Re: [qubes-users] Any Advantage to using OpenHAB on qubes?

2020-10-05 Thread Manuel Amador (Rudd-O)
On 30/09/2020 15.35, Stumpy wrote: > > I want OpenHAB to stay up to date but do not want it to be accessible > via the internet so i was thinking if I have a template with OpenHAB > installed that would install OpenHAB and hopefully plugins? > The thing is I am hoping to have wifi cameras, or at

Re: [qubes-users] Firewall issue

2020-10-05 Thread Manuel Amador (Rudd-O)
On 22/09/2020 07.05, 'src11' via qubes-users wrote: > When I go into any qube settings for the firewall there is only an > option to create and edit rules for outgoing traffic, nothing at all > for incoming connections. Is that right? When I look at screenshots > online it shows options for

Re: [qubes-users] Qubes 4.1 audio latency after latest update today

2020-07-08 Thread Manuel Amador (Rudd-O)
On 14/06/2020 17.56, 'TQ1' via qubes-users wrote: > I've been running Qubes 4.1 since the upgrade to fedora 32 in dom0. > Everything has been fine up until updating dom0 with current-testing > earlier today (14/6/2020). > This has introduced audio latency while watching any video in any vm >

Re: [qubes-users] Getting to the bottom of screenshots in Qubes OS

2020-07-07 Thread Manuel Amador (Rudd-O)
On 20/06/2020 10.29, Logan wrote: > Hi Everyone, > > Speaking with a colleague earlier today, I heard "Qubes is great, but > the no screenshots problem makes it a 'hard' no for me". > > As a Qubes user and advocate, this stung. Yeah, it's hard. Honestly, in my humble opinion, the secure copy and

Re: [qubes-users] Speed up a VM

2020-07-07 Thread Manuel Amador (Rudd-O)
On 19/06/2020 01.42, Franz wrote: > Hello, > I need to do some video editing and my multimedia VM is too slow, > video-audio is broken. > > Is there some easy way to speed this up? > Perhaps does it make sense to assign 4 CPUs rather than default 2?  > Or closing other VMs? > Or may it be related

Re: [qubes-users] salt - dependencies in scripts

2020-05-28 Thread Manuel Amador (Rudd-O)
You can't use a `require` statement in the top file.  They only work in SLS files. On 23/05/2020 01.19, lik...@gmx.de wrote: > Hi! > > As salt is the recommended way to manage the Appms and templates, I'm > trying to do so. > > I successfully managed to create a top-script: > > base: >  dom0: >  

Re: [qubes-users] How to use pass with split gpg ?

2020-05-24 Thread Manuel Amador (Rudd-O)
Have you tried https://github.com/Rudd-O/qubes-pass ? On 23/05/2020 17.09, Christophe wrote: > Hi all, > > Does anyone know how to use pass with split gpg ? > > I found this, but I could not get it working. > https://github.com/kulinacs/pass-qubes/blob/master/qubes.bash > > I also tried to

Re: [qubes-users] Salt worm

2020-05-08 Thread Manuel Amador (Rudd-O)
On 06/05/2020 12.02, haaber wrote: >> did any of you actually bother to look at the problem? >> because i am 99% sure this doesnt apply to qubes. at all. >> (also you are several days late on this...) >> >> this seems to be the original source and contains a fairly >> good writeup: >> >>

Re: [qubes-users] Salt worm

2020-05-08 Thread Manuel Amador (Rudd-O)
On 06/05/2020 10.41, haaber wrote: >> Qubes uses Salt, and there's something nasty going around: >> https://saltexploit.com/ > >    Risk = (probability of an event)  x   (consequences of the event). > > At which levels is salt used in qubes? I remember my last "active" use > >1 year ago to get

Re: [qubes-users] Qubes with limited user authority

2020-05-05 Thread Manuel Amador (Rudd-O)
On 27/04/2020 20.50, mark.russ...@net-c.com wrote: > I'm trying to get my head around possible use of Qubes in small/medium > enterprise environments, where the system is maintained by an admin > and the user freedom is limited by the company policies. I understand > that the current Qubes design

