On Thu, Oct 14, 2021 at 3:11 PM Jean-Philippe Ouellet wrote:
> As for firmware security: I assume all printers are probably
> vulnerable (and/or backdoored?) beyond any hope of being reasonable,
> and would like to put a simple trusted device in front to force all
> incoming data t
I figure someone on this list might have done some research from a
perspective sharing similar goals.
Does anyone have a recommendation for a reasonable printer?
My rough objectives are as follows:
1. "Well-supported by linux." In practice I imagine this means
speaking standard protocols,
Am I the only one who seems to have noticed chrome reaching max mem &
swapping way more often than used to happen in the past? Some of my
workflows result in having a bunch of tabs (not even _that_ many,
maybe 20-30+) open in DispVMs. Unfortunately, this reaches the 4gb max
Currently: anything that doesn't require nested virt, meaning anything
that actually emulates instead of trying to use vmx (via kvm, etc.).
Examples include qemu using its tcg backend instead of kvm, and bochs.
On Thu, Sep 19, 2019 at 11:58 AM Patrick Schleizer
> Is there any
I'm curious if anyone has tried using any portable eternal laptop
monitors in Qubes, like the DisplayLink-powered USB ones?
Some examples of the kind of monitors I'm talking about:
- ASUS MB169B+ -- https://www.asus.com/uk/Monitors/MB169BPlus/
- ASUS ZenScreen MB16AC --
On Wed, Jan 23, 2019 at 11:45 PM Berne Campbell
> Lenovo Thinkpad X1 Carbon 20HRCTO1WW
> I had to disable secure-boot to boot of USB stick for installation (Used
> Rufus in Windows in DD mode, MBR partition scheme). Perhaps a signed shim
> could be used to ease installation.
On Tue, Apr 4, 2017 at 3:40 AM Jean-Philippe Ouellet wrote:
> The latest BIOS hashes I observe are:
> $ sha256sum n1*17*
> 4b5488be128d9c022cd4924476d48e38dd55c38809db0f3a6c06f1a2d2ad0217 n1fuj17w.exe
On Mon, May 28, 2018 at 7:04 AM wrote:
> I installed qubes-template-fedora-26-minimal, upgraded it to release version
> 28 (paid attention to the python2-xcffib bug) and cloned it to make a
> network-"for-all-things-networking"-VM-only template.
> So far, as written in qubes
On Thu, Sep 6, 2018 at 8:28 AM, 'awokd' via qubes-users
> On Tue, September 4, 2018 2:05 am, pixel fairy wrote:
>> On Monday, September 3, 2018 at 1:21:27 AM UTC-7, Marek
>> Marczykowski-Górecki wrote:
>>> On Mon, Sep 03, 2018 at 01:46:11AM -0500, Andrew David Wong wrote:
On Tue, Sep 4, 2018 at 9:17 PM, Patrick wrote:
> On Sunday, September 2, 2018 at 3:34:34 PM UTC-4, Jean-Philippe Ouellet wrote:
>> On Sun, Sep 2, 2018 at 10:12 AM, Patrick Bouldin
>> > On Sunday, September 2, 2018 at 10:10:55 AM UTC-4, Patrick Bouldin wrot
On Sun, Sep 2, 2018 at 10:12 AM, Patrick Bouldin
> On Sunday, September 2, 2018 at 10:10:55 AM UTC-4, Patrick Bouldin wrote:
>> Qubes 4.0 Error - "Start failed: Requested operation is not valid: PCI
>> device :02:00.0 is in use by driver xenlight, domain sys-usb
>> I don't know how
On Sat, Aug 25, 2018 at 6:48 PM, wrote:
> Anyone using OpenSSD in their laptops?
I'm not aware of any traditional 2.5" SSD form-factor hardware from
the OpenSSD project.
AFAIK all they've produced are large boards suitable for research in
the SSD space.
Interesting research project, but it
On Sat, Aug 25, 2018 at 3:41 PM, taii...@gmx.com wrote:
> On 08/24/2018 11:44 AM, brendan.h...@gmail.com wrote:
>> And if your OPAL drive is backdoored by the manufacturer for a government,
>> your drive is backdoored whether you're using OPAL or not and depending on
>> what you wanted > to
On Mon, Aug 20, 2018 at 6:06 PM, Steve Coleman wrote:
> On 08/20/18 12:49, Chris Laprise wrote:
>> On 08/20/2018 11:34 AM, tierl...@gmail.com wrote:
>>> What's the most convenient way to wipe these images? (I'm just talking
>>> about individual VM images)
>> To clarify on your first
On Wed, Aug 8, 2018 at 1:30 PM, <3mp...@gmail.com> wrote:
> Hi everyone,
> actually I'm a happy Qubes 3.2 user on Intel platform for more than a year
> now !
