https://www.qubes-os.org/downloads/) page.

## What's new in Qubes 4.2.0?

- Dom0 upgraded to Fedora 37
- Xen updated to version 4.17
- SELinux support in Fedora templates
- Several GUI applications rewritten, including:
  - Applications Menu
  - Qubes Global Settings
  - Create New Qube
  - Qubes Update
- Unified `grub.cfg` location for both UEFI and legacy boot
- PipeWire support
- fwupd integration for firmware updates
- Optional automatic clipboard clearing
- Official packages built using Qubes Builder v2

Please see the [Qubes OS 4.2.0 release 
notes](https://www.qubes-os.org/doc/releases/4.2/release-notes/) for details.

## Reminder: new signing key for Qubes OS 4.2

As a reminder, we published the following special announcement in [Qubes Canary 
032](https://www.qubes-os.org/news/2022/09/14/canary-032/) on 2022-09-14:

> We plan to create a new Release Signing Key (RSK) for Qubes OS 4.2. Normally, 
> we have only one RSK for each major release. However, for the 4.2 release, we 
> will be using Qubes Builder version 2, which is a complete rewrite of the 
> Qubes Builder. Out of an abundance of caution, we would like to isolate the 
> build processes of the current stable 4.1 release and the upcoming 4.2 
> release from each other at the cryptographic level in order to minimize the 
> risk of a vulnerability in one affecting the other. We are including this 
> notice as a canary special announcement since introducing a new RSK for a 
> minor release is an exception to our usual RSK management policy.

As always, we encourage you to 
[authenticate](https://www.qubes-os.org/security/pack/#how-to-obtain-and-authenticate)
 this canary by [verifying its PGP 
signatures](https://www.qubes-os.org/security/verifying-signatures/). Specific 
instructions are also included in the [canary 
announcement](https://www.qubes-os.org/news/2022/09/14/canary-032/).

As with all Qubes signing keys, we also encourage you to 
[authenticate](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-release-signing-keys)
 the new Qubes OS Release 4.2 Signing Key, which is available in the [Qubes 
Security Pack (qubes-secpack)](https://www.qubes-os.org/security/pack/) as well 
as on the [downloads](https://www.qubes-os.org/downloads/) page under the Qubes 
OS 4.2.0-rc1 ISO.

## Testing Qubes 4.2.0-rc1

If you're willing to [test](https://www.qubes-os.org/doc/testing/) this release 
candidate, you can help us improve the eventual stable release by [reporting 
any bugs you encounter](https://www.qubes-os.org/doc/issue-tracking/). We 
encourage experienced users to join the [testing 
team](https://forum.qubes-os.org/t/joining-the-testing-team/5190).

A full list of known bugs in Qubes 4.2.0 is available 
[here](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aopen+is%3Aissue+milestone%3A%22Release+4.2%22+label%3A%22T%3A+bug%22).
 We strongly recommend [updating Qubes 
OS](https://www.qubes-os.org/doc/how-to-update/) immediately after installation 
in order to apply all available bug fixes.

## Upgrading to Qubes 4.2.0-rc1

It is not yet possible to perform an in-place upgrade from Qubes 4.1 to Qubes 
4.2. For this initial release candidate, a clean installation is required. An 
in-place upgrade tool is in development.

## When is the stable release?

That depends on the number of bugs discovered in this release candidate and 
their severity. As explained in our [release 
schedule](https://www.qubes-os.org/doc/version-scheme/#release-schedule) 
documentation, our usual process after issuing a new release candidate is to 
collect bug reports, triage the bugs, and fix them. This usually takes around 
five weeks, depending on the bugs discovered. If warranted, we then issue a new 
release candidate that includes the fixes and repeat the whole process again. 
We continue this iterative procedure until we're left with a release candidate 
that's good enough to be declared the stable release. No one can predict, at 
the outset, how many iterations will be required (and hence how many release 
candidates will be needed before a stable release), but we tend to get a 
clearer picture of this with each successive release candidate, which we'll 
share in this section in future release candidate announcements.

In the case of Qubes 4.2.0 specifically, we already know that there will be a 
second release candidate (in order to test the in-place upgrade procedure, if 
nothing else). As mentioned above, we expect to announce that second release 
candidate in approximately five weeks. The results of that second release 
candidate will determine 

[qubes-users] Qubes Canary 035

2023-05-22 Thread Andrew David Wong
94
   ```

3. *Important*: At this point, you still don't know whether the key you just 
imported is the genuine QMSK or a forgery. In order for this entire procedure 
to provide meaningful security benefits, you *must* authenticate the QMSK 
out-of-band. *Do not skip this step*! The standard method is to obtain the QMSK 
fingerprint from *multiple independent sources in several different ways* and 
check to see whether they match the key you just imported. See 
[here](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-the-qubes-master-signing-key)
 for more details and ideas for how to do that.

   *Tip*: Record the genuine QMSK fingerprint in a safe place (or several) so 
that you don't have to repeat this step in the future.

4. Once you are satisfied that you have the genuine QMSK, set its trust level 
to 5 ("ultimate"), then quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D: 1 signature not checked due to a missing key
   gpg: key FD64F4F9E9720C4D: public key "Zrubi (Qubes Documentation Signing 
Key)" imported
   gpg: key DDFA1A3E36879494: "Qubes Master Signing Key" not changed
   gpg: key 1848792F9E2795E9: public key "Qubes OS Release 4 Signing Key" 
imported
   gpg: qubes-secpack/keys/release-keys/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key D655A4F21830E06A: public key "Marek Marczykowski-Górecki (Qubes 
security pack)" imported
   gpg: key ACC2602F3F48CB21: public key "Qubes OS Security Team" imported
   gpg: qubes-secpack/keys/security-team/retired: read error: Is a directory
   gpg: no valid Open

[qubes-users] XSAs released on 2023-05-16

2023-05-16 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is not affected*.
Therefore, *no user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- (none)

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- [XSA-431](https://xenbits.xen.org/xsa/advisory-431.html)
  - Qubes OS 4.1 uses an unaffected version of Xen (4.14).

## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/05/16/xsas-released-on-2023-05-16/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/034437ff-1944-fa19-76c9-fd4f673b509a%40qubes-os.org.


Re: [qubes-users] Best practice VPN in Qubes

2023-05-13 Thread Andrew David Wong
On 5/13/23 7:33 AM, taran1s wrote:
> 
> 
> Demi Marie Obenour:
>> On Sat, May 13, 2023 at 10:57:00AM +, Qubes OS Users Mailing List wrote:
>>> Andrew David Wong:
>>>> On 5/12/23 4:31 AM, 'taran1s' via qubes-users wrote:
>>>>> If anon-whonix AppVM is set to use mullvad-VPN that is connected to 
>>>>> sys-whonix it doesn't connect to internet. If one uses Debian or Fedora 
>>>>> based AppVM and runs vanilla Firefox, it works like a breeze.
>>>>>
>>>>> Any ideas how to solve this?
>>>>>
>>>>
>>>> I think that's by design. Whonix does that to protect you from 
>>>> accidentally compromising your own privacy.
>>
> 
> The answer below was meant to you David. I misidentified Patrick as the 
> author of the answer.
> 

You can call me "Andrew." "David" is my middle name. :)

>>
>>> Thank you for the answer Patrick. It is possible. The question is how does
>>> one use VPN over Tor in this case with Torbrowser that doesn't compromise
>>> the privacy (see the use case below please).
>>> The use case is to connect to a service like Twitter that is not Tor
>>> friendly from a static non-tor IP address (VPN), but at the same time hide
>>> my real IP address from the VPN provider by using Tor before I connect to
>>> the VPN.
>>
>>> Some services, like Twitter even if they have onion site keep forcing me to
>>> reset password periodically, reminding me that there is a suspicious
>>> behavior (just by connecting from Tor, not even posting anything) in an
>>> endless loop.
>>
>>> I would like to use the anon-whonix-twitter AppVM Torbrowser specifically
>>> for connection to that particular account only and nothing else, no other
>>> apps or even websites ever used in that anon-whonix-twitter AppVM.
>>
>>> Do you have any advice how to enable Torbrowser in the anon-whonix-twitter
>>> to work in the VPN over Tor scenario?
>>
>> I would use the onion service and deal with the Twitter-side brokenness.
> 

You should read this, then decide whether you still think this setup would be a 
good idea for you:

https://www.whonix.org/wiki/Tunnels/Introduction

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1780d3b7-c915-9a75-0a0a-fa01cf8a9aae%40qubes-os.org.


Re: [qubes-users] Best practice VPN in Qubes

2023-05-12 Thread Andrew David Wong
On 5/12/23 4:31 AM, 'taran1s' via qubes-users wrote:
> If anon-whonix AppVM is set to use mullvad-VPN that is connected to 
> sys-whonix it doesn't connect to internet. If one uses Debian or Fedora based 
> AppVM and runs vanilla Firefox, it works like a breeze.
> 
> Any ideas how to solve this?
> 

I think that's by design. Whonix does that to protect you from accidentally 
compromising your own privacy.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1855e2e4-f9f2-7c37-735b-f6a36e112533%40qubes-os.org.


Re: [qubes-users] Re: QSB-089: Qrexec: Memory corruption in service request handling

2023-05-12 Thread Andrew David Wong
On 5/11/23 11:00 PM, Vít Šesták wrote:
> If the process is not reused, just an update without restarting anything is 
> enough, isn't it? (This wouldn't be the case if the process was forking 
> from a zygote.)

Marek has previously told me that only Xen and Kernel updates require a reboot. 
FWIW, `needs-restarting -r` also didn't detect anything requiring a restart.

> After the update, I got a shower of notifications “Failed to execute 
> qubes.WindowIconUdater (from  to dom0)”, probably for each 
> running domU qube. 

Same.

> But this looks like a temporary issue, as QRPc seems to 
> continue working, either for newly launched qubes and for qubes launched 
> before update.

I haven't noticed any unusual behavior either.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6b3d8443-454f-045c-dcec-4156d34c96bd%40qubes-os.org.


[qubes-users] Fedora 36 reaches EOL on 2023-05-16

2023-05-11 Thread Andrew David Wong
Dear Qubes Community,

The Fedora Project has 
[announced](https://lists.fedoraproject.org/archives/list/annou...@lists.fedoraproject.org/thread/4GXBZJSGQ2PEKIBM2APCTLXBS6IDKSOP/)
 that Fedora 36 will reach EOL 
([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 2023-05-16. We 
strongly recommend that all users 
[upgrade](https://www.qubes-os.org/doc/templates/fedora/#upgrading) their 
Fedora templates and standalones to [Fedora 
37](https://www.qubes-os.org/news/2023/03/03/fedora-37-templates-available/) no 
later than 2023-05-16.

We provide fresh Fedora 37 template packages through the official Qubes 
repositories, which you can install in dom0 by following the standard 
[installation 
instructions](https://www.qubes-os.org/doc/templates/fedora/#installing). 
Alternatively, we also provide step-by-step instructions for [performing an 
in-place 
upgrade](https://www.qubes-os.org/doc/templates/fedora/in-place-upgrade/) of an 
existing Fedora template. After upgrading your templates, please remember to 
[switch all qubes that were using the old template to use the new 
one](https://www.qubes-os.org/doc/templates/#switching).

For a complete list of template releases that are supported for your specific 
Qubes release, see our [supported template 
releases](https://www.qubes-os.org/doc/supported-releases/#templates).

Please note that no user action is required regarding the OS version in dom0. 
For details, please see our [note on dom0 and 
EOL](https://www.qubes-os.org/doc/supported-releases/#note-on-dom0-and-eol).


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/05/11/fedora-36-reaches-eol-on-2023-05-16/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1201eea6-25ed-8305-a050-d9638c57c29d%40qubes-os.org.


[qubes-users] QSB-089: Qrexec: Memory corruption in service request handling

2023-05-11 Thread Andrew David Wong
out these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D: 1 signature not checked due to a missing key
   gpg: key FD64F4F9E9720C4D: public key "Zrubi (Qubes Documentation Signing 
Key)" imported
   gpg: key DDFA1A3E36879494: "Qubes Master Signing Key" not changed
   gpg: key 1848792F9E2795E9: public key "Qubes OS Release 4 Signing Key" 
imported
   gpg: qubes-secpack/keys/release-keys/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key D655A4F21830E06A: public key "Marek Marczykowski-Górecki (Qubes 
security pack)" imported
   gpg: key ACC2602F3F48CB21: public key "Qubes OS Security Team" imported
   gpg: qubes-secpack/keys/security-team/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 4AC18DE1112E1490: public key "Simon Gaiser (Qubes Security Pack 
signing key)" imported
   gpg: Total number processed: 17
   gpg:   imported: 16
   gpg:  unchanged: 1
   gpg: marginals needed: 3  completes needed: 1  trust model: pgp
   gpg: depth: 0  valid:   1  signed:   6  trust: 0-, 0q, 0n, 0m, 0f, 1u
   gpg: depth: 1  valid:   6  signed:   0  trust: 6-, 0q, 0n, 0m, 0f, 0u
   ```

7. Verify signed Git tags.

   ```shell_session
   $ cd qubes-secpack/
   $ git tag -v `git describe`
   object 266e14a6fae57c9a91362c9ac784d3a891f4d351
   type commit
   tag marmarek_sec_266e14a6
   tagger Marek Marczykowski-Górecki 1677757924 +0100
   
   Tag for commit 266e14a6fae57c9a91362c9ac784d3a891f4d351
   gpg: Signature made Thu 02 Mar 2023 03:52:04 AM PST
   gpg:using RSA key 2D1771FE4D767EDC76B089FAD655A4F21830E06A
   gpg: Good signature from "Marek Marczykowski-Górecki (Qubes security pack)" 
[full]
   ```

   The exact output will differ, but the final line should always start with 
`gpg: Good signature from...` followed by an appropriate key. The `[full]` 
indicates full trust, which this key inherits in virtue of being validly signed 
by the QMSK.

8. Verify PGP signatures, e.g.:

   ```shell_session
   $ cd QSBs/
   $ gpg --verify qsb-087-2022.txt.sig.marmarek qsb-087-2022.txt
   gpg: Signature made Wed 23 Nov 2022 04:05:51 AM PST
   gpg:using RSA key 2D1771FE4D767EDC76B089FAD655A4F21830E06A
   gpg: Good signature from "Marek Marczykowski-Górecki (Qubes security pack)" 
[full]
   $ gpg --verify qsb-087-2022.txt.sig.simon qsb-087-2022.txt
   gpg: Signature made Wed 23 Nov 2022 03:50:42 AM PST
   gpg:using RSA key EA18E7F040C41DDAEFE9AA0F4AC18DE1112E1490
   gpg: Good signature from "Simon Gaiser (Qubes Security Pack signing key)" 
[full]
   $ cd ../canaries/
   $ gpg --verify canary-034-2023.txt.sig.marmarek canary-034-2023.txt
   gpg: Signature made Thu 02 Mar 2023 03:51:48 AM PST
   gpg:using RSA key 2D1771FE4D767EDC76B089FAD655A4F21830E06A
   gpg: Good signature from "Marek Marczykowski-Górecki (Qubes security pack)" 
[full]
   $ gpg --verify canary-034-2023.txt.sig.simon canary-034-2023.txt
   gpg: Signature made Thu 02 Mar 2023 01:47:52 AM PST
   gpg:using RSA key EA18E7F040C41DDAEFE9AA0F4AC18DE1112E1490
   gpg: Good signature from "Simon Gaiser (Qubes Security Pack signing key)" 
[full]
   ```

   Aga

Re: [qubes-users] Colourful prompt

2023-05-04 Thread Andrew David Wong
On 5/3/23 4:02 AM, Qubes wrote:
> I have noticed on Fedora, the cli prompt itself is not colourful although the 
> rest of the output is. Is there a way to get the prompt itself in colour as 
> well? The prompt on Debian is in colour, it makes it easier to find things 
> when the prompt is in colour aswell.
> 

Since this is not a Qubes-specific question, you might have better luck 
searching the web for how to do this in Fedora (or Linux in general) or asking 
in a Fedora (or general Linux) venue.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3100e550-911f-c078-72a8-e075512009e9%40qubes-os.org.