> I'm looking to upgrade my actual Skylake build with an AMD one with the new
> Ryzen Pinnacle Ridge CPU (R7 2700) and installing
Magic strings for people searching the archives to be able to find this:
$ gpg --keyserver ... --recv 0x...
gpg: keyserver receive failed: Connection refused
$ gpg --keyserver ... --recv 0x...
gpg: keyserver receive failed: No keyserver available
The problem is with dirmngr (a
On Thu, Feb 8, 2018 at 8:42 AM, donoban wrote:
> On 02/06/2018 04:02 PM, billol...@gmail.com wrote:
>> I've installed Qubes 4 rc4 on an external hard drive. It works
>> pretty well. However, I tried to run a game "FreeOrion" and
>> received the following error using the
On Sat, Jan 20, 2018 at 3:46 PM, Kyle Breneman wrote:
> I am trying to follow these steps to upgrade from Fedora 23 to Fedora 24
> (and then from 24 to 26), but I got stuck right away because I cannot figure
> out how to get to a command line window for dom0. Can someone
On Sat, Jan 20, 2018 at 4:51 AM, Alex Dubois <bowa...@gmail.com> wrote:
> On Saturday, 20 January 2018 06:21:36 UTC, Jean-Philippe Ouellet wrote:
>> On Fri, Jan 19, 2018 at 3:55 AM, <wordswithn...@gmail.com> wrote:
>> > I've been working on a solution for this, b
On Thu, Jan 18, 2018 at 3:49 PM, Vít Šesták
> On Thursday, January 18, 2018 at 7:00:42 PM UTC+1, Nik H wrote:
>> On Jan 16, 2018, at 2:56 AM, Vít Šesták <…@v6ak.com> wrote:
>> > * If an application does not mitigate
On Fri, Jan 19, 2018 at 3:55 AM, wrote:
> I've been working on a solution for this, but unfortunately there are too
> many factors that I'm not familiar with.
> My goal is to to able to:
> 1) Take a screenshot using the dom0 hotkey
> 2) In the "Screenshot" dialogue,
On Thu, Nov 9, 2017 at 4:20 PM, Chris Laprise wrote:
> On Qubes R4-rc2, after reinstalling a template I noticed that only my
> guest-vm entries remained in the Xfce launcher menu.
> How do I get the dom0 items back?
For archive searchers:
On Sun, Dec 10, 2017 at 12:19 PM, Robert Walz wrote:
> On Sun, Dec 10, 2017 at 5:35 PM, Holger Levsen
>> On Sun, Dec 10, 2017 at 03:05:11PM +0100, Robert Walz wrote:
>> > Does anybody know how to kexec the xen hypervisor?
On Thu, Dec 7, 2017 at 12:22 PM, 'Tom Zander' via qubes-users
> On Thursday, 7 December 2017 17:38:15 CET Jean-Philippe Ouellet wrote:
>> Remember that the "R4" you're speaking of is still just a release
>> candidate - it is *no
On Thu, Dec 7, 2017 at 11:59 AM, Bernhard wrote:
> On 12/07/2017 03:37 PM, Zrubi wrote:
>> On 12/07/2017 03:04 PM, r...@tuta.io wrote:
>> > Dont tell me the geniuses behind this thought it was more
>> > streamlined to remove the feature and make it only command
>> > line
On Thu, Dec 7, 2017 at 9:04 AM, wrote:
> Dont tell me the geniuses behind this thought it was more streamlined to
> remove the feature and make it only command line
On Thu, Dec 7, 2017 at 9:45 AM, wrote:
> Lmao wow... usually developer's try to progress
On Sun, Dec 3, 2017 at 5:36 PM, beso wrote:
> "systemctl hibernate:
> Failed to execute operation. Sleep verb not supported."
> How to solve this issue?
Xen does not support hibernating, therefore Qubes does not either.
Use suspend instead of hibernate.