Re: [qubes-users] The NovaCustom NV41 Series laptop is Qubes-certified!

2023-05-04 Thread Andrew David Wong
On 5/3/23 8:30 AM, Leo28C wrote:
> On Wed, May 3, 2023 at 5:12 AM Andrew David Wong  wrote:
> 
>> nor can we control whether physical hardware is modified (whether
>> maliciously or otherwise) *en route* to the user.
>>
> 
> Actually you could:
> 
> 1) Laminate product with `warranty void if removed` stickers of various
> brands and types
> 2) Send PGP-signed high-res photo of sticker placement to buyer before
> shipping
> 3) Buyer receives product and compares sticker placement to the photo to
> verify integrity
> 

We (the Qubes OS Project) can't do that, because we never take possession of 
inventory. When you purchase a Qubes-certified computer from a vendor, you are 
purchasing directly from that vendor.

However, you could offer your suggestion to the vendors who sell 
Qubes-certified hardware.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b69230c2-621f-6650-f104-4f2e1fe242dd%40qubes-os.org.


[qubes-users] The NovaCustom NV41 Series laptop is Qubes-certified!

2023-05-03 Thread Andrew David Wong
Dear Qubes Community,

It is our pleasure to announce that the [NovaCustom NV41 
Series](https://configurelaptop.eu/nv41-series/) laptop has become the fifth 
[Qubes-certified computer](https://www.qubes-os.org/doc/certified-hardware/) 
for Qubes 4.X!

## About the NovaCustom NV41 Series

The [NV41 Series](https://configurelaptop.eu/nv41-series/) is a 14-inch laptop 
from [NovaCustom](https://configurelaptop.eu/), a European vendor known for 
their highly customizable, Linux-friendly laptops. This 12th Generation Intel 
Core (Alder Lake) laptop comes with Dasharo coreboot open-source firmware, 
USB-C charging, the latest Intel Xe graphics, and up to 64 GB of memory.

## Qubes-certified configurations

The following configuration options are certified for Qubes OS 4.X:

Processor:
- Intel Core i5-1240P processor
- Intel Core i7-1260P processor

Memory (Dual Channel):
- 2 x 16 GB Kingston DDR4 SODIMM 3200 MHz (32 GB total)
- 1 x 32 GB Kingston DDR4 SODIMM 3200 MHz (32 GB total)
- 2 x 32 GB Kingston DDR4 SODIMM 3200 MHz (64 GB total)

M.2 storage chip:
- Samsung 980 SSD (all capacities)
- Samsung 980 Pro SSD (all capacities)

Wi-Fi and Bluetooth:
- Intel AX-200/201 Wi-Fi module 2976 Mbps, 802.11ax/Wi-Fi 6 + Bluetooth 5.2
- Killer (Intel) Wireless-AX 1675x M.2 Wi-Fi module 802.11ax/Wi-Fi 6E + 
Bluetooth 5.3
- Blob-free: Qualcomm Atheros QCNFA222 Wi-Fi 802.11a/b/g/n + Bluetooth 4.0
- No Wi-Fi/Bluetooth chip

### Notes on Wi-Fi and Bluetooth options

- When viewed in a Linux environment with `lspci`, the "Killer (Intel) 
Wireless-AX 1675x M.2 Wi-Fi module 802.11ax/Wi-Fi 6E + Bluetooth 5.3" device 
displays the model number "AX210." However, according to its [Intel Ark 
entry](https://ark.intel.com/content/www/us/en/ark/products/211485/intel-killer-wifi-6e-ax1675-xw.html)
 (in the "Product Brief" file), they are actually the same Wi-Fi module.

- Similarly, when viewed in a Linux environment with `lspci`, the "Blob-free: 
Qualcomm Atheros QCNFA222 Wi-Fi 802.11a/b/g/n + Bluetooth 4.0" device displays 
the model number "AR9462," which seems to be just the Wi-Fi chip model number, 
whereas "QCNFA222" seems to be the model number of the whole device (which 
include Bluetooth). Meanwhile, the Bluetooth device presents itself as "IMC 
Networks Device 3487."

- The term "blob-free" is used in different ways. In practice, being 
"blob-free" generally does *not* mean that the device does not use any 
closed-source firmware "blobs." Rather, it means that the device comes with 
firmware *preinstalled* so that it does not have to be loaded from the 
operating system. In theory, the preinstalled firmware could be open-source, 
but as far as we know, that is not the case with this particular Atheros 
Wi-Fi/Bluetooth module. (Qualcomm has published firmware source code in the 
past, but only for other device models, as far as we are aware.) Meanwhile, the 
Free Software Foundation (FSF) 
[considers](https://www.gnu.org/philosophy/free-hardware-designs.en.html#boundary)
 unmodifiable preinstalled firmware to be part of the hardware, hence they 
regard such hardware as "blob-free" from a software perspective. While common 
usage of the term "blob-free" often follows the FSF's interpretation, it is 
worthwhile for Qubes users who are concerned about closed-source firmware to 
understand the nuance.

## Special note regarding the need for `kernel-latest`

Beginning with Qubes OS 4.1.2, the Qubes installer includes the `kernel-latest` 
package and allows users to select this kernel option from the GRUB menu when 
booting the installer. At the time of this announcement, `kernel-latest` is 
*required* for the NovaCustom NV41 Series to function properly. Therefore, all 
potential purchasers and users of this model should be aware that they will 
have to select a non-default option (`Install Qubes OS RX using kernel-latest`) 
from the GRUB menu when booting the installer. However, since Linux 6.1 has 
officially been promoted to being a long-term support (LTS) kernel, it will 
become the default kernel at some point, which means that the need for this 
non-default selection is only temporary.

## What is Qubes-certified hardware?

[Qubes-certified hardware](https://www.qubes-os.org/doc/certified-hardware/) is 
hardware that has been certified by the Qubes developers as compatible with a 
specific [major release](https://www.qubes-os.org/doc/version-scheme/) of Qubes 
OS. All Qubes-certified devices are available for purchase with Qubes OS 
preinstalled. Beginning with Qubes 4.0, in order to achieve certification, the 
hardware must satisfy a rigorous set of [requirements], and the vendor must 
commit to offering customers the very same configuration (same motherboard, 
same screen, same BIOS version, same Wi-Fi module, etc.) for at least one year.

[Qubes-certified 
computers](https://www.qubes-os.org/doc/certified-hardware/#qubes-certified-computers)
 are specific models that are regularly tested by the Qubes developers to 
ensure 

[qubes-users] XSAs released on 2023-04-25

2023-04-25 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is not affected*.
Therefore, *no user action is required*.

## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- (none)

## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- [XSA-430](https://xenbits.xen.org/xsa/advisory-430.html)
  - Shadow paging is disabled in Qubes OS at build time.
  - Qubes OS 4.1 uses an unaffected version of Xen (4.14).

## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/04/25/xsas-released-on-2023-04-25/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/084e12d4-d234-5989-d08d-faea0aafa8e0%40qubes-os.org.


Re: [qubes-users] networking in minimal-qube ??

2023-04-25 Thread Andrew David Wong
On 4/24/23 11:25 PM, haaber wrote:
> I grabbed a debian-11-minimal, updated it & installed thunderbird into
> it to have a mail-reading template.
> 
> It worked for some hours, but now it lost network access in its AppVM's.
> When I restart the same appvm with debian-11 network is back.  Do I miss
> a package ??
> 
> 
> thank you, Bernhard
> 

Minimal templates require the 'qubes-core-agent-networking' package for 
networking:

https://www.qubes-os.org/doc/templates/minimal/#distro-specific-notes

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b6fa98af-3bf6-d004-f3e5-58f6074d7dd2%40qubes-os.org.


Re: [qubes-users] Odd behavior wile running two separate Whonix gateways

2023-03-24 Thread Andrew David Wong
On 3/23/23 9:23 PM, tiesta_symonne61 via qubes-users wrote:
> I'm pretty
> sure the actual traffic is being routed through the correct gateways, but
> my only metric for knowing that is looking at CPU usage while stressing
> the connection and making sure the correct chain of net vm's light up.
> 

Why not use the preinstalled "Nyx - Status Monitor for Tor" tool? It creates a 
nice traffic graph for you and shows you upload and download usage in real 
time. There's even a menu entry for it by default, so it's easy to open.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8439c1c5-4829-c9da-2517-f28708929403%40qubes-os.org.


OpenPGP_signature
Description: OpenPGP digital signature


[qubes-users] QSB-088: Two Xen issues affecting PV (stub-)domains (XSA-428, XSA-429)

2023-03-21 Thread Andrew David Wong
cates a prompt inside of the GnuPG program. Type what appears after it when 
prompted.)

   ```shell_session
   $ gpg --edit-key 0x427F11FD0FAA4B080123F01CDDFA1A3E36879494
   gpg (GnuPG) 2.2.27; Copyright (C) 2021 Free Software Foundation, Inc.
   This is free software: you are free to change and redistribute it.
   There is NO WARRANTY, to the extent permitted by law.
   
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   gpg> fpr
   pub   rsa4096/DDFA1A3E36879494 2010-04-01 Qubes Master Signing Key
Primary key fingerprint: 427F 11FD 0FAA 4B08 0123  F01C DDFA 1A3E 3687 9494
   ```

3. *Important*: At this point, you still don't know whether the key you just 
imported is the genuine QMSK or a forgery. In order for this entire procedure 
to provide meaningful security benefits, you *must* authenticate the QMSK 
out-of-band. *Do not skip this step*! The standard method is to obtain the QMSK 
fingerprint from *multiple independent sources in several different ways* and 
check to see whether they match the key you just imported. See 
[here](https://www.qubes-os.org/security/verifying-signatures/#how-to-import-and-authenticate-the-qubes-master-signing-key)
 for more details and ideas for how to do that.

   *Tip*: Record the genuine QMSK fingerprint in a safe place (or several) so 
that you don't have to repeat this step in the future.

4. Once you are satisfied that you have the genuine QMSK, set its trust level 
to 5 ("ultimate"), then quit GnuPG with `q`.

   ```shell_session
   gpg> trust
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: unknown   validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   
   Please decide how far you trust this user to correctly verify other users' 
keys
   (by looking at passports, checking fingerprints from different sources, etc.)
   
 1 = I don't know or won't say
 2 = I do NOT trust
 3 = I trust marginally
 4 = I trust fully
 5 = I trust ultimately
 m = back to the main menu
   
   Your decision? 5
   Do you really want to set this key to ultimate trust? (y/N) y
   
   pub  rsa4096/DDFA1A3E36879494
created: 2010-04-01  expires: never   usage: SC
trust: ultimate  validity: unknown
   [ unknown] (1). Qubes Master Signing Key
   Please note that the shown key validity is not necessarily correct
   unless you restart the program.
   
   gpg> q
   ```

5. Use Git to clone the qubes-secpack repo.

   ```shell_session
   $ git clone https://github.com/QubesOS/qubes-secpack.git
   Cloning into 'qubes-secpack'...
   remote: Enumerating objects: 4065, done.
   remote: Counting objects: 100% (1474/1474), done.
   remote: Compressing objects: 100% (742/742), done.
   remote: Total 4065 (delta 743), reused 1413 (delta 731), pack-reused 2591
   Receiving objects: 100% (4065/4065), 1.64 MiB | 2.53 MiB/s, done.
   Resolving deltas: 100% (1910/1910), done.
   ```

6. Import the included PGP keys. (See our [PGP key 
policies](https://www.qubes-os.org/security/pack/#pgp-key-policies) for 
important information about these keys.)

   ```shell_session
   $ gpg --import qubes-secpack/keys/*/*
   gpg: key 063938BA42CFA724: public key "Marek Marczykowski-Górecki (Qubes OS 
signing key)" imported
   gpg: qubes-secpack/keys/core-devs/retired: read error: Is a directory
   gpg: no valid OpenPGP data found.
   gpg: key 8C05216CE09C093C: 1 signature not checked due to a missing key
   gpg: key 8C05216CE09C093C: public key "HW42 (Qubes Signing Key)" imported
   gpg: key DA0434BC706E1FCF: public key "Simon Gaiser (Qubes OS signing key)" 
imported
   gpg: key 8CE137352A019A17: 2 signatures not checked due to missing keys
   gpg: key 8CE137352A019A17: public key "Andrew David Wong (Qubes 
Documentation Signing Key)" imported
   gpg: key AAA743B42FBC07A9: public key "Brennan Novak (Qubes Website & 
Documentation Signing)" imported
   gpg: key B6A0BB95CA74A5C3: public key "Joanna Rutkowska (Qubes Documentation 
Signing Key)" imported
   gpg: key F32894BE9684938A: public key "Marek Marczykowski-Górecki (Qubes 
Documentation Signing Key)" imported
   gpg: key 6E7A27B909DAFB92: public key "Hakisho Nukama (Qubes Documentation 
Signing Key)" imported
   gpg: key 485C7504F27D0A72: 1 signature not checked due to a missing key
   gpg: key 485C7504F27D0A72: public key "Sven Semmler (Qubes Documentation 
Signing Key)" imported
   gpg: key BB52274595B71262: public key "unman (Qubes Documentation Signing 
Key)" imported
   gpg: key DC2F3678D272F2A8: 1 signature not checked due to a missing key
   gpg: key DC2F3678D272F2A8: public key "Wojtek Porczyk (Qubes OS 
documentation signing key)" imported
   gpg: key FD64F4F9E9720C4D:

[qubes-users] Marek Marczykowski-Górecki to be interviewed at Dasharo virtual event

2023-03-15 Thread Andrew David Wong
Dear Qubes Community,

Our project lead, [Marek 
Marczykowski-Górecki](https://www.qubes-os.org/team/#marek-marczykowski-górecki)
 will be interviewed tomorrow during the [Dasharo Developers 
vPub](https://vpub.dasharo.com/e/1/dasharo-user-group-1). This is a virtual 
event hosted by the [Dasharo](https://www.dasharo.com/) team, who just 
introduced [the first Qubes-certified desktop 
computer](https://www.qubes-os.org/news/2023/03/15/dasharo-fidelisguard-z690-first-qubes-certified-desktop).

[![Dasharo User Group (DUG) #1 and Dasharo Developers vPub 0x6 informational 
poster](https://www.qubes-os.org/attachment/posts/dasharo-event-1.png)](https://vpub.dasharo.com/e/1/dasharo-user-group-1)

The Dasharo Developers vPub will be preceded by the first Dasharo User Group 
meeting, which may be of interest for Qubes users who wish to learn more about 
open-source firmware or are curious about the [Dasharo FidelisGuard 
Z690](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/)
 Qubes-certified computer.

[Read the full announcement for more 
information.](https://vpub.dasharo.com/e/1/dasharo-user-group-1)

## About Dasharo

"Dasharo is an open-source firmware distribution focusing on seamless 
deployment, clean and simple code, long-term maintenance, professional support, 
transparent validation, superior documentation, privacy-respecting 
implementation, liberty for the owners and trustworthiness for all." [Learn 
more about Dasharo.](https://docs.dasharo.com/osf-trivia-list/dasharo/)

Dasharo is a registered trademark of and a product developed by 
[3mdeb](https://3mdeb.com/).

## About 3mdeb

3mdeb and the Qubes OS Project have been partnering together for years to hold 
Qubes OS Summits. Michał Żygowski shared the story with us in [Qubes OS Summit: 
History from organizer's 
perspective](https://www.qubes-os.org/news/2022/09/07/qubes-os-summit-history/).
 You can watch videos from the 2022 summit 
[here](https://www.youtube.com/watch?v=hkWWz3xGqS8) and 
[here](https://www.youtube.com/watch?v=A9GrlQsQc7Q). 3mdeb has also been 
instrumental in recent work on [TrenchBoot Anti Evil Maid for Qubes 
OS](https://www.qubes-os.org/news/2023/01/31/trenchboot-aem-for-qubes-os/). 
[Learn more about 3mdeb.](https://3mdeb.com/about-us/)


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/03/15/marek-marczykowski-gorecki-interviewed-dasharo-virtual-event/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9e775f93-aa64-eb50-b215-12125183563b%40qubes-os.org.


[qubes-users] The Dasharo FidelisGuard Z690 is the first Qubes-certified desktop computer!

2023-03-15 Thread Andrew David Wong
Dear Qubes Community,

It is our pleasure to announce that the [Dasharo FidelisGuard 
Z690](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/)
 has become the fourth [Qubes-certified 
computer](https://www.qubes-os.org/doc/certified-hardware/) for Qubes 4.X and 
the *first* Qubes-certified desktop computer *ever*!

(In related news, the [Dasharo User Group #1 and Dasharo Developers vPub 
0x6)](https://www.qubes-os.org/news/2023/03/15/marek-marczykowski-gorecki-interviewed-dasharo-virtual-event)
 virtual event is tomorrow and will include an interview with our project lead, 
[Marek 
Marczykowski-Górecki](https://www.qubes-os.org/team/#marek-marczykowski-górecki)!)

## About the Dasharo FidelisGuard Z690

[![Photo of MSI PRO Z690-A DDR4 
motherboard](https://www.qubes-os.org/attachment/posts/dasharo-fidelisguard-z690_1.jpg)](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/)

The [Dasharo FidelisGuard 
Z690](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/)
 is a full desktop PC build that brings the [Dasharo](https://dasharo.com/) 
open-source firmware distribution to the MSI PRO Z690-A DDR4 motherboard with 
Qubes OS preinstalled. The full configuration includes:

| Part | Model Name 
|
|- | -- 
|
| CPU  | Intel Core i5-12600K, 3.7GHz   
|
| Cooling  | Noctua CPU NH-U12S Redux   
|
| RAM  | Kingston Fury Beast, DDR4, 4x8GB (32 GB Total), 3600 MHz, CL17 
|
| Power Supply | Seasonic Focus PX 750W 80 Plus Platinum
|
| Storage  | SSD Intel 670p 512 GB M.2 2280 PCI-E x4 Gen3 NVMe  
|
| Enclosure| SilentiumPC Armis AR1  
|

[![Photo of Dasharo FidelisGuard Z690 with open 
case](https://www.qubes-os.org/attachment/posts/dasharo-fidelisguard-z690_2.jpg)](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/)

This computer comes with a "Dasharo Supporters Entrance Subscription," which 
includes the following:

- Full access to [Dasharo Tools Suite 
(DTS)](https://docs.dasharo.com/dasharo-tools-suite/overview/)
- The latest Dasharo releases issued by the Dasharo Team
- Special Dasharo updates for supporters
- Dasharo Premier Support through an invite-only Matrix channel
- Influence on the Dasharo feature roadmap

[![Photo of Dasharo FidelisGuard Z690 with open 
case](https://www.qubes-os.org/attachment/posts/dasharo-fidelisguard-z690_3.jpg)](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/)

For further details, please see the [Dasharo FidelisGuard 
Z690](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/)
 product page.

[![Photo of the outside of the Dasharo FidelisGuard 
Z690](https://www.qubes-os.org/attachment/posts/dasharo-fidelisguard-z690_4.jpg)](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/)

## Special note regarding the need for `kernel-latest`

Beginning with Qubes OS 4.1.2, the Qubes installer includes the `kernel-latest` 
package and allows users to select this kernel option from the GRUB menu when 
booting the installer. At the time of this announcement, `kernel-latest` is 
*required* for the Dasharo FidelisGuard Z690's graphics drivers to function 
properly. Therefore, all potential purchasers and users of this model should be 
aware that they will have to select a non-default option (`Install Qubes OS RX 
using kernel-latest`) from the GRUB menu when booting the installer. However, 
since Linux 6.1 has officially been promoted to being a long-term support (LTS) 
kernel, it will become the default kernel at some point, which means that the 
need for this non-default selection is only temporary.

## About Dasharo

"Dasharo is an open-source firmware distribution focusing on seamless 
deployment, clean and simple code, long-term maintenance, professional support, 
transparent validation, superior documentation, privacy-respecting 
implementation, liberty for the owners and trustworthiness for all." [Learn 
more about Dasharo.](https://docs.dasharo.com/osf-trivia-list/dasharo/)

Dasharo is a registered trademark of and a product developed by 
[3mdeb](https://3mdeb.com/).

## About 3mdeb

3mdeb and the Qubes OS Project have been partnering together for years to hold 
Qubes OS Summits. Michał Żygowski shared the story with us in [Qubes OS Summit: 
History from organizer's 
perspective](https://www.qubes-os.org/news/2022/09/07/qubes-os-summit-history/).
 You can watch videos from the 2022 summit 
[here](https://www.youtube.com/watch?v=hkWWz3xGqS8) and 
[here](https://www.youtube.com/watch?v=A9GrlQsQc7Q). 3mdeb has also been 

[qubes-users] Qubes OS 4.1.2 has been released!

2023-03-14 Thread Andrew David Wong
Dear Qubes Community,

We're pleased to announce the stable release of Qubes 4.1.2! This release aims 
to consolidate all the security patches, bug fixes, and upstream template OS 
upgrades that have occurred since the initial Qubes 4.1.0 release. Our goal is 
to provide a secure and convenient way for users to install (or reinstall) the 
latest stable Qubes release with an up-to-date ISO.

Qubes 4.1.2 is available on the 
[downloads](https://www.qubes-os.org/downloads/) page.


## Existing installations

If you are already using any version of Qubes 4.1 (including 4.1.0, 4.1.1, 
4.1.2-rc1, and 4.1.2-rc2), then you should simply [update 
normally](https://www.qubes-os.org/doc/how-to-update/) (which includes 
[upgrading any EOL 
templates](https://www.qubes-os.org/doc/how-to-update/#upgrading-to-avoid-eol) 
you might have) in order to make your system effectively equivalent to this 
stable Qubes 4.1.2 release. No reinstallation or other special action is 
required.


## New installations

If you would like to install Qubes OS for the first time or perform a clean 
reinstallation on an existing system, there has never been a better time to do 
so! Simply [download](https://www.qubes-os.org/downloads/) the Qubes 4.1.2 ISO 
and follow our [installation 
guide](https://www.qubes-os.org/doc/installation-guide/).


## What's new in Qubes 4.1.2?

Qubes 4.1.2 includes numerous updates over the initial 4.1.0 release, in 
particular:

- All 4.1 dom0 updates to date
- Fedora 37 template
- USB keyboard support in the installer 
([#7674](https://github.com/QubesOS/qubes-issues/issues/7674))
- `kernel-latest` available as a boot option when starting the installer 
([#5900](https://github.com/QubesOS/qubes-issues/issues/5900))


## What is a patch release?

The Qubes OS Project uses the [semantic versioning](https://semver.org/) 
standard. Version numbers are written as `..`. Hence, we 
refer to releases that increment the third number as "patch releases." A patch 
release does not designate a separate, new major or minor release of Qubes OS. 
Rather, it designates its respective major or minor release (in this case, 4.1) 
inclusive of all updates up to a certain point. (See [supported 
releases](https://www.qubes-os.org/doc/supported-releases/) for a comprehensive 
list of major and minor releases.) Installing any prior Qubes 4.1 release and 
fully [updating](https://www.qubes-os.org/doc/how-to-update/) it results in 
essentially the same system as installing Qubes 4.1.2. You can learn more about 
how Qubes release versioning works in the [version 
scheme](https://www.qubes-os.org/doc/version-scheme/) documentation.


## Reminder: Qubes 4.0 has reached end-of-life

Qubes 4.0 [reached EOL (end-of-life) on 
2022-08-04](https://www.qubes-os.org/news/2022/07/04/qubes-os-4-0-eol-on-2022-08-04/).
 If you're still using Qubes 4.0, we strongly recommend upgrading to Qubes 4.1.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/03/15/qubes-4-1-2/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/23dc76fa-d8e6-1374-7f61-3eeb15b9576e%40qubes-os.org.


Re: [qubes-users] Qubes Canary 034

2023-03-03 Thread Andrew David Wong
On 3/3/23 1:33 AM, Cristian Margine wrote:
> Hello,
> You sent the wrong canary. text(it is the text from 033) The current canary 
> is not signed on December 04. 2022.
> 
> 
> Cristian
> 

Fixed, thank you.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/92588110-11cb-b1a6-ff01-539865379915%40qubes-os.org.


[qubes-users] Re: [CORRECTED] Qubes Canary 034

2023-03-03 Thread Andrew David Wong
Dear Qubes Community,

*Editor's note*: An earlier version of this announcement mistakenly contained 
the text of an older canary. This has been corrected below. As always, we 
encourage readers to verify the cryptographic signatures on canaries, which can 
always be found in the [Qubes security pack 
(qubes-secpack)](https://www.qubes-os.org/security/pack/).

We have published a new [Qubes 
canary](https://www.qubes-os.org/security/canary/). The text of this canary is 
reproduced below. This canary and its accompanying cryptographic signatures 
will always be available in the [Qubes security pack 
(qubes-secpack)](https://www.qubes-os.org/security/pack/).

```

---===[ Qubes Canary 034 ]===---


Statements
---

The Qubes security team members who have digitally signed this file [1]
state the following:

1. The date of issue of this canary is March 02, 2023.

2. There have been 87 Qubes security bulletins published so far.

3. The Qubes Master Signing Key fingerprint is:

   427F 11FD 0FAA 4B08 0123  F01C DDFA 1A3E 3687 9494

4. No warrants have ever been served to us with regard to the Qubes OS
   Project (e.g. to hand out the private signing keys or to introduce
   backdoors).

5. We plan to publish the next of these canary statements in the last
   fourteen days of May 2023. Special note should be taken if no new
   canary is published by that time or if the list of statements changes
   without plausible explanation.


Special announcements
--

None.


Disclaimers and notes
--

We would like to remind you that Qubes OS has been designed under the
assumption that all relevant infrastructure is permanently compromised.
This means that we assume NO trust in any of the servers or services
which host or provide any Qubes-related data, in particular, software
updates, source code repositories, and Qubes ISO downloads.

This canary scheme is not infallible. Although signing the declaration
makes it very difficult for a third party to produce arbitrary
declarations, it does not prevent them from using force or other means,
like blackmail or compromising the signers' laptops, to coerce us to
produce false declarations.

The proof of freshness provided below serves to demonstrate that this
canary could not have been created prior to the date stated. It shows
that a series of canaries was not created in advance.

This declaration is merely a best effort and is provided without any
guarantee or warranty. It is not legally binding in any way to anybody.
None of the signers should be ever held legally responsible for any of
the statements made here.


Proof of freshness
---

Thu, 02 Mar 2023 09:45:31 +

Source: DER SPIEGEL - International 
(https://www.spiegel.de/international/index.rss)
Dubious Alliance: How Present Is the Far Right in Germany's New Peace Movement?
Kaja Kallas: Estonia's High-Profile Prime Minister - a Star in the Making
The Special Tribunal Debate: "An Arrest Warrant Against Putin Would Be Immense"
The War in Ukraine: China Is Reportedly Negotiating with Russia To Supply 
Kamikaze Drones
Volodymyr Zelenskyy's Heroes: Ukraine's Best Respond to the Earthquake in Turkey

Source: NYT > World News 
(https://rss.nytimes.com/services/xml/rss/nyt/World.xml)
How Russia Lost an Epic Tank Battle, Repeating Earlier Mistakes
Kyiv Sends Reinforcements to Besieged Bakhmut
Bola Tinubu Elected to Be Nigeria’s Next President
Video: How an Israeli Raid on a Safe House Ended With Civilians Killed
Bola Tinubu’s Victory Extends His Party’s Time in Power in Nigeria

Source: BBC News - World (https://feeds.bbci.co.uk/news/world/rss.xml)
Greece train crash: Angry protests erupt after disaster
India PM Modi urges G20 foreign ministers to overcome differences
How fake copyright complaints are muzzling journalists
Whiskey fungus lawsuit forces Jack Daniels to halt building project
Indian guru's fictional country attended UN events

Source: Blockchain.info
00037ab2816f3100fc37acee47a63571b5d3b7ca72145906


Footnotes
--

[1] This file should be signed in two ways: (1) via detached PGP
signatures by each of the signers, distributed together with this canary
in the qubes-secpack.git repo, and (2) via digital signatures on the
corresponding qubes-secpack.git repo tags. [2]

[2] Don't just trust the contents of this file blindly! Verify the
digital signatures! Instructions for doing so are documented here:
https://www.qubes-os.org/security/pack/

--
The Qubes Security Team
https://www.qubes-os.org/security/
```


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/03/02/canary-034/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 

[qubes-users] Qubes Canary 034

2023-03-02 Thread Andrew David Wong
Dear Qubes Community,

We have published a new [Qubes 
canary](https://www.qubes-os.org/security/canary/). The text of this canary is 
reproduced below. This canary and its accompanying cryptographic signatures 
will always be available in the [Qubes security pack 
(qubes-secpack)](https://www.qubes-os.org/security/pack/).

```

---===[ Qubes Canary 034 ]===---


Statements
---

The Qubes security team members who have digitally signed this file [1]
state the following:

1. The date of issue of this canary is December 04, 2022.

2. There have been 87 Qubes security bulletins published so far.

3. The Qubes Master Signing Key fingerprint is:

   427F 11FD 0FAA 4B08 0123  F01C DDFA 1A3E 3687 9494

4. No warrants have ever been served to us with regard to the Qubes OS
   Project (e.g. to hand out the private signing keys or to introduce
   backdoors).

5. We plan to publish the next of these canary statements in the first
   fourteen days of March 2023. Special note should be taken if no new
   canary is published by that time or if the list of statements changes
   without plausible explanation.


Special announcements
--

None.


Disclaimers and notes
--

We would like to remind you that Qubes OS has been designed under the
assumption that all relevant infrastructure is permanently compromised.
This means that we assume NO trust in any of the servers or services
which host or provide any Qubes-related data, in particular, software
updates, source code repositories, and Qubes ISO downloads.