On Fri, Dec 1, 2017 at 1:10 PM, Matty South wrote:
> I love the Qubes project! I've been thinking of ways to improve the security
> when it comes to USB Keyboards.
> I'm sure a lot of us who use Qubes as our day-to-day OS have a nice keyboard
> attached to the system.
On Thu, Nov 23, 2017 at 12:01 AM, taii...@gmx.com wrote:
> You can make a libre firmware workstation that can play the latest games in
> a VM for $500 total.
I really want you to be right, but I'm having trouble seeing how, so I
want you to prove it!
If you can
On Mon, Nov 20, 2017 at 6:04 PM, taii...@gmx.com <taii...@gmx.com> wrote:
> On 11/20/2017 04:36 AM, Jean-Philippe Ouellet wrote:
>> That statement is demonstrably false. For example, we don't filter
>> CPUID vendor IDs in either mode.
> How come?
On Mon, Nov 20, 2017 at 5:59 PM, taii...@gmx.com wrote:
> On 11/19/2017 07:17 PM, riggedegg...@gmail.com wrote:
> Does this hold any water? Does the switch from paravirtualization to
> HVM/SLAT degrade privacy by allowing easier hardware fingerprinting?
> It holds no water.
On Sun, Nov 19, 2017 at 7:17 PM, wrote:
> Here's one such comment, taken from an r/privacy Reddit thread.
> "[...]paravirtualization makes hardware profiling impossible unless an
> exploit is found to defeat it."
That statement is demonstrably false. For example, we
I've written a script  to import VMs directly from a Qubes R3 hard
drive into a Qubes R4 machine without needing to make a backup first.
I would definitely recommend making a full backup on R3 and restore on
R4 instead of using this. I just figured I'd share in case anybody
On Fri, Nov 17, 2017 at 2:47 PM, wrote:
> On Friday, September 29, 2017 at 6:31:15 PM UTC-7, Andrew David Wong wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA512
>> Dear Qubes community,
>> On 2017-09-12, we published Qubes Canary #13. The text of this canary
On Wed, Nov 8, 2017 at 3:37 PM, ludwig jaffe wrote:
> Hi, I saw that the linux kernel has some flaws
> (http://www.openwall.com/lists/oss-security/2017/11/06/8) in the usb stack,
> so I am
> thinking about security against common errors, I would suggest to use
On Wed, Nov 8, 2017 at 3:09 PM, wrote:
> On Thursday, April 13, 2017 at 1:33:53 PM UTC+1, Thomas Leonard wrote:
>> On Thursday, April 13, 2017 at 11:08:11 AM UTC+1, Foppe de Haan wrote:
>> > On Thursday, April 13, 2017 at 10:00:20 AM UTC+2, Thomas Leonard wrote:
>> > >
On Fri, Nov 3, 2017 at 1:18 PM, 'Marek Jenkins' via qubes-users
>> > Hi Jean-Philippe,
>> > thanks for your advice.
>> > I have read the docs over here regarding kernel updates:
>> > https://www.qubes-os.org/doc/software-update-dom0/
>> > So
Moving discussion from qubes-devel to qubes-users:
On Thu, Nov 2, 2017 at 3:47 PM, 'Marek Jenkins' via qubes-devel
> On Thursday, November 2, 2017 at 7:03:12 PM UTC+1, Jean-Philippe Ouellet
>> On Thu, Nov 2, 2017 at 1:13
On Thu, Oct 19, 2017 at 1:25 AM, blacklight wrote:
> We all know well why xen was chosen as the hypervisor for qubes instead of
> kvm, since this has been stated in multiple places by the devs. But i wonder
> how feasable it would be to use bhyve as a hypervisor for
On Wed, Aug 23, 2017 at 11:25 AM, 'Brotherfill' via qubes-users
> To avoid hostname leaks I add # at the beginning of line 'send
> host-name=gethostname' in /etc/dhcp/dhclient.conf
> Do you suggest to use this method or to set a static ip?
On Fri, Aug 11, 2017 at 4:41 AM, Nicolas Mojon wrote:
> I would like to know if on the new 4.0 it is possible to lock down data in a
> VM like that nothing can go out of the VM (like no internet or copypaste
> through dom0). I would like to make that specially
On Tue, Aug 1, 2017 at 7:50 PM, cooloutac wrote:
> Qubes doesn't support secure boot unfortunately. I think its batshit crazy
> to consider a pc even reasonably secure without it.
Secure boot in reality is quite far from the boot chain panacea its
name may suggest.
On Tue, Aug 1, 2017 at 7:46 PM, cooloutac wrote:
> am I reading this right? There is no qubes-manager in 4.0? Does that mean
> everything must be done in a terminal? Tell me I read that wrong lol.
tl;dr - https://github.com/QubesOS/qubes-issues/issues/2132
On Tue, Aug 1, 2017 at 7:02 AM, Rusty Bird wrote:
>> So I would really appreciate some statement if Qubes will really drop
>> KDE support. I can accept that, but then I not waste my time trying to
>> make it work. Instead focusing to fix the XFCE issues I have
On Fri, Jul 28, 2017 at 6:48 AM, Nero wrote:
> I'm installing Qubes on Macbook Air.
> I partitioned (EFI, Macos journalled) my SSD but Qubes installer do not see
> any partitions on SSD but see my 32GB USB stick.
> 1. Why I can not install on SSD?
> Ok, trying to install on
On Thu, Jul 27, 2017 at 5:22 PM, Franz <169...@gmail.com> wrote:
> On Thu, Jul 27, 2017 at 4:13 PM, cooloutac wrote:
>> On Friday, July 21, 2017 at 12:26:35 PM UTC-4, PR wrote:
>> > Hello
>> > Am 21.07.2017 9:39 vorm. schrieb "Noor Christensen"
On Thu, Jul 20, 2017 at 12:32 PM, js...@riseup.net <js...@riseup.net> wrote:
> Jean-Philippe Ouellet:
>> On Qubes, it's a completely different story. First, I pass my USB
>> printer or scanner through to a DispVM. To print, I just copy the file
>> to the DispVM, open
Hello fellow Qubesers,
Qubes continues to make me feel all warm and fuzzy inside, and makes
me want to share it with the world.
I've been quite busy with real-world things recently and had to use
several different printers & scanners. Prior experience has
conditioned me to expect frustration, or
On Mon, Jun 26, 2017 at 9:10 AM, Robert Mittendorf
> Hello fellow Qubes users,
> the "Kölner Kreis", a group of regulars that are interested in IT-Security
> and IT-Forensics, will organize a "Qubes Community Event" in Cologne on July
> 15th 10.00 - 16.00.
On Thu, Jun 22, 2017 at 11:21 AM, Eric Duncan wrote:
> Currently running Qubes 3.2 on one machine. Have a need to install it on
> To all of you long-term beta users of 3.x and now 4.x...
> 1a) Are upgrades simple to RTM versions of Qubes?
> Or 1b) Do you
As for Purism, I have my gripes too, but at the end of the day I think
their existence provides a net-positive benefit to the community and
commodity hardware landscape.
Personally, I think Purism's marketing is perhaps a bit...
overoptimistic to a technical audience? And I do think they
On Mon, Jun 26, 2017 at 3:50 PM, wrote:
> I know this question has been asked many times but there is still no
> definitive answer. The Purism laptops do not have TPM support and in the HCL
> list there is not a machine that ticks every box without issues. What
On Mon, Nov 14, 2016 at 3:48 PM, Marek Marczykowski-Górecki
> On Mon, Nov 14, 2016 at 01:21:29AM -0500, Jean-Philippe Ouellet wrote:
>> Does anyone know of a convenient place to grab the complete archives
>> of this list?
On Thu, May 25, 2017 at 4:46 AM, Jean-Philippe Ouellet <j...@vt.edu> wrote:
> On Wed, May 24, 2017 at 6:45 AM, frigge <m...@sfricke.com> wrote:
>> Hi qubes-users,
>> I installed a completely fresh installtion of QUBES R3.2 on a Lenovo v570
On Wed, May 24, 2017 at 6:45 AM, frigge wrote:
> Hi qubes-users,
> I installed a completely fresh installtion of QUBES R3.2 on a Lenovo v570
> notebook and if I try to start any VM, I receive the following error:
> $ qvm-star sys-net
> --> Creating volatile image:
On Sun, May 21, 2017 at 4:41 PM, Gaiko wrote:
> On Friday, May 19, 2017 at 9:35:26 PM UTC-4, cooloutac wrote:
>> On Friday, May 19, 2017 at 2:48:03 PM UTC-4, Gaiko wrote:
>> > I tried to rename my anon-whonix appvm through the qubes-manager, right
>> > click, vm
FWIW, considering the trade-off between marginally improved
performance and hardware support, I've had better overall experiences
with hardware that's 1-2 years old.