This canary scheme is not infallible. Although signing the declaration
makes it very difficult for a third party to produce arbitrary
declarations, it does not prevent them from using force or other means,
like blackmail or compromising the signers' laptops, to coerce us to
produce false declarations.

The proof of freshness provided below serves to demonstrate that this
canary could not have been created prior to the date stated. It shows
that a series of canaries was not created in advance.

This declaration is merely a best effort and is provided without any
guarantee or warranty. It is not legally binding in any way to anybody.
None of the signers should be ever held legally responsible for any of
the statements made here.


Proof of freshness
---

Sun, 04 Dec 2022 03:11:56 +

Source: DER SPIEGEL - International 
(https://www.spiegel.de/international/index.rss)
Friends or Frenemies?: Significant Trans-Atlantic Divides Emerge in Global Chip 
War
The Russian Mobilization: One Soldier's Effort to Avoid the War
Tragedy in Mariupol: The Boy Who Lost His Family But Not His Hope
A Year with Angela Merkel: "You're Done with Power Politics"
Fears of Chinese Aggression Grow in Taiwan: "Where Are We Supposed to Go?"

Source: NYT > World News 
(https://rss.nytimes.com/services/xml/rss/nyt/World.xml)
He Returned a Dazed Soldier to the Russians. Ukraine Calls It Treason.
Landslide Tragedy Turns Italy’s Focus to Illegal Construction
Why Is Rahul Gandhi Walking 2,000 Miles Across India?
How China’s Police Used Phones and Faces to Track Protesters
Ukraine Calls for Evacuations From a Russian-Controlled Area

Source: BBC News - World (https://feeds.bbci.co.uk/news/world/rss.xml)
Cyril Ramaphosa: South Africa leader won't resign, says spokesman
Ukraine war: Zelensky calls West's Russian oil cap 'weak'
Ukraine war: New images show Russian army base built in occupied Mariupol
Elnaz Rekabi: Family home of Iranian climber demolished
Columbia peace talks with leftist ELN rebels make progress

Source: Blockchain.info
955f2976b1fbff0d0c47c262ea3ae6410e43f8218fb7


Footnotes
--

[1] This file should be signed in two ways: (1) via detached PGP
signatures by each of the signers, distributed together with this canary
in the qubes-secpack.git repo, and (2) via digital signatures on the
corresponding qubes-secpack.git repo tags. [2]

[2] Don't just trust the contents of this file blindly! Verify the
digital signatures! Instructions for doing so are documented here:
https://www.qubes-os.org/security/pack/

--
The Qubes Security Team
https://www.qubes-os.org/security/
```


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/03/02/canary-034/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/f1aa2663-c33d-f11f-93b9-178184387481%40qubes-os.org.


Re: [qubes-users] HCL - Yoga 7 16IAP7

2023-02-24 Thread Andrew David Wong
On 2/23/23 7:05 AM, disp...@proslo.dev wrote:
> Empty Message
> 

Hi there,

It looks like you sent an empty message with no body text and no attachments. 
Did you mean to add your HCL report to this email?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ae4e6dc7-b00c-59c3-7b7e-5f52af046bc8%40qubes-os.org.


[qubes-users] XSAs released on 2023-02-14

2023-02-15 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is not affected*.
Therefore, *no user action is required*.


## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- (none)


## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- XSA-426 (SMT is disabled in Qubes OS by default)


## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/02/15/xsas-released-on-2023-02-14/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e0f5f316-3706-ec86-6a96-ddee80c6f812%40qubes-os.org.


[qubes-users] Qubes OS 4.1.2-rc1 has been released!

2023-02-09 Thread Andrew David Wong
Dear Qubes Community,

We're pleased to announce the first [release 
candidate](#what-is-a-release-candidate) for Qubes 4.1.2! This [patch 
release](#what-is-a-patch-release) aims to consolidate all the security 
patches, bug fixes, and upstream template OS upgrades that have occurred since 
prior Qubes 4.1 releases. Our goal is to provide a secure and convenient way 
for users to install (or reinstall) the latest stable Qubes release with an 
up-to-date ISO.

Qubes 4.1.2-rc1 is available on the 
[downloads](https://www.qubes-os.org/downloads/) page.


## What's new in Qubes 4.1.2?

Qubes 4.1.2-rc1 includes numerous updates over the initial 4.1.0 release, in 
particular:

- All 4.1 dom0 updates to date
- Fedora 37 template
- USB keyboard support in the installer 
([#7674](https://github.com/QubesOS/qubes-issues/issues/7674))
- `kernel-latest` available as a boot option when starting the installer 
([#5900](https://github.com/QubesOS/qubes-issues/issues/5900))


## Testing Qubes 4.1.2-rc1

If you're willing to [test](https://www.qubes-os.org/doc/testing/) this release 
candidate, you can help to improve the eventual stable release by [reporting 
any bugs you encounter](https://www.qubes-os.org/doc/issue-tracking/). We 
strongly encourage experienced users to join the [testing 
team](https://forum.qubes-os.org/t/joining-the-testing-team/5190)!


## Existing Qubes 4.1 users

If you're not interested in testing this release candidate, and you're already 
using Qubes 4.1, then you should simply [update 
normally](https://www.qubes-os.org/doc/how-to-update/) (which includes 
[upgrading any EOL 
templates](https://www.qubes-os.org/doc/how-to-update/#upgrading-to-avoid-eol) 
you might have) in order to make your system essentially equivalent to this 
patch release. No special action is required on your part.


## Release candidate planning

If no significant bugs are discovered in 4.1.2-rc1, we expect to announce the 
stable release of 4.1.2 in two to three weeks.


## What is a release candidate?

A release candidate (RC) is a software build that has the potential to become a 
stable release, unless significant bugs are discovered in testing. Release 
candidates are intended for more advanced (or adventurous!) users who are 
comfortable testing early versions of software that are potentially buggier 
than stable releases. You can read more about Qubes OS [supported 
releases](https://www.qubes-os.org/doc/supported-releases/) and the [version 
scheme](https://www.qubes-os.org/doc/version-scheme/) in our documentation.


## What is a patch release?

The Qubes OS Project uses the [semantic versioning](https://semver.org/) 
standard. Version numbers are written as `..`. Hence, we 
refer to releases that increment the third number as "patch releases." A patch 
release does not designate a separate, new major or minor release of Qubes OS. 
Rather, it designates its respective major or minor release (in this case, 4.1) 
inclusive of all updates up to a certain point. (See [supported 
releases](https://www.qubes-os.org/doc/supported-releases/) for a comprehensive 
list of major and minor releases.) Installing any prior Qubes 4.1 release and 
fully [updating](https://www.qubes-os.org/doc/how-to-update/) it results in 
essentially the same system as installing Qubes 4.1.2. You can learn more about 
how Qubes release versioning works in the [version 
scheme](https://www.qubes-os.org/doc/version-scheme/) documentation.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/02/09/qubes-4-1-2-rc1/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/f968bb2b-3947-74b8-3a95-7b240951b338%40qubes-os.org.


Re: [qubes-users] Passing a YubiKey to a VM?

2023-02-07 Thread Andrew David Wong
On 2/7/23 12:24 PM, Ulrich Windl wrote:
> How do you use a YubiKey (OpenPGP card, etc.) in Qubes OS?

In case you (or anyone else reading this) has not already seen it, there is a 
documentation page on this:

https://www.qubes-os.org/doc/yubikey/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6114872a-3d66-79f7-7313-e9cc0cb73f95%40qubes-os.org.


Re: [qubes-users] network in template (Qubes 4.1)

2023-02-01 Thread Andrew David Wong
On 2/1/23 12:54 PM, davaiigoo wrote:
> According to the documentation, there is way to enable networking in Qubes 
> templates for sources other than updates from apt-get or dnf .
> 
> https://www.qubes-os.org/doc/how-to-install-software/#installing-software-from-other-sources
> 
> Tried different combinations without success.
> 
> I definitely need to use git (github.com cannot be resolved) and to a less 
> extent, snap and/or flatpak.
> 

Are you sure you followed the instructions in that section correctly? Following 
them should give your template normal network access.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/163404e1-5675-e500-30cf-7e32ad0d7c32%40qubes-os.org.


[qubes-users] Guest post: "TrenchBoot Anti Evil Maid for Qubes OS" by Michal Zygowski of 3mdeb

2023-01-31 Thread Andrew David Wong
Dear Qubes Community,

The following is a guest post by Michal Zygowski from 
[3mdeb](https://3mdeb.com/) on the work they've been doing to upgrade [Anti 
Evil Maid (AEM)](https://www.qubes-os.org/doc/anti-evil-maid/). The original 
post can be found on the [3mdeb 
blog](https://blog.3mdeb.com/2023/2023-01-31-trenchboot-aem-for-qubesos/). This 
work was made possible through generous 
[donations](https://www.qubes-os.org/donate/) from the Qubes community via 
[OpenCollective](https://opencollective.com/qubes-os). We are immensely 
grateful to the Qubes community for your continued support and to 3mdeb for 
contributing this valuable work.

"TrenchBoot Anti Evil Maid for Qubes OS"
by Michal Zygowski
https://blog.3mdeb.com/2023/2023-01-31-trenchboot-aem-for-qubesos/
https://www.qubes-os.org/news/2023/01/31/trenchboot-aem-for-qubes-os/

As a courtesy to plain text email users, the Markdown source of the article 
body is reproduced below.

8<--

## Abstract

Qubes OS Anti Evil Maid (AEM) software heavily depends on the
availability of the DRTM technologies to prevent the Evil Maid
attacks. However, the project has not evolved much since the
beginning of 2018 and froze on the support of TPM 1.2 with Intel TXT
in legacy boot mode (BIOS). In the post we show how existing
solution can be replaced with TrenchBoot and how one can install it
on the Qubes OS. Also the post will also briefly explain how
TrenchBoot opens the door for future TPM 2.0 and UEFI support for
AEM.

## Introduction

As Qubes OS users, promoters, and developers, we understand how essential it is
to be aware of the latest developments in maintaining the security of your
favorite operating system. We're excited to share our plans to integrate the
TrenchBoot Project into Qubes OS's new Anti-Evil Maid (AEM) implementation. As
you may know, traditional firmware security measures like UEFI Secure Boot and
measured boot, even with a Static Root of Trust (SRT), may only sometimes be
enough to ensure a completely secure environment for your operating system.
Compromised firmware may allow for the injection of malicious software into
your system, making it difficult to detect. To overcome these limitations, many
silicon vendors have started implementing Dynamic Root of Trust (DRT)
technologies to establish a secure environment for operating system launch and
integrity measurements. We're excited to take advantage of these advancements
through integration with the [TrenchBoot Project](https://trenchboot.org/).

The usage of DRT technologies like Intel Trusted Execution Technology (TXT) or
AMD Secure Startup is becoming more and more significant; for example, Dynamic
Root of Trust for Measurement (DRTM) requirements of [Microsoft Secured Core 
PCs](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-highly-secure#what-makes-a-secured-core-pc).
DRTM has yet to find its place in open-source projects, but that gradually
changes. The demand for having firmware-independent Roots of Trust is
increasing, and projects that satisfy this demand are growing TrenchBoot is a
framework that allows individuals and projects to build security engines to
perform launch integrity actions for their systems. The framework builds upon
Boot Integrity Technologies (BITs) that establish one or more Roots of Trust
(RoT) from which a degree of confidence that integrity actions were not
subverted.

[Qubes OS Anti Evil Maid 
(AEM)](https://blog.invisiblethings.org/2011/09/07/anti-evil-maid.html)
software heavily depends on the availability of DRTM technologies to prevent
Evil Maid attacks. However, the project hasn't evolved much since the beginning
of 2018 and froze on the support of TPM 1.2 with Intel TXT in legacy boot mode
(BIOS). Because of that, the usage of this security software is effectively
limited to older Intel machines only. TPM 1.2 implemented SHA1 hashing
algorithm, which is nowadays considered weak in the era of forever-increasing
computer performance and quantum computing. The solution to this problem comes
with a newer TPM 2.0 with more agile cryptographic algorithms and SHA256
implementation by default.

The post will present the TrenchBoot solution for Qubes OS AEM replacing the
current TPM 1.2 and Intel TXT-only implementation. The advantage of TrenchBoot
solution over existing [Trusted 
Boot](https://sourceforge.net/p/tboot/wiki/Home/)
is the easier future integration of AMD platform support, as well as TPM 2.0
and UEFI mode support.

Before we dive into the technical details, it is important to highlight that
this achievement was made possible through the generous contributions of Qubes
OS community via OpenCollective. We would like to express our gratitude and
extend a special thank you to all who have supported our favourite operating
system. To continue supporting Qubes OS, please consider donating through
[OpenCollective 

[qubes-users] XSAs released on 2023-01-25

2023-01-27 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is not affected*.
Therefore, *no user action is required*.


## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- (none)


## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- XSA-425 (Qubes 4.1 does not use the affected Xen version; denial-of-service 
only)


## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2023/01/27/xsas-released-on-2023-01-25/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0dcb1285-9783-d528-c06e-5db13aae167f%40qubes-os.org.


[qubes-users] Support the Qubes OS Project via Proton's charity fundraiser!

2022-12-16 Thread Andrew David Wong
Dear Qubes Community,

The Qubes OS Project is grateful to have been selected as one of the 
beneficiaries of this year's Proton charity fundraiser alongside so many other 
wonderful organizations. The continued support of the privacy community means 
the world to us! For details about the fundraiser and how you can participate, 
please see the official Proton blog post: 

https://proton.me/blog/2022-lifetime-account-charity-fundraiser

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c763720a-102b-5a14-07f5-7c2873f2c237%40qubes-os.org.


Re: [qubes-users] Obsidian - PKB under Q?

2022-12-11 Thread Andrew David Wong
On 12/10/22 8:20 AM, Foilsurf wrote:
> Hello,
> Obsidian is quite simple tech (text-files), but quite clever for taking 
> notes. And run under Linux (TheBrain e.g. not any more). Additionally it 
> has the local principal, so it would be found a perfect place in a own VM, 
> I think.
> Would it make sense to offer an Obsidian VM straight away out of the box 
> for QubesOS?
> Kind Regards
> 
> https://obsidian.md/about
> 

IMHO no, for the reasons explained here:

https://www.qubes-os.org/faq/#could-you-please-make-my-preference-the-default

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/da82f303-f609-379d-09f9-9dad2cd876d4%40qubes-os.org.


[qubes-users] Fedora 35 reaches EOL on 2022-12-13

2022-12-08 Thread Andrew David Wong
Dear Qubes Community,

The Fedora Project has 
[announced](https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org/thread/OGTVKLX7OXBYCEUQ66UY4YK3T6QHAYW5/)
 that Fedora 35 will reach EOL 
([end-of-life](https://fedoraproject.org/wiki/End_of_life)) on 2022-12-13. We 
strongly recommend that all users 
[upgrade](https://www.qubes-os.org/doc/templates/fedora/#upgrading) their 
Fedora templates and standalones to Fedora 36 no later than 2022-12-13.

We provide fresh Fedora 36 template packages through the official Qubes 
repositories, which you can install in dom0 by following the standard 
[installation 
instructions](https://www.qubes-os.org/doc/templates/fedora/#installing). 
Alternatively, we also provide step-by-step instructions for [performing an 
in-place 
upgrade](https://www.qubes-os.org/doc/templates/fedora/in-place-upgrade/) of an 
existing Fedora template. After upgrading your templates, please remember to 
[switch all qubes that were using the old template to use the new 
one](https://www.qubes-os.org/doc/templates/#switching).

For a complete list of template releases that are supported for your specific 
Qubes release, see our [supported template 
releases](https://www.qubes-os.org/doc/supported-releases/#templates).

Please note that no user action is required regarding the OS version in dom0. 
For details, please see our [note on dom0 and 
EOL](https://www.qubes-os.org/doc/supported-releases/#note-on-dom0-and-eol).


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/12/08/fedora-35-reaches-eol-on-2022-12-13/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/635e14c4-d155-7af8-5dbd-702f45fe6532%40qubes-os.org.


[qubes-users] XSAs released on 2022-12-06

2022-12-06 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is not affected*.
Therefore, *no user action is required*.


## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- (none)


## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- XSA-423 (denial-of-service only)
- XSA-424 (denial-of-service only)


## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/12/06/xsas-released-on-2022-12-06/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c6071065-1ba9-7c68-bdb5-967b875e4ee3%40qubes-os.org.


[qubes-users] Qubes Canary 033

2022-12-04 Thread Andrew David Wong
Dear Qubes Community,

We have published Qubes Canary 033. The text of this canary is
reproduced below.

This canary and its accompanying signatures will always be available in
the Qubes security pack (qubes-secpack).

View Qubes Canary 033 in the qubes-secpack:



Learn how to obtain and authenticate the qubes-secpack and all the
signatures it contains:



View all past canaries:



```

---===[ Qubes Canary 033 ]===---


Statements
---

The Qubes security team members who have digitally signed this file [1]
state the following:

1. The date of issue of this canary is December 04, 2022.

2. There have been 87 Qubes security bulletins published so far.

3. The Qubes Master Signing Key fingerprint is:

   427F 11FD 0FAA 4B08 0123  F01C DDFA 1A3E 3687 9494

4. No warrants have ever been served to us with regard to the Qubes OS
   Project (e.g. to hand out the private signing keys or to introduce
   backdoors).