- Just some random guy on the internet's personal opinion...
You received this message because you are subscribed to the
On Sun, May 21, 2017 at 4:49 AM, wrote:
> On Sunday, May 21, 2017 at 4:47:19 AM UTC+10, aforete wrote:
>> Am I doing something wrong here? is there any other way to start
>> applications once a vm starts?
> Yes, you can do the following in your AppVM:
> 1) make the
Cross referencing for better archives:
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
On Sat, May 20, 2017 at 4:10 PM, Unman wrote:
> On Sat, May 20, 2017 at 09:28:48PM +0200, Johannes Graumann wrote:
>> See subject line ;)
> ls -l /var/lib/qubes/dvmdata/*
> This will show you which dvmTemplate is being used to generate the
On Sat, May 20, 2017 at 1:36 PM, fooyreb wrote:
> Helo, So, I've setup a proxyVM for the VPN, via the "CLI version"
> However, when I suspend Qubes, and wakeup Qubes, the networking is lost,
> I then have to shut down or alter the network
On Sun, May 14, 2017 at 4:20 PM, Andrew David Wong wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
> On 2017-05-14 03:51, Holger Levsen wrote:
>> On Sat, May 13, 2017 at 02:55:12PM -0500, Andrew David Wong wrote:
you really dont protect your gpg key with a
On Tue, May 16, 2017 at 9:41 PM, Andrew David Wong wrote:
> On 2017-05-16 16:42, h...@e.shapoo.ch wrote:
>> I verified signature about qubes ISO file by gpg.Then I burned it to DVD.
>> But I can't trust that DVD was burned without corruption.
>> So I want to verify integrity
On Mon, May 15, 2017 at 9:40 AM, wrote:
> Hello! I'm a beginner and maybe ask a stupid question. I know that Qubes OS
> itself does not support 3D graphics. But can I play games (Steam) if I
> connect to Qubes Whonix as a virtual machine? It's a Linux distribution and
On Mon, May 15, 2017 at 5:24 PM, Sam Hentschel wrote:
> Hey all!
> Decided to try out making a windows 7 install just in case I needed it
> for school.
> I downloaded a 64-bit windows 7 enterprise iso and proceeded with the
> installation doing:
> $ qvm-create
On Sat, May 13, 2017 at 4:22 PM, Andrew David Wong wrote:
> On 2017-05-13 14:27, Zbigniew Łukasiak wrote:
>> This is something I am also struggling with - but shouldn't there
>> be a sign-off line in all the commit comments as described in
On Sat, May 20, 2017 at 8:43 PM, Todd Lasman wrote:
> The dogma, as I understand it, is that it's safer to clone a template, make
> changes to the clone, then base your AppVM's off of that cloned template.
> - From the Qubes website:
> "It is highly recommended to clone the
On Sun, May 21, 2017 at 10:00 AM, Finsh wrote:
> i recently got interested in the Qubes and i'm thinking on installing it
> on a Lenovo X1 Carbon 1gen Type: 3460-1F4.
> I couldn't find this specific Model in the HCL, are there any known issues?
I also ran on a 1st gen
On Sat, Apr 29, 2017 at 10:34 AM, Gaiko Kyofusho
> I am trying to setup a win7 template. I started with the:
> qvm-create --hvm-template win7-x64-template -l green
> which seemed to work well enough, then tried to install windows (win7 pro
> x64). When I
On Sun, May 7, 2017 at 10:05 PM, Neal Rauhauser wrote:
> I installed Qubes 3.2 on a Dell Precision M4600 (slick) and I've been trying
> to migrate a portion of my day to day work to it.