5. We plan to publish the next of these canary statements in the first
   fourteen days of March 2023. Special note should be taken if no new
   canary is published by that time or if the list of statements changes
   without plausible explanation.


Special announcements
--

None.


Disclaimers and notes
--

We would like to remind you that Qubes OS has been designed under the
assumption that all relevant infrastructure is permanently compromised.
This means that we assume NO trust in any of the servers or services
which host or provide any Qubes-related data, in particular, software
updates, source code repositories, and Qubes ISO downloads.

This canary scheme is not infallible. Although signing the declaration
makes it very difficult for a third party to produce arbitrary
declarations, it does not prevent them from using force or other means,
like blackmail or compromising the signers' laptops, to coerce us to
produce false declarations.

The proof of freshness provided below serves to demonstrate that this
canary could not have been created prior to the date stated. It shows
that a series of canaries was not created in advance.

This declaration is merely a best effort and is provided without any
guarantee or warranty. It is not legally binding in any way to anybody.
None of the signers should be ever held legally responsible for any of
the statements made here.


Proof of freshness
---

Sun, 04 Dec 2022 03:11:56 +

Source: DER SPIEGEL - International 
(https://www.spiegel.de/international/index.rss)
Friends or Frenemies?: Significant Trans-Atlantic Divides Emerge in Global Chip 
War
The Russian Mobilization: One Soldier's Effort to Avoid the War
Tragedy in Mariupol: The Boy Who Lost His Family But Not His Hope
A Year with Angela Merkel: "You're Done with Power Politics"
Fears of Chinese Aggression Grow in Taiwan: "Where Are We Supposed to Go?"

Source: NYT > World News 
(https://rss.nytimes.com/services/xml/rss/nyt/World.xml)
He Returned a Dazed Soldier to the Russians. Ukraine Calls It Treason.
Landslide Tragedy Turns Italy’s Focus to Illegal Construction
Why Is Rahul Gandhi Walking 2,000 Miles Across India?
How China’s Police Used Phones and Faces to Track Protesters
Ukraine Calls for Evacuations From a Russian-Controlled Area

Source: BBC News - World (https://feeds.bbci.co.uk/news/world/rss.xml)
Cyril Ramaphosa: South Africa leader won't resign, says spokesman
Ukraine war: Zelensky calls West's Russian oil cap 'weak'
Ukraine war: New images show Russian army base built in occupied Mariupol
Elnaz Rekabi: Family home of Iranian climber demolished
Columbia peace talks with leftist ELN rebels make progress

Source: Blockchain.info
955f2976b1fbff0d0c47c262ea3ae6410e43f8218fb7


Footnotes
--

[1] This file should be signed in two ways: (1) via detached PGP
signatures by each of the signers, distributed together with this canary
in the qubes-secpack.git repo, and (2) via digital signatures on the
corresponding qubes-secpack.git repo tags. [2]

[2] Don't just trust the contents of this file blindly! Verify the
digital signatures! Instructions for doing so are documented here:
https://www.qubes-os.org/security/pack/

--
The Qubes Security Team
https://www.qubes-os.org/security/
```


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/12/04/canary-033/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/eefc55d9-32c9-3753-055d-1b75d56db194%40qubes-os.org.


[qubes-users] QSB-087: Qrexec: Injection of unsanitized data into log output

2022-11-23 Thread Andrew David Wong
Dear Qubes Community,

We have just published [Qubes Security Bulletin (QSB) 087: Qrexec: Injection of 
unsanitized data into log 
output](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-087-2022.txt).
 The text of this QSB is reproduced below. This QSB and its accompanying 
signatures will always be available in the [Qubes Security Pack 
(qubes-secpack)](https://www.qubes-os.org/security/pack/). More information 
about QSBs, including a complete historical list, is available 
[here](https://www.qubes-os.org/security/qsb/).

```

 ---===[ Qubes Security Bulletin 087 ]===---

 2022-11-23

  Qrexec: Injection of unsanitized data into log output

User action required
-

Users must install the following specific packages in order to address
the issues discussed in this bulletin:

  For Qubes 4.1, in templates, standalones and dom0:
  - qrexec packages version 4.1.19

These packages will migrate from the security-testing repository to the
current (stable) repository over the next two weeks after being tested
by the community. [1] Once available, the packages are to be installed
via the Qubes Update tool or its command-line equivalents. [2]

Summary


Due to a bug in qrexec [3], a malicious qube that is allowed to call a
qrexec service inside of another qube can inject unsanitized data into
the log output of a process that handles incoming qrexec calls in the
receiving qube. This log output may end up in
`/var/log/qubes/qrexec.*.log`, `~/.xsession-errors`, or systemd's
journal.

Impact
---

An attacker could use this vulnerability in order to inject malicious
data, such as terminal control codes, into log output in the hope that
this data will be processed in a unsafe way, for example, by writing it
directly to a potentially-vulnerable terminal emulator.

In the default Qubes OS configuration, for example, there are qrexec
services like `qubes.WindowIconUpdater` that any qube can call in dom0.
An attacker who gains control of an untrusted qube could inject data
containing malicious terminal control sequences into
`/var/log/qubes/qrexec.*.log` in dom0. If the user views that log in a
terminal emulator in a way that doesn't filter terminal escape codes (by
simply using `cat` on the file, for example), the malicious data might
then exploit a hypothetical bug in the terminal emulator.

Note that this attack scenario, as described, has several layered
requirements:

1. The user must voluntarily open a log file containing malicious data
   (or otherwise take action that causes the log file data to be
   parsed).

2. There must exist an independent vulnerability in the user's terminal
   emulator or in whichever program parses the log. (In other words, the
   attacker must chain independent vulnerabilities together.)

3. If using a terminal emulator, a command-line tool that does not
   filter control codes must be used. (`journalctl` prevents the display
   of unsafe sequences by default, but many other tools do not.)

To be clear, the scenario in which the attacker uses the
`qubes.WindowIconUpdater` service in order to exploit a hypothetical bug
in a terminal emulator is just one conceivable scenario for how an
attacker might exploit the vulnerability described in this bulletin. It
is not the only way in which this vulnerability could be exploited, and
the requirements listed for this scenario may not necessarily apply to
other scenarios featuring different types of attacks (for example, using
other qrexec services and exploiting other software that handles log
output). Rather, this example is merely intended as an aid for
understanding the nature of the vulnerability.

Discussion
---

Qubes OS features a framework known as "qrexec," which allows different
qubes to communicate with each other in a controlled manner. [3][4]
These interactions are restricted by the system's RPC policies. [5] In
particular, qrexec can be used to allow less trusted qubes to
communicate with more trusted qubes, including dom0.

Normally, the calling side can send data to the remote services'
standard input and receive its standard output, standard error, and exit
code data. Since it handles untrusted data flows, qrexec is designed
under the assumption that an adversary will use it in order to launch an
attack against one qube from another qube. Therefore, qrexec treats
incoming data as untrusted and carefully sanitizes it. For example, when
qrexec output is connected to a terminal, `qrexec-client` and
`qrexec-client-vm` remove terminal control sequences.

However, due to a mistake in qrexec message type handling, the calling
side can send data marked as "standard error" (`MSG_DATA_STDERR`), and
the remote side will print it to the standard error of the process
handling incoming qrexec connections. This data flow was not expected.
Such messages should be rejected, as they are expected only in the other
direction. Consequently, this data 

[qubes-users] XSAs released on 2022-11-08

2022-11-08 Thread Andrew David Wong
Dear Qubes Community,

The [Xen Project](https://xenproject.org/) has released one or more [Xen 
security advisories (XSAs)](https://xenbits.xen.org/xsa/).
The security of Qubes OS *is affected*.
Therefore, *user action is required*.


## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- XSA-422

Please see [QSB-086](https://www.qubes-os.org/news/2022/11/08/qsb-086/) for 
further details.


## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- (none)


## About this announcement

Qubes OS uses the [Xen 
hypervisor](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview) as 
part of its [architecture](https://www.qubes-os.org/doc/architecture/). When 
the [Xen Project](https://xenproject.org/) publicly discloses a vulnerability 
in the Xen hypervisor, they issue a notice called a [Xen security advisory 
(XSA)](https://xenproject.org/developers/security-policy/). Vulnerabilities in 
the Xen hypervisor sometimes have security implications for Qubes OS. When they 
do, we issue a notice called a [Qubes security bulletin 
(QSB)](https://www.qubes-os.org/security/qsb/). (QSBs are also issued for 
non-Xen vulnerabilities.) However, QSBs can provide only *positive* 
confirmation that certain XSAs *do* affect the security of Qubes OS. QSBs 
cannot provide *negative* confirmation that other XSAs do *not* affect the 
security of Qubes OS. Therefore, we also maintain an [XSA 
tracker](https://www.qubes-os.org/security/xsa/), which is a comprehensive list 
of all XSAs publicly disclosed to date, including whether each one affects the 
security of Qubes OS. When new XSAs are published, we add them to the XSA 
tracker and publish a notice like this one in order to inform Qubes users that 
a new batch of XSAs has been released and whether each one affects the security 
of Qubes OS.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/11/08/xsas-released-on-2022-11-08/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c720b745-266f-d303-1523-182a239b37b9%40qubes-os.org.


[qubes-users] QSB-086: Speculative security issues on AMD CPUs (XSA-422)

2022-11-08 Thread Andrew David Wong
Dear Qubes Community,

We have just published [Qubes Security Bulletin (QSB) 086: Speculative security 
issues on AMD CPUs 
(XSA-422)](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-086-2022.txt).
 The text of this QSB is reproduced below. This QSB and its accompanying 
signatures will always be available in the [Qubes Security Pack 
(qubes-secpack)](https://www.qubes-os.org/security/pack/). More information 
about QSBs, including a complete historical list, is available 
[here](https://www.qubes-os.org/security/qsb/).

```

 ---===[ Qubes Security Bulletin 086 ]===---

 2022-11-08

   Speculative security issues on AMD CPUs (XSA-422)


User action required
-

Users must install the following specific packages in order to address
the issues discussed in this bulletin:

  For Qubes 4.1, in dom0:
  - Xen packages, version 4.14.5-13

These packages will migrate from the security-testing repository to the
current (stable) repository over the next two weeks after being tested
by the community. [1] Once available, the packages are to be installed
via the Qubes Update tool or its command-line equivalents. [2]

Dom0 must be restarted afterward in order for the updates to take
effect.

If you use Anti Evil Maid, you will need to reseal your secret
passphrase to new PCR values, as PCR18+19 will change due to the new
Xen binaries.


Summary


On 2022-11-08, the Xen Project published XSA-422, "x86: Multiple
speculative security issues" [3]:

| Researchers have discovered that on some AMD CPUs, the
| implementation of IBPB (Indirect Branch Prediction Barrier) does not
| behave according to the specification.
|
| Specifically, IBPB fails to properly flush the RAS (Return Address
| Stack, also RSB - Return Stack Buffer - in Intel terminology; one of
| the hardware prediction structures), allowing attacker controlled
| values to survive across a deliberate attempt to purge said values.
|
| AMD have allocated CVE-2022-23824.

XSA-422 also describes a second AMD vulnerability. However, since it
is believed not to affect Xen, and therefore not to affect Qubes OS,
it is omitted here.


Impact
---

On Qubes OS installations with affected CPUs, a VM running in PV mode
may be capable of inferring the memory contents of other running VMs,
including dom0. In the default Qubes OS configuration, only the
stubdomains for HVMs are in a position to exploit this vulnerability
in order to attack other VMs. (Dom0 also runs in PV mode, but it is
fully trusted.)

Only certain AMD CPUs are affected. Please see AMD-SB-1040 [4] for the
official list of affected models.

(Note: XSA-422 states that Xen versions prior to 4.16 are not affected
by this vulnerability. While Qubes OS uses a Xen version prior to
4.16, we have backported a Xen performance optimization [5] that
assumes that IBPB works as previously specified. Therefore, the
version of Xen used in Qubes is affected by this vulnerability even
though its version numbers is lower than 4.16.)


Credits


See the original Xen Security Advisory.


References
---

[1] https://www.qubes-os.org/doc/testing/
[2] https://www.qubes-os.org/doc/how-to-update/
[3] https://xenbits.xen.org/xsa/advisory-422.html
[4] https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1040
[5] 
https://github.com/QubesOS/qubes-vmm-xen/blob/v4.14.5-12/patch-0001-x86-spec-ctrl-Skip-RSB-overwriting-when-safe-to-do-s.patch

--
The Qubes Security Team
https://www.qubes-os.org/security/

```


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/11/08/qsb-086/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5e3d5454-cdfc-b576-6233-899e94d95f64%40qubes-os.org.


[qubes-users] XSAs released on 2022-11-01

2022-11-01 Thread Andrew David Wong
Dear Qubes Community,

The Xen Project has released one or more Xen Security Advisories (XSAs).
The security of Qubes OS *is affected*.
Therefore, *user action is required*.


## XSAs that DO affect the security of Qubes OS

The following XSAs *do affect* the security of Qubes OS:

- XSA-414

Please see [QSB-085](https://www.qubes-os.org/news/2022/11/01/qsb-085/) for 
further details.