> I have many contacts who use Open Whisper Systems Signal App for
On Sun, May 7, 2017 at 2:41 PM, cooloutac wrote:
> On Monday, May 1, 2017 at 3:03:05 PM UTC-4, Chris Laprise wrote:
>> On 05/01/2017 02:33 PM, cooloutac wrote:
>> > I know I can't buy one, so how do I get an a fresh iso if my machine
>> > is compromised? Obviously, someone
I don't know anything about your specific hardware, but it is true
that secondary GPUs are often not connected to the display itself, but
rather the rendering takes place there and then the rendered frames
are passed back to the host and to the integrated gpu to be put on
your display. From a
On Fri, Apr 21, 2017 at 10:00 PM, Andrew David Wong <a...@qubes-os.org> wrote:
> On 2017-04-20 21:56, Jean-Philippe Ouellet wrote:
>> On Thu, Apr 20, 2017 at 10:17 PM, taii...@gmx.com <taii...@gmx.com>
>>> How do I stop focus stealing? I have ac
On Fri, Apr 21, 2017 at 8:16 AM, Franz <169...@gmail.com> wrote:
> On Thu, Apr 20, 2017 at 7:57 PM, cooloutac wrote:
>> On Thursday, April 20, 2017 at 6:07:45 PM UTC-4, Francesco wrote:
>> > On Thu, Apr 20, 2017 at 4:16 PM, J. Eppler
>> > I really
On Fri, Apr 21, 2017 at 5:22 AM, evo wrote:
> I have a problem with an appVM based on Fedora24.
> I open LibreOffice and Scribus, then i want to copy and paste from
> office. But if i copy it from office and go to the scribus-window the
> window is not activated... it just
On Thu, Apr 20, 2017 at 10:17 PM, taii...@gmx.com wrote:
> How do I stop focus stealing? I have accidentally entered ssh passwords in
> to other windows as they keep stealing focus for irrelevant things.
AFAIK there is no consensus on how to best solve this problem.
It has come
On Mon, Apr 17, 2017 at 9:39 AM, Eva Star wrote:
> On 04/17/2017 03:11 AM, Unman wrote:
>> I've done some manager hacking myself - some of it now incorporated in
>> If you dont want to build a package then you can simply start hacking in
On Sun, Apr 16, 2017 at 7:59 PM, Andrew David Wong <a...@qubes-os.org> wrote:
> On 2017-04-12 13:05, Sam Hentschel wrote:
>> On Wednesday, April 12, 2017 at 3:20:30 PM UTC-4, Chris Laprise
>>> On 04/12/2017 02:37 PM, Jean-Philippe Ouellet wrote:
On Mon, Apr 10, 2017 at 8:23 AM, Johannes Graumann
> I am wondering whether
> 1) under QubesOS a (USB) HW RNG like http://www.bitbabbler.org/ is usable
Yes. You would need to do some work to make it feed entropy in a safe
> and if yes
> 2) where
On Sun, Apr 9, 2017 at 9:42 AM, Vít Šesták
> * DDC (PIN 15+16) – needed for getting the resolution etc., present even in
> current version of VGA. While there is some attack surface, it seems to be
> rather small.
On Wed, Apr 5, 2017 at 11:59 PM, Sam Hentschel wrote:
> Hey all!
> So far so good with QubesOS on my end. Have almost everything up and
> running to have this as my daily carry. It's amazing how little RAM all
> these VMs actually require; and the CPU! None!
On Wed, Apr 5, 2017 at 11:29 PM, cooloutac wrote:
> The sound mixer app I installed xfe in mutes things when I lower the volume
> all the way by accident. Never realized till now lol. I always have to go
> into dom0 alsamixer.
> Is there a better plugin to use? Does a
On Wed, Apr 5, 2017 at 7:50 AM, wrote:
> Hello everyone,
> First, thanks a lot for working on a reasonably secure operating system
> and publish it for free.
> With the recent critical security issue in Xen PV, it would be nice to
> consider to release an alpha version
On Tue, Apr 4, 2017 at 6:21 PM, taii...@gmx.com wrote:
> On 04/04/2017 12:36 PM, Steve Coleman wrote:
>> On 04/04/2017 10:29 AM, taii...@gmx.com wrote:
>>> Opal is proprietary garbage,
>> Actually its an open standard, not controlled by any government or
On Tue, Apr 4, 2017 at 11:35 AM, Hack wrote:
>> Dear Qubes community,
>> We have just published Qubes Security Bulletin (QSB) #29:
>> Critical Xen bug in PV memory virtualization code (XSA-212).
>> This is another bug
On Tue, Apr 4, 2017 at 8:56 AM, Samuel Hentschel wrote:
> Hey Qubes Community,
> I'm a "new" QubesOS user; as in this is my first time trying it to
> make it my daily carry. I have a couple questions that you guys may
> be able to help me with.