## XSAs that DO NOT affect the security of Qubes OS

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- XSA-326 (denial-of-service only)
- XSA-412 (affects only version 4.16)
- XSA-415 (denial-of-service only)
- XSA-416 (denial-of-service only)
- XSA-417 (domid is never reused)
- XSA-418 (denial-of-service only)
- XSA-419 (denial-of-service only)
- XSA-420 (oxenstored is not used in Qubes OS)
- XSA-421 (denial-of-service only)


## Related links

- [Xen XSA list](https://xenbits.xen.org/xsa/)
- [Qubes XSA tracker](https://www.qubes-os.org/security/xsa/)
- [Qubes security pack (qubes-secpack)](https://www.qubes-os.org/security/pack/)
- [Qubes security bulletins (QSBs)](https://www.qubes-os.org/security/qsb/)


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/11/01/xsas-released-on-2022-11-01/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/81b39e8c-e335-3337-9a4b-66cd6ebc53c0%40qubes-os.org.


[qubes-users] QSB-085: Xenstore: Guests can crash xenstored (XSA-414)

2022-11-01 Thread Andrew David Wong
Dear Qubes Community,

We have just published [Qubes Security Bulletin (QSB) 085: Xenstore: Guests can 
crash xenstored 
(XSA-414)](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-085-2022.txt).
 The text of this QSB is reproduced below. This QSB and its accompanying 
signatures will always be available in the [Qubes Security Pack 
(qubes-secpack)](https://www.qubes-os.org/security/pack/). More information 
about QSBs, including a complete historical list, is available 
[here](https://www.qubes-os.org/security/qsb/).

```

 ---===[ Qubes Security Bulletin 085 ]===---

 2022-11-01

   Xenstore: Guests can crash xenstored (XSA-414)


User action required
-

Users must install the following specific packages in order to address
the issues discussed in this bulletin:

  For Qubes 4.1, in dom0:
  - Xen packages, version 4.14.5-12

These packages will migrate from the security-testing repository to the
current (stable) repository over the next two weeks after being tested
by the community. [1] Once available, the packages are to be installed
via the Qubes Update tool or its command-line equivalents. [2]

Dom0 must be restarted afterward in order for the updates to take
effect.

If you use Anti Evil Maid, you will need to reseal your secret
passphrase to new PCR values, as PCR18+19 will change due to the new
Xen binaries.


Summary


On 2022-11-01, the Xen Project published XSA-414, "Xenstore: Guests
can crash xenstored" [3]:

| Due to a bug in the fix of XSA-115 a malicious guest can cause
| xenstored to use a wrong pointer during node creation in an error
| path, resulting in a crash of xenstored or a memory corruption in
| xenstored causing further damage.
|
| Entering the error path can be controlled by the guest e.g. by
| exceeding the quota value of maximum nodes per domain.


Impact
---

The Xen Project's impact description also applies to Qubes OS:

| A malicious guest can cause xenstored to crash, resulting in the
| inability to create new guests or to change the configuration of
| running guests.
|
| Memory corruption in xenstored or privilege escalation of a guest
| can't be ruled out.

(Note: In Qubes terminology, a Xen guest is referred to as a "qube.")


Credits


See the original Xen Security Advisory.


References
---

[1] https://www.qubes-os.org/doc/testing/
[2] https://www.qubes-os.org/doc/how-to-update/
[3] https://xenbits.xen.org/xsa/advisory-414.html

--
The Qubes Security Team
https://www.qubes-os.org/security/

```


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/11/01/qsb-085/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/053e6df0-4439-1cc0-33e2-2ddeb123c94d%40qubes-os.org.


Re: [qubes-users] Task bar disappeared?

2022-10-28 Thread Andrew David Wong
On 10/28/22 9:06 AM, Scat wrote:
> I just had a strange experience, here is what happened:
> 
> - My computer accidentally shut down as the computer became unplugged
> - I am not sure if I accidentally hid the task bar?
> 
> Regardless my task bar disappeared...not sure I am using the right term but 
> I am refering to the bar, on my desktop, it was ontop of the screen. This 
> task bar had icons for my wifi, battery, clock, etc...
> 
> [...]

We have some open issues on xfce4-panel crashing:

https://github.com/QubesOS/qubes-issues/issues/7673
https://github.com/QubesOS/qubes-issues/issues/7728

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/73404716-c567-10d3-43c7-af993fe9fc9f%40qubes-os.org.


[qubes-users] New user guide: How to organize your qubes

2022-10-28 Thread Andrew David Wong
Dear Qubes Community,

We have just published a new article:

"New user guide: How to organize your qubes"
https://www.qubes-os.org/news/2022/10/28/how-to-organize-your-qubes/

As a courtesy to plain-text email users, the plain-text source is reproduced 
below.

8<

_The following is a new [how-to guide](/doc/#how-to-guides) for users who are
starting out with Qubes OS. You can also find it in our [documentation](/doc/)
under [How to organize your qubes](/doc/how-to-organize-your-qubes/)._


When people first learn about Qubes OS, their initial reaction is often, "Wow,
this looks really cool! But... what can I actually *do* with it?" It's not
always obvious which qubes you should create, what you should do in each one,
and whether your organizational ideas makes sense from a security or usage
perspective.

Each qube is essentially a secure compartment, and you can create as many of
them as you like and connect them to each other in various ways. They're sort
of like Lego blocks in the sense that you can build whatever you want. But if
you're not sure what to build, then this open-ended freedom can be daunting.
It's a bit like staring at a blank document when you first sit down to write
something. The possibilities are endless, and you may not know where to begin!

The truth is that no one else can tell you *exactly* how you should organize
your qubes, as there is no single correct answer to that question. It depends
on your needs, desires, and preferences. Every user's optimal setup will be
different. However, what we *can* do is provide you with some illustrative
examples based on questionnaires and interviews with Qubes users and
developers, as well as our own personal experience and insight from using Qubes
over the years. You may be able to adapt some of these examples to fit your own
unique situation. More importantly, walking you through the rationale behind
various decisions will teach you how to apply the same thought process to your
own organizational decisions. Let's begin!


## Alice, the software developer

Alice is a freelance dev who works on several projects for different clients
simultaneously. The projects have varying requirements and often different
build environments. She has a separate set of qubes for each project. She keeps
them organized by coming up with a naming scheme, such as:

```
clientA-code
clientA-build
clientA-test
clientA-prod
projectB-code
projectB-build-test
projectB-prod
...
```

This helps her keep groups of qubes organized in a set. Some of her qubes are
based on [Debian templates](/doc/templates/debian/), while others are based on
[Fedora templates](/doc/templates/fedora/). The reason for this is that some
software packages are more readily available in one distribution as opposed to
the other. Alice's setup looks like this:

[![Alice's system: diagram 
1](/attachment/doc/howto_use_qubes_alice_1.png)](/attachment/doc/howto_use_qubes_alice_1.png)

- **Several qubes for writing code.** Here's where she runs her IDE, commits
  code, and signs her commits. These qubes are based on different templates
  depending on which tools and which development environment she needs. In
  general, Alice likes to have a separate qube of this type for each client or
  each project. This allows her to keep everything organized and avoid
  accidentally mixing up any access credentials or client code, which could be
  disastrous. This also allows her to truthfully tell her clients that their
  code is always securely isolated from all her other clients. She likes to use
  the [Qubes firewall](/doc/firewall/) to restrict these qubes' network access
  to only the code repositories she needs in that qube in order to avoid
  accidentally interacting with anything else on her local network or on the
  internet. Alice also has some qubes of this type for personal programming
  projects that she works on just for fun when she has "free time" (whatever
  that is).

- **Several qubes for building and testing.** Again, Alice usually likes to
  have one of these for each client or project in order to keep things
  organized. However, this can become rather cumbersome and memory-intensive
  when many such qubes are running at the same time, so Alice will sometimes
  use the same qube for building and testing, or for multiple projects that
  require the same environment, when she decides that the marginal benefits of
  extra compartmentalization aren't worth the trouble. Here's where she pulls
  any dependencies she needs, compiles her code, runs her build toolchain, and
  tests her deliverables. In some cases, she finds it useful to use
  [standalones](/doc/standalones-and-hvms/) for these so that it's easier to
  quickly [install different pieces of software](/doc/how-to-install-software/)
  without having to juggle rebooting both the template and an app qube. She
  also sometimes finds it necessary (or just convenient) to 

[qubes-users] XSAs released on 2022-10-11

2022-10-11 Thread Andrew David Wong
Dear Qubes Community,

The Xen Project has released one or more Xen Security Advisories (XSAs).
The security of Qubes OS *is not affected*.
Therefore, *no user action is required*.


## XSAs that affect the security of Qubes OS (user action required)

The following XSAs *do affect* the security of Qubes OS:

- (none)


## XSAs that do not affect the security of Qubes OS (no user action required)

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- XSA-409 (ARM architecture only)
- XSA-410 (denial-of-service only)
- XSA-411 (denial-of-service only; gnttab v2 is unused in Qubes OS)
- XSA-413 (denial-of-service only; XAPI is unused in Qubes OS)


## Related links

- Xen XSA list: 
- Qubes XSA tracker: 
- Qubes security pack (qubes-secpack): 
- Qubes security bulletins (QSBs): 


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/10/11/xsas-released-on-2022-10-11/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/47f92807-97e2-0b68-5249-4382b4862507%40qubes-os.org.


[qubes-users] The Qubes OS Project is now accepting donations on Ethereum!

2022-09-29 Thread Andrew David Wong
Dear Qubes Community,

We are pleased to announce that the Qubes OS Project is now accepting 
[donations](https://www.qubes-os.org/donate/) on 
[Ethereum](https://ethereum.org/) (Mainnet) at the following address:

```
0xDaa04647e8ecb616801F9bE89712771F6D291a0C
```

*Warning*: This [Gnosis Safe](https://gnosis-safe.io/) Ethereum address 
supports ether (ETH) and all assets that fully comply with the 
[ERC-20](https://ethereum.org/en/developers/docs/standards/tokens/erc-20/) 
standard (e.g., USDT, USDC, and DAI), but *only* on [Ethereum 
Mainnet](https://ethereum.org/en/developers/docs/networks/#ethereum-mainnet). 
Please *do not* send assets on any other network to this address, or else your 
donation may be lost. For example, please *do not* send assets on any Ethereum 
Layer 2 solution (e.g., Arbitrum, Optimism) or any sidechain (e.g., Polygon, 
xDai) to this address.

We have recently observed an increase in demand for an Ethereum donation 
option, both for ETH itself and for stablecoins like USDT, USDC, and DAI. As 
the largest smart-contract blockchain, largest proof-of-stake blockchain, and 
second-largest cryptocurrency by market capitalization, the Ethereum network 
and its native currency ETH are natural additions to our growing list of 
donation methods. Moreover, this new option allows users to donate any token 
they choose (including non-stablecoins!) so long as (1) the token fully 
complies with the ERC-20 standard and (2) the transaction is done on Ethereum 
Mainnet (as opposed to a Layer 2 solution or a sidechain). Please double-check 
that both of these conditions hold before sending anything to our Ethereum 
address, or else your donation may be lost!

As with our bitcoin (BTC) and monero (XMR) donation addresses, you can verify 
the authenticity of our Ethereum donation address via the [Qubes Security 
Pack](https://www.qubes-os.org/security/pack/) in the 
[fund](https://github.com/QubesOS/qubes-secpack/tree/master/fund) directory. We 
also provide detailed instructions for [verifying the digital 
signatures](https://www.qubes-os.org/security/pack/#how-to-obtain-and-authenticate).

As with all other donations, your donations on Ethereum will [directly fund the 
Qubes OS Project](https://www.qubes-os.org/donate/#how-is-my-donation-used). 
Since Qubes is free and open-source software, we do not earn any revenue by 
selling it. Instead, we rely on your financial support. If you rely on Qubes 
for secure computing in your work or personal life or see the value in our 
efforts, we would greatly appreciate your donation. Thank you!


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/09/29/qubes-os-project-now-accepting-donations-on-ethereum/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/730997aa-533d-bb26-ef0d-01fc0ecc3ca3%40qubes-os.org.


Re: [EXT] Re: [qubes-users] Installer does not work, no templates to install

2022-09-16 Thread Andrew David Wong
On 9/16/22 5:43 AM, Demi Marie Obenour wrote:
> On Fri, Sep 16, 2022 at 05:42:05AM -0700, Andrew David Wong wrote:
>> On 9/15/22 12:25 AM, Demi Marie Obenour wrote:
>>> On Thu, Sep 15, 2022 at 01:38:57AM +0200, Ulrich Windl wrote:
>>>> On 7/31/22 15:23, 'awokd' via qubes-users wrote:
>>>>> 'felix' via qubes-users:
>>>>>> I want to reinstall Qubes 4.1, but I cannot select any templates in
>>>>>> the installer.
>>>>>>
>>>>>> Qubes 4.0 and 4.1 were already running successfully on my device and
>>>>>> Qubes 4.0 can still be installed successfully.
>>>>>>
>>>>>> In the install menu, Fedora, Debian and Whonix are missing from the
>>>>>> software selection, which is why all templates and app vm's are
>>>>>> missing after the installation and only dom0 remains.
>>>>>
>>>>> I've seen this before when the USB drive gets only partially created.
>>>>> Make sure it's large enough for the bigger 4.1 image, and if you didn't
>>>>> use DD to create it, try that route.
>>>>>
>>>
>>>> A common pitfall when creating the stick with Linux is that even after DD
>>>> had finished, Linux stil ldoes writeback the dirty buffers.
>>>> If you have a slower stick without an LED, you are heading fro trouble.
>>>> Maybe try a sync before ejecting the stick.
>>>
>>> Always use conv=fsync to prevent this problem.
>>>
> 
>> Our installation guide currently instructs Linux users to execute the 
>> command:
> 
>> ```
>> $ sudo dd if=Qubes-RX-x86_64.iso of=/dev/sdY status=progress bs=1048576 && 
>> sync
>> ```
> 
>> Should this be changed to:
> 
>> ```
>> $ sudo dd if=Qubes-RX-x86_64.iso of=/dev/sdY status=progress bs=1048576 
>> conv=fsync
>> ```
> 
> I think so, yes.
> 

Done. Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/bb578104-4633-dd3a-b4d0-3a0b33c0def8%40qubes-os.org.


Re: [EXT] Re: [qubes-users] Installer does not work, no templates to install

2022-09-16 Thread Andrew David Wong
On 9/15/22 12:25 AM, Demi Marie Obenour wrote:
> On Thu, Sep 15, 2022 at 01:38:57AM +0200, Ulrich Windl wrote:
>> On 7/31/22 15:23, 'awokd' via qubes-users wrote:
>>> 'felix' via qubes-users:
 I want to reinstall Qubes 4.1, but I cannot select any templates in
 the installer.

 Qubes 4.0 and 4.1 were already running successfully on my device and
 Qubes 4.0 can still be installed successfully.

 In the install menu, Fedora, Debian and Whonix are missing from the
 software selection, which is why all templates and app vm's are
 missing after the installation and only dom0 remains.
>>>
>>> I've seen this before when the USB drive gets only partially created.
>>> Make sure it's large enough for the bigger 4.1 image, and if you didn't
>>> use DD to create it, try that route.
>>>
> 
>> A common pitfall when creating the stick with Linux is that even after DD
>> had finished, Linux stil ldoes writeback the dirty buffers.
>> If you have a slower stick without an LED, you are heading fro trouble.
>> Maybe try a sync before ejecting the stick.
> 
> Always use conv=fsync to prevent this problem.
> 

Our installation guide currently instructs Linux users to execute the command:

```
$ sudo dd if=Qubes-RX-x86_64.iso of=/dev/sdY status=progress bs=1048576 && sync
```

Should this be changed to:

```
$ sudo dd if=Qubes-RX-x86_64.iso of=/dev/sdY status=progress bs=1048576 
conv=fsync
```

?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6664785f-a4b4-85e8-9410-c57056713756%40qubes-os.org.


[qubes-users] Qubes Canary 032

2022-09-14 Thread Andrew David Wong
Dear Qubes Community,

We have published Qubes Canary 032. The text of this canary is
reproduced below.

This canary and its accompanying signatures will always be available in
the Qubes security pack (qubes-secpack).

View Qubes Canary 032 in the qubes-secpack:



Learn how to obtain and authenticate the qubes-secpack and all the
signatures it contains:



View all past canaries:



```

---===[ Qubes Canary 032 ]===---


Statements
---

The Qubes security team members who have digitally signed this file [1]
state the following:

1. The date of issue of this canary is September 13, 2022.

2. There have been 84 Qubes security bulletins published so far.

3. The Qubes Master Signing Key fingerprint is:

   427F 11FD 0FAA 4B08 0123  F01C DDFA 1A3E 3687 9494

4. No warrants have ever been served to us with regard to the Qubes OS
   Project (e.g. to hand out the private signing keys or to introduce
   backdoors).

5. We plan to publish the next of these canary statements in the first
   fourteen days of December 2022. Special note should be taken if no new
   canary is published by that time or if the list of statements changes
   without plausible explanation.


Special announcements
--

We plan to create a new Release Signing Key (RSK) [3] for Qubes OS 4.2.
Normally, we have only one RSK for each major release. However, for the
4.2 release, we will be using Qubes Builder version 2, which is a
complete rewrite of the Qubes Builder. Out of an abundance of caution,
we would like to isolate the build processes of the current stable 4.1
release and the upcoming 4.2 release from each other at the
cryptographic level in order to minimize the risk of a vulnerability in
one affecting the other. We are including this notice as a canary
special announcement since introducing a new RSK for a minor release is
an exception to our usual RSK management policy.


Disclaimers and notes
--

We would like to remind you that Qubes OS has been designed under the
assumption that all relevant infrastructure is permanently compromised.
This means that we assume NO trust in any of the servers or services
which host or provide any Qubes-related data, in particular, software
updates, source code repositories, and Qubes ISO downloads.

This canary scheme is not infallible. Although signing the declaration
makes it very difficult for a third party to produce arbitrary
declarations, it does not prevent them from using force or other means,
like blackmail or compromising the signers' laptops, to coerce us to
produce false declarations.

The proof of freshness provided below serves to demonstrate that this
canary could not have been created prior to the date stated. It shows
that a series of canaries was not created in advance.

This declaration is merely a best effort and is provided without any
guarantee or warranty. It is not legally binding in any way to anybody.
None of the signers should be ever held legally responsible for any of
the statements made here.


Proof of freshness
---

Tue, 13 Sep 2022 02:47:47 +

Source: DER SPIEGEL - International 
(https://www.spiegel.de/international/index.rss)
Poland's Prime Minister on Ukraine War and Energy Crisis
Habeck's Meltdown: Nuclear Energy Standby Proposal Has Germany's Greens Seeing 
Red
European Commissioner Gentiloni: "The Coming Winter Could Be One of the Worst 
in History"
Russian Meddling in the Balkans: "Over and Over, Putin Says Kosovo, Kosovo, 
Kosovo!"
Laos and the New Silk Road: The Train to Dependence on China

Source: NYT > World News 
(https://rss.nytimes.com/services/xml/rss/nyt/World.xml)
Ukraine’s Sudden Gains Prompt New Questions for Commanders
Russian Critics Speak Out, Prompted by Ukraine Losses
King Charles Pays Tribute to Queen Elizabeth on a Day Steeped in Tradition
Oppressive Blackouts Force Lebanese to Change Rhythm of Life
Ukraine Claims More Ground in Northeast and South

Source: BBC News - World (https://feeds.bbci.co.uk/news/world/rss.xml)
Ukraine war: We retook 6,000 sq km from Russia in September, says Zelensky
Ukraine war: What will Russia's losses mean for Putin?
Ukraine war: A successful surprise attack - but danger still looms
Sweden election: Result could take days as vote too close to call
Taoiseach: Queen's death 'reminder to nurture UK-Ireland relations'

Source: Blockchain.info
0002fb0e59c723277069b5389aa2df4b8ff6dc8d80da6ad4


Footnotes
--

[1] This file should be signed in two ways: (1) via detached PGP
signatures by each of the signers, distributed together with this canary
in the qubes-secpack.git repo, and (2) via digital signatures on the
corresponding qubes-secpack.git repo tags. [2]

[2] Don't just trust the contents of this file blindly! Verify the
digital 

[qubes-users] "Qubes OS Summit: History from organizer's perspective" by Michał Żygowski

2022-09-07 Thread Andrew David Wong
Dear Qubes Community,

We've just published a new guest article by Michał Żygowski from 3mdeb about 
the history of Qubes OS Summits. Thanks for sharing with us today, Michał!

"Qubes OS Summit: History from organizer's perspective"
by Michał Żygowski
https://www.qubes-os.org/news/2022/09/07/qubes-os-summit-history/

The Markdown source of the article is reproduced below as a courtesy to plain 
text email readers.

8< 

## Introduction

The next [Qubes OS Summit 
2022](https://www.qubes-os.org/news/2022/07/29/qubes-os-summit-2022/)
edition is upcoming. This year it will be held in Berlin from September 9th to
11th in hybrid format, in person and live-streamed for remote access. More
details [here](https://qubesos.3mdeb.com/). Don't miss the event and more
importantly how it started. In the article the history and organizer's
perspective of the event will be described.

## How did all of this start?

In May 2019 3mdeb funded Linux training for its employees, having no idea who
the instructor will be. At some point, it occurred that the mysterious
instructor will be none other than Marek Marczykowski-Górecki, the same person
who leads the Qubes OS project. As huge fans of Qubes OS and its approach to
security, as also fans of Joanna Rutkowska security research in the area of
firmware and computer architecture, we were delighted to meet him in person in
our office in Gdańsk, Poland. The time has come when the idea of a short event
focused on firmware impact on Qubes OS security has been born. We asked Marek
if he has some spare time to discuss firmware impacts on Qubes OS security and
he liked the idea. The event has been called humorously a "minisummit". That is
how the first Qubes OS summit started, one day, in a small conference room,
with a tiny group of people passionate about firmware and system security,
nothing outrageous (in the meaning of scale). One may still read what topics
have been discussed
[here](https://blog.3mdeb.com/2019/2019-08-07-qubes-os-and-3mdeb-minisummit/).
The main focus was on Qubes OS certification and ecosystem as well as the
firmware-related security technologies support like TPM 2.0 and DRTM (Anti Evil
Maid). The event helped 3mdeb realize how to get involved in Qubes OS project
and help to improve it with our expertise.

## The past of Qubes OS Summits

Everyone enjoyed that one particular day so much, that we decided to repeat the
event next year. The environment we created together, bending and crossing the
event horizon between firmware and operating system, was something wonderful,
both to hear and to speak about. The potential we saw in that kind of event, to
bring various companies together and collaborate on the project on every
possible layer, has been pushing us forward to enlarge the community and
introduce more open-source firmware to the Qubes OS world.

Another May has come, the year 2020, the pandemic dominated the world. But it
didn't stop us from holding the event again! It even gave us a better
opportunity to attract and gather more people virtually to attend the event.
Thanks to our 3mdeb colleagues, who set up the live recording and streaming of
the whole Qubes OS 2020 Summit, it is possible to see and listen to the talks
given by Qubes OS and 3mdeb experts on
[Youtube](https://www.youtube.com/playlist?list=PLuISieMwVBpIwhPXcuYKtS50CHQOvt_BO)
over and over again. From 3mdeb side we continued firmware-related topics, for
example first time Qubes OS Anti Evil Maid on AMD platform. It was quite a
challenge for us because we have organized such a virtual event for the first
time. Fortunately, everything went smoothly and finished with success after 4
sessions 2.5 hours long.

In August 2021 we held yet another Qubes OS Summit together with the Qubes OS
team, still virtually, unfortunately. However, this year brought more speakers
from other companies and projects, which we were very happy about. There were 2
sessions almost 4 hours each and one may watch the talks at
[Youtube](https://www.youtube.com/playlist?list=PLuISieMwVBpIoLQzpYeZnkupURheXky6r).
This time, the 3mdeb's stage belonged to Piotr Król (CEO of 3mdeb) who presented
his adventures using Qubes OS as an everyday device, talking about USB camera
and cryptocurrency wallets. Of course firmware-related topics could not be
missing and Piotr also showed continuation of his previous year's efforts of
securing the VMs with SRTM and Secure Boot.

## The future of Qubes OS Summits

Finally, the time has come when we may meet together in person, after three
years! The Qubes OS Summit 2022 is fast approaching, with only a few days left
before the start of the event in Berlin. As it is no longer held only virtually
(but still possible to attend remotely for those who can't be with us in
person) the organization is more complicated, both from the logistics and
presentations side. Every year we try our best to dig into hardcore security
topics on the 

Re: [qubes-users] "Upgrading" by installing

2022-09-05 Thread Andrew David Wong
On 9/3/22 5:56 AM, Ulrich Windl wrote:
> Hi !
> 
> So eventually I decided to upgrade my Qubes OS installation by backup, 
> install, then restore.
> Unfortunately I'm stuck, and here is my negative experience:
> First when using a custom disk layout, i.e.: reuse VG and LV from the current 
> installation, I noticed that I van only assign swap if I select to reformat 
> it. Then it's selected automatically; otherwise it's ignored.
> Next it's recommended to reformat the root snd boot filesystems, but noting 
> got the LVs. So ehen trying to install the debian-11 template it failed, 
> template installation was aborted, snd I found to way to resume or restart. 
> See attachment. So I restarted everything, also deleting the LVs for the VMs 
> (which is not easy from the installation environment).
> When installation had finished eventually, I tried to restore my VMs, but I'm 
> offered just the basic net and firewall VMs. So I wonder how to do that.
> Also I wondered why there is no "import VM" function when the LVs for the VM 
> are still (already) there. I didn't delete the LVs of one of my VMs.
> 
> So in summary the installer snd the documentation should be improved.
> 
> Regards,
> Ulrich
> P.S.: Typed on my mobile, so there are probably several typing errors I did 
> not detect.
> 

I don't really know anything about custom disk layouts, but have you tried 
restoring by following these instructions?

https://www.qubes-os.org/doc/how-to-back-up-restore-and-migrate/#restoring-from-a-backup

If so, where exactly did you encounter a problem (i.e., which step)?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c8a8f977-c5c1-cc83-3ae4-43f5ec2392fe%40qubes-os.org.


OpenPGP_signature
Description: OpenPGP digital signature


Re: [qubes-users] Problems with debian-11 dvm

2022-09-04 Thread Andrew David Wong
On 9/3/22 2:18 PM, Ulrich Windl wrote:
> Hi!
> 
> It seems in Qubes OS 4.0 I can't select debian-11 as template for a dvm. What 
> are the reasons?
> 
> Regards,
> Ulrich
> 

Disposables cannot be based directly on regular templates. Instead, you must 
first create an app qube and designate it as a disposable template. There is an 
open issue for reconsidering this: 
https://github.com/QubesOS/qubes-issues/issues/6720

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ed359bff-5be4-73a1-0207-d9d66a6541cb%40qubes-os.org.


OpenPGP_signature
Description: OpenPGP digital signature


Re: [qubes-users] firefox-esr and brave-browser work, but firefox, nautilus, thunar, gnome-terminal, xterm do not

2022-08-24 Thread Andrew David Wong
On 8/24/22 2:31 PM, Franz wrote:
> Hello,
> the following command is intended to run an application in a new DVM:
> 
> qvm-run --dispvm=debian-11-dvm --service qubes.StartApp+
> 
> If in place of  I put firefox-esr or brave-browser it works, the
> new DVM is opened and the application works as expected.
> 
> But if in place of  I put firefox, nautilus, thunar,
> gnome-terminal, xterm the DVM starts, but immediately after closes with
> error:
> command failed with code:1
> 
> Any idea to solve it or is it just a bug?
> 
> 
> 
> firefox-esr and brave-browser work, but firefox, nautilus, thunar,
> gnome-terminal, xterm do not
> 

You might be missing .desktop files or something for the ones that aren't 
working. That seems to be a common problem.

I prefer the simplicity and reliability of this type of command:

qvm-run --dispvm=debian-11-dvm 

E.g.:

qvm-run --dispvm=debian-11-dvm nautilus

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1d7b3b68-bf08-c9fb-ecc2-6cb9ba9034af%40qubes-os.org.


Re: [qubes-users] reduce font size in UI

2022-08-23 Thread Andrew David Wong
On 8/22/22 5:42 PM, Franz wrote:
> Hello,
> in a higher resolution screen characters are too small in templates.
> Nothing seems to work to increase the text size of the user interface, such
> as the text in nautilus or bookmarks in firefox or brave-browser.
> 
> I tried
> QT_SCALE_FACTOR=1.34 application
> and
> gsettings set org.gnome.desktop.interface text-scaling-factor 1.5
> No change whatsoever.
> 
> The only one that works is dom0 using Appearance/fonts
> 
> Is this problem related to the Qubes structure or is it just my inability?
> 
> Any idea
> Best
> Franz
> 

Have a look at this thread:

https://forum.qubes-os.org/t/guide-xfce-global-dark-mode-in-qubes-4-0-4-1/10757

While the thread is mainly about apply dark themes, I've found that the font 
changes also apply inside of templates. For example, following the instructions 
resulted in a bigger font size in Nautilus.

As for web browsers, you might have to adjust that in the browser's settings.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0adc45ec-ff97-a57b-124f-a7fa7f8b0769%40qubes-os.org.


Re: [qubes-users] Qubes Contrib repository

2022-08-21 Thread Andrew David Wong
On 8/21/22 8:25 AM, Steve Coleman wrote:
> On Sun, Aug 21, 2022 at 10:29 AM 'unman' via qubes-users <
> qubes-users@googlegroups.com> wrote:
> 
>> On Sat, Aug 13, 2022 at 10:02:15PM +0200, Qubes wrote:
>>
>> qubes-dom0-update --repo=qubes-contrib-dom0-r4.1-current --action=list
>>
> Q1: Is there any way to list these in a way that can actually be copied to
> the clipboard from the sys-firewall xterm?
> 
> Using ctrl-c to copy something just closes the window and there is no menu
> bar for a copy/paste operation.
> 
> Q2: Is there a configuration to get sys-firewall add the menu bar back to
> this dynamically opened xterm?
> 
> On my system this command lists the packages in a completely unreadable
> color, which is why I wanted to copy it, so I could then paste it into
> something that would strip the awful color from the list so I could
> actually read it. I'm assuming there is a terminal configuration that
> controls these default window attributes?
> 
> Q3: Or change the color for this xterm so I can actually read what I need
> to type into the next command, if I found something I wanted to install?
> 
> A way to enlarge the width of the terminal to prevent the text from
> wrapping around would also be a help.
> 
> thanks!
> 

All of those aspects of XTerm are configurable and are not Qubes-specific. You 
can simply search the web for "how to customize XTerm" to find many good guides 
that explain how to do all of this.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/efe0a56f-77ac-8762-90cf-1ac912aab7a2%40qubes-os.org.


Re: [qubes-users] Missing data after Qubes restore from backup

2022-08-14 Thread Andrew David Wong
On 8/14/22 8:36 AM, 'Crsi' via qubes-users wrote:
> I also checked "verify backup" -- no error reported.

Just to clarify, the "verify only" option simulates a restore operation without 
actually writing any data from the backup to disk. This has two implications:

1. This option is not at all applicable when *creating* a backup (and should 
not even appear as an option there). [There's an open issue for a "create a 
backup, then verify it" feature, but it hasn't been implemented yet: 
https://github.com/QubesOS/qubes-issues/issues/1454]

2. Enabling this option when restoring will tell you that it was successful (if 
the simulation was successful), but no data on disk will change. This means, 
for example, that restoring from an older backup first, then restoring from a 
newer backup with "verify only" enabled, will result in the older VMs still 
being the ones on your disk.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3a85507f-bc0c-aa0a-fc0d-afa612f1d7f6%40qubes-os.org.


Re: [qubes-users] qvm-prefs default_dispvm debian-11-mu-dvm

2022-08-10 Thread Andrew David Wong
On 8/9/22 12:40 PM, Franz wrote:
> On Tue, Aug 9, 2022 at 4:33 PM Qubes  wrote:
> 
>> Franz wrote:
>>> Hello, dear friends
>>>
>>> New installation 4.1.1
>>>
>>> I am trying to set  debian-11-mu-dvm as default disp vm template for the
>>> whole system, but the command
>>>
>>> qvm-prefs default_dispvm  debian-11-mu-dvm
>>>
>>> replies
>>>
>>> qvm-prefs: error: no such domain: 'default_dispvm'.
>> Global >
>>> It seems it expects a domain to make that debian-11-mu-dvm the default
>> disp
>>> vm for that domain. But I want to make it default for the whole system,
>> not
>>> a single domain.
>>>
>>> Is there a way?
>>>
>>
>> Can you try Qubes Manager?
>>
>> With Qubes Manager open select System -> Global settings. On the new
>> window that opens the default dispvm template to use system-wide is
>> bottom right.
>>
>>
> wow, I spent four hours and my head is fuming and you solved it in 5
> minutes. Many thanks my friend
> 

For the command line, you want `qubes-prefs` instead of `qvm-prefs`. The former 
is for global settings, while the latter is qube-specific.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b7eba828-5a0c-0195-0ea7-528012d99a5a%40qubes-os.org.


Re: [qubes-users] Install ttf-mscorefonts-installer on debian 11

2022-08-10 Thread Andrew David Wong
On 8/9/22 7:00 AM, roger paranoia wrote:
> Hello
> 
> I would like to install ttf-mscorefonts-installer with the following
> command:
> 
> sudo apt install ttf-mscorefonts-installer
> 
> but as it privative stuff, it is not directly available in the regular
> repositories. It actually tries to connect to many urls so it can automate
> an install of those fonts.
> 
> I had the same problem with the "add-apt-repository" when trying to install
> additional repositories to the ubuntu bionic template (provided by unman)
> but I worked around the issue by manually downloaded keys from a connected
> appvm, transferring them to the template and manually adding them. It was a
> bit of a pain in the ass then but it just got worse since the "apt-key add"
> has been deprecated and now gpg is the way to do it. Is there any way to
> install the microsoft fonts and/or to install repositories that require
> wget to download keys?
> 
> Thanks in advance!
> 

Perhaps this will help:

https://www.qubes-os.org/doc/how-to-install-software/#installing-software-from-other-sources

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d062eab4-d6d1-2827-c722-6f09eb08375f%40qubes-os.org.


[qubes-users] QSB-084: Split GPG: GnuPG file descriptor confusion and file existence leak

2022-08-06 Thread Andrew David Wong
Dear Qubes Community,

We have just published [Qubes Security Bulletin (QSB) 084: Split GPG: GnuPG 
file descriptor confusion and file existence 
leak](https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-084-2022.txt).
 The text of this QSB is reproduced below. This QSB and its accompanying 
signatures will always be available in the [Qubes Security Pack 
(qubes-secpack)](https://www.qubes-os.org/security/pack/). More information 
about QSBs, including a complete historical list, is available 
[here](https://www.qubes-os.org/security/qsb/).