Hey Sam, welcome to the
On Tue, Feb 28, 2017 at 1:29 AM, Jean-Philippe Ouellet <j...@vt.edu> wrote:
> On Mon, Feb 27, 2017 at 3:42 PM, Chris Laprise <tas...@openmailbox.org> wrote:
>> On 02/27/2017 03:11 PM, Holger Levsen wrote:
>>> On Sun, Feb 26, 2017 at 02:56:53PM -0500, Jean-Philipp
On Sun, Apr 2, 2017 at 4:49 PM, Eva Star wrote:
> On 04/02/2017 09:23 PM, John Casey wrote:
>> Apologies as I am not totally familiar with mailing list etiquette, but
>> would it be better to include the mailing list so as to maintain a record
>> of volunteers?
On Sat, Apr 1, 2017 at 2:23 PM, wrote:
> On my network many websites are blocked (to be precise only a handful are
> allowed). However one can get access to github.com.
> Is it possible to download Qubes 3.2 from Github?
Here you go:
On Sat, Jan 28, 2017 at 9:04 PM, Marek Marczykowski-Górecki
> 1. write USB - _unidirectional_ service to write an fs image into USB
> stick (service into USB VM)
I like this idea (mostly got tired of ... | qvm-run -p sys-usb 'dd
of=/dev/sda') and wrote my
If you are concerned about the size of your anonymity set then you
ought to be using unmodified TBB in a whonix-ws-based template rather
than Firefox in a DispVM.
We don't currently make guarantees about the cross-machine uniformity
of DispVM browsers. There are ways to fingerprint the default
On Thu, Mar 30, 2017 at 6:21 PM, Shane Optima wrote:
> Maybe if you (or someone) could write a Firefox extension to modify all
> browser page titles to be a concatenation of the page title and a short token
> of characters generated from a salted hash of the URL (so that
On Thu, Mar 30, 2017 at 5:31 AM, Chris Laprise wrote:
> xdotool also lets you inject keystrokes into windows.
> With a shortcut-key assignment this can be easily scripted by the user (you
> said this was for power users).
Automatically injecting the keystrokes removes
On Thu, Mar 30, 2017 at 5:31 AM, Chris Laprise wrote:
> You don't even need to rely on the window title for the security aspect: The
> _QUBES_VMNAME window property will tell you. For example:
> $ CUR_WINDOW=`xdotool getwindowfocus`
> $ VMNAME=`xprop _QUBES_VMNAME -id
On Tue, Mar 28, 2017 at 2:40 AM, Vít Šesták
> AFAIU, TPM is useful mostly for AEM. But AEM requires Intel TXT (which is
> missing even on some high-end CPUs). But TXT has various vulnerabilities. How
> much real protection
On Fri, Mar 24, 2017 at 10:51 AM, Manuel Cornejo
> Doesn't Qubes need and antivirus? What happend if on Qubes we set a VM with
> Windows 7 in it? Would you install antivirus on the virtual machine hoping
> that is going to be (the same /more) effective than
It actually does work for limited use cases. I sometimes run Qubes
inside Qubes for quickly testing things ;) The outer VM must be HVM,
and the inner-inner VMs must be PVM, or else you must enable some
less-tested and potentially dangerous code paths in Xen (nestedhvm=1)
which Qubes (on purpose)
- If we consider a compromised VM with:
- passwords saved in the browser: an attacker can obtain all passwords
- your proposed password manager: an attacker can still obtain all
passwords, just needs to wait for them to be used
- If we consider a non-compromised VM with:
- passwords saved
On Fri, Mar 24, 2017 at 2:55 AM, Shane Optima wrote:
> However, I justed noticed that R3.2 introduced a Dom0-to-hyperboard copy
> function, and since Dom0 knows the window title text... couldn't there be
> another hypervisor keyboard shortcut that would use the window
On Wed, Mar 22, 2017 at 8:08 AM, Oleg Artemiev wrote:
> On Wed, Mar 22, 2017 at 1:52 PM, Holger Levsen wrote:
>> Hi Oleg,
>> you missed on important bit of information:
>> On Wed, Mar 22, 2017 at 12:12:58PM +0300, Oleg Artemiev wrote:
>>> I have
1 - 100 of 198 matches
Mail list logo