```

 ---===[ Qubes Security Bulletin 084 ]===---

 2022-08-06

  Split GPG: GnuPG file descriptor confusion and file existence leak

User action required
-

Users must install the following specific packages in order to address the
issues discussed in this bulletin:

  For Qubes 4.1, in templates and standalones:
  - qubes-gpg-split 2.0.63

These packages will migrate from the security-testing repository to the
current (stable) repository over the next two weeks after being tested
by the community. [1] Once available, the packages are to be installed
via the Qubes Update tool or its command-line equivalents. [2]


Summary


Split GPG [3] is designed to isolate private keys from the application
using them in order to protect them from being extracted and to allow
the user to retain control over when they are used. This isolation is
implemented by forwarding calls from an application in a frontend qube,
where `qubes-gpg-client` is executed, to an instance of `gpg` in a
backend qube that holds the private keys, all while allowing only
specific `gpg` options. This option filtering mechanism is designed to
reject options like `--export-secret-keys` that might leak private keys
to the frontend qube. However, it has been discovered that certain
combinations of options allow the frontend qube to access data in the
backend qube in unintended ways.

Two separate types of attack were discovered:

1. Interaction via `--command-fd` allows the frontend qube to check for
   the existence of arbitrary files in the backend qube, including files
   unrelated to GnuPG.

2. Using the same `--*-fd` option several times allows the frontend qube
   to redirect GnuPG input and output to the wrong file descriptor. This
   can be used to:

   - Corrupt files used by GnuPG. (We have confirmed this only in the
 case of `trustdb`, but other files cannot be ruled out.)
   - Issue arbitrary commands to `gpg-agent`, which can be used to
 perform actions like generating new secret keys and deleting
 existing keys.
   - Set various environment variables for the `pinentry` process,
 thereby providing an indirect avenue of attack against this
 process.

   However, our testing did not reveal any way to exploit this
   vulnerability in order to read `gpg-agent`'s responses, which means
   that certain actions, such as extracting secret keys, should not be
   possible.


Impact
---

An attacker controlling a Split GPG frontend qube can check for the
existence of arbitrary files in a backend qube, corrupt the `trustdb`
file in a backend qube, issue arbitrary commands to `gpg-agent` in a
backend qube, and issue arbitrary commands to a smart card daemon in a
backend qube. While this vulnerability can be exploited in order to
generate and delete keys in the backend qube (or on a smart card
attached to the backend qube), it is unlikely that it can be used to
exfiltrate private keys out of the backend qube (or off of a smart card
attached to the backend qube). If this vulnerability were to be chained
with a hypothetical vulnerability in `gpg-agent`, `scdaemon`, or
`pinentry` (or in one of the libraries they use), then arbitrary code
execution could be possible.


Credits


This issue was discovered by Demi Marie Obenour.

References
---

[1] https://www.qubes-os.org/doc/testing/
[2] https://www.qubes-os.org/doc/how-to-update/
[3] https://www.qubes-os.org/doc/split-gpg/

--
The Qubes Security Team
https://www.qubes-os.org/security/

```


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/08/06/qsb-084/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6e071ed2-72ac-4d4a-57d6-da9f25017e2d%40qubes-os.org.


[qubes-users] Qubes OS 4.0 has reached EOL

2022-08-04 Thread Andrew David Wong
Dear Qubes Community,

As [previously 
announced](https://www.qubes-os.org/news/2022/07/04/qubes-os-4-0-eol-on-2022-08-04/),
 all releases in the Qubes 4.0 series (which includes the most recent 4.0.4 
patch release) have officially reached EOL (end-of-life) as of today, 
2022-08-04. We strongly urge all remaining Qubes 4.0 users to [upgrade to Qubes 
4.1](https://www.qubes-os.org/doc/upgrade/4.1/) immediately. As always, the 
support statuses of all Qubes OS and template releases are available on the 
[supported releases](https://www.qubes-os.org/doc/supported-releases/) page, 
and the latest release is available to download on the 
[downloads](https://www.qubes-os.org/downloads/) page.


## What should I do?

If you're already using Qubes 4.1, then no action is required on your part. 
This announcement concerns only the 4.0 minor release series.

If you're still using Qubes 4.0 (including the most recent 4.0.4 patch 
release), then you should upgrade to 4.1 immediately. You have two options:

- Perform a clean reinstallation using the latest stable [Qubes 4.1.1 
ISO](https://www.qubes-os.org/downloads/#qubes-release-4-1-1), which was 
[published on 
2022-07-18](https://www.qubes-os.org/news/2022/07/18/qubes-4-1-1/).
- Perform an [in-place 
upgrade](https://www.qubes-os.org/doc/upgrade/4.1/#in-place-upgrade) to 4.1.

Both of these options are covered in further detail in the [Qubes 4.0 to 4.1 
upgrade guide](https://www.qubes-os.org/doc/upgrade/4.1/). If you need help, 
please consult our [help and support](https://www.qubes-os.org/support/) page.


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/08/04/qubes-4-0-has-reached-eol/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e7300db5-e1b6-c193-faad-b9d1c0ae2458%40qubes-os.org.


[qubes-users] Qubes OS Summit 2022: September 9-11 in Berlin

2022-07-29 Thread Andrew David Wong
Dear Qubes Community,

In conjunction with [3mdeb](https://3mdeb.com/), the fourth edition of our 
Qubes OS Summit will be held live this year from September 9 to 11 in Berlin, 
Germany! For more information about this event, including the CFP (which is 
open until August 29), please see: 


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/07/29/qubes-os-summit-2022/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/fd9081a3-38a7-8feb-a623-7430d4277478%40qubes-os.org.


[qubes-users] XSAs released on 2022-07-26

2022-07-26 Thread Andrew David Wong
Dear Qubes Community,

The Xen Project has released one or more Xen Security Advisories (XSAs).
The security of Qubes OS *is not affected*.
Therefore, *no user action is required*.


## XSAs that affect the security of Qubes OS (user action required)

The following XSAs *do affect* the security of Qubes OS:

- (none)


## XSAs that do not affect the security of Qubes OS (no user action required)

The following XSAs *do not affect* the security of Qubes OS, and no user action 
is necessary:

- XSA-408 (shadow mode is disabled at build time)


## Related links

- Xen XSA list: 
- Qubes XSA tracker: 
- Qubes security pack (qubes-secpack): 
- Qubes security bulletins (QSBs): 


This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2022/07/26/xsas-released-on-2022-07-26/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7f9ab98e-4974-2f24-1911-84eee8a1e29f%40qubes-os.org.


Re: [qubes-users] Qubes Manager not honoring colour scheme selection

2022-07-26 Thread Andrew David Wong
On 7/25/22 4:53 PM, 'taran1s' via qubes-users wrote:
> I tried this but didn't succeed.
> 
> sudo qubes-dom0-update qt5-qtstyleplugins
> sudo qubes-dom0-update
> export QT_QPA_PLATFORMTHEME=gtk2
> 
> cat /etc/environment QT_QPA_PLATFORMTHEME=gtk2
> cat: 'QT_QPA_PLATFORMTHEME=gtk2': No such file or directory
> 
> Qube Manager is still white ^^. Any ideas?
> 

You have to actually edit the file `/etc/environment` in order to insert the 
string `QT_QPA_PLATFORMTHEME=gtk2` into that file, then reboot afterward.

P.S. -- Please avoid top-posting.

> 
> TheGardner:
>> Thanks very much Demi Marie.
>> Then this should be the correct way:
>>
>> Source & Info: https://github.com/QubesOS/qubes-issues/issues/7389
>>
>>
>> Install the package qt5-qtstyleplugins with:
>>
>> sudo qubes-dom0-update qt5-qtstyleplugins
>>
>> then insert in /etc/environment:
>>
>> -[Start]-
>> QT_QPA_PLATFORMTHEME=gtk2
>> -[End]---
>>
>> in dom0 terminal do:
>>
>> export QT_QPA_PLATFORMTHEME=gtk2
>>
>> ---
>>
>> finally you can check, if all changes were set & working:
>>
>> [TheGardner@dom0]$ cat /etc/environment
>> QT_QPA_PLATFORMTHEME=gtk2
>>
>> [TheGardner@dom0]$ echo $QT_QPA_PLATFORMTHEME
>> gtk2
>>
>> [TheGardner@dom0]$ sudo dnf info qt5-qtstyleplugins
>> Qubes OS Repository for Dom0
>>    1.9 MB/s | 3.0 kB 00:00
>> Installed Packages
>> Name : qt5-qtstyleplugins
>> Version  : 5.0.0
>> Release  : 39.fc32
>> Architecture : x86_64
>> Size : 1.2 M
>> Source   : qt5-qtstyleplugins-5.0.0-39.fc32.src.rpm
>> Repository   : @System
>>   From repo    : qubes-dom0-cached
>> Summary  : Classic Qt widget styles
>> URL  : https://github.com/qtproject/qtstyleplugins
>> License  : LGPLv2 or GPLv2
>> Description  : Classic Qt widget styles, including cleanlooks, motif,
>> plastique, qgtk.
>>
>> Demi Marie Obenour schrieb am Samstag, 23. Juli 2022 um 04:07:18 UTC+2:
>>
>> On Fri, Jul 22, 2022 at 05:45:13PM -0700, TheGardner wrote:
> Great! It's working now with the following steps in dom0 terminal:
>
> Download qt5-qtstyleplugins RPM file from:
>
>
>> https://kojipkgs.fedoraproject.org//packages/qt5-qtstyleplugins/5.0.0/39.fc32/x86_64/qt5-qtstyleplugins-5.0.0-39.fc32.x86_64.rpm
>
> Move it from your AppVM to dom0 with:
>
> qvm-run --pass-io  'cat
> /home/user/Download/qt5-qtstyleplugins-5.0.0-39.fc32.x86_64.rpm' >
>
>> /home//Downloads/qt5-qtstyleplugins-5.0.0-39.fc32.x86_64.rpm
>
> Install the package with:
>
> sudo dnf install -y qt5-qtstyleplugins-5.0.0-39.fc32.x86_64.rpm
>>
>> This is not safe. You can do:
>>
>> sudo qubes-dom0-update qt5-qtstyleplugins
>>
>> and it will work as with any other package.
>>
>> That reminds me: Marek, should we set repo_gpgcheck=1 and/or
>> %_pkgverify_level all in dom0, to protect against mistakes like this?
>>>
>>
> 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/df4da536-f203-2392-4b6a-cb8c440c1bc1%40qubes-os.org.


Re: [qubes-users] Qubes Manager not honoring colour scheme selection

2022-07-23 Thread Andrew David Wong
On 7/22/22 7:07 PM, Demi Marie Obenour wrote:
> [...]
> 
> That reminds me: Marek, should we set repo_gpgcheck=1 and/or
> %_pkgverify_level all in dom0, to protect against mistakes like this?

FWIW: https://github.com/QubesOS/qubes-issues/issues/7628

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/99b60f08-76a9-9973-e141-b0b18fb4bb00%40qubes-os.org.


  1   2   3   4   5   6   7   8   9   10   >