Re: [qubes-users] external CD writer

2020-05-05 Thread Manuel Amador (Rudd-O)
On 02/05/2020 01.23, Olaf Klinke wrote: > (Apologies for pestering this list with another newbie question.) > > So I have this external DVD-RW drive (Asus SDRW-08U7M-U to be > specific). On my Debian stretch laptop, plugging in the USB drive > creates /dev/sr0 as well as several symlinks to it,

Re: [qubes-users] Pulseaudio update error - fedora-31

2020-04-23 Thread Manuel Amador (Rudd-O)
On 22/04/2020 21.54, 'Max Andersen' via qubes-users wrote: > > Hi everyone, > > I remember some time ago we had issues with pulseaudio on earlier > templates, and I believe a reinstall of pakages fixed the issue. I > can't  seem to get myself out of trouble with this one on fedora-31. > > When

Re: [qubes-users] Qubes 4.0-rc3

2020-04-16 Thread Manuel Amador (Rudd-O)
On 13/01/2018 03.34, Andrew David Wong wrote: > On 2018-01-12 08:00, 'awokd' via qubes-users wrote: > > On Fri, January 12, 2018 1:09 pm, Holger Levsen wrote: > > >> I'm not so sure, why not use git branches? > > > One reason that comes to mind: > > Segregating the documentation into two different

Re: [qubes-users] Qubes 4.0-rc3

2020-04-16 Thread Manuel Amador (Rudd-O)
On 12/01/2018 14.09, Holger Levsen wrote: > On Fri, Jan 12, 2018 at 01:04:23PM +, 'Tom Zander' via qubes-users wrote: >> On Friday, 12 January 2018 11:18:19 GMT 'awokd' via qubes-users wrote: >>> Would it be of value if I went through the published Docs and added these >>> version headers?

[qubes-users] ANN: Qubes network server available for Qubes OS release 4.0.x

2020-04-14 Thread Manuel Amador (Rudd-O)
Hello, folks! After a long hiatus because of reasons, I'm happy to announce Qubes network server -- an add-on to Qubes OS that allows you to expose selected AppVMs to other VMs and to other machines in your LAN as well.  The latest tagged release is compatible with Qubes 4.0. The URL to check

Re: [qubes-users] Upgrading directly from Fedora 23 to 26 ?

2019-06-26 Thread Manuel Amador (Rudd-O)
Qubes 3 runs Fedora 23 as the dom0.  For this reason I assume you are trying to upgrade from Qubes 3 to Qubes 4. This configuration of upgrades is not supported.  You must reinstall Qubes using the Qubes 4 installer, then restore your VMs from a backup of your Qubes 3 install. On 20/06/2019

Re: [qubes-users] Re: automatic start dropbox in VM

2019-01-30 Thread Manuel Amador (Rudd-O)
On 30/01/2019 15.53, John Goold wrote: > > I simply put a symbolic link to dropbox.desktop in ~/.config/autostart > > Works perfectly. I also have links to slack.desktop and thunderbird.desktop. > > The .desktop files are located in /usr/share/applications/ This is the cleaner solution and I

Re: [qubes-users] session managers for VMs?

2018-10-04 Thread Manuel Amador (Rudd-O)
On 2018-09-22 07:13, Daniel Allcock wrote: > Sometimes I need to shut down a qube I'm working in for some reason > (changing out sys-net for a specialized sys-net, or closing sensitive > material before working in a public place).  It would be nice to be > able to come back to the same window

Re: [qubes-users] questions - InterVM directory bind

2018-05-05 Thread Manuel Amador (Rudd-O)
On 2018-04-22 12:26, trueriver wrote: > The page https://www.qubes-os.org/doc/qfilecopy/ decribes how to copy a file > or directory to another domain. In the case of a directory the files can > later be copied back, in which case they end up in a different directory than > the original. > >

Re: [qubes-users] offlineimap with Split-GPG : get new email via cron doesn't work

2018-05-05 Thread Manuel Amador (Rudd-O)
On 2018-04-25 14:19, 799 wrote: > Hello, > > I am using neomutt with offlineimap to get my corporate mail into an > Email-AppVM. > The current workflow is: > > 1) get email running offlineimap -o > 2) start neomutt > > I'd like to have offlineimap check the mails in the background using cron. >

Re: [qubes-users] Remote Control Question

2018-05-05 Thread Manuel Amador (Rudd-O)
On 2018-04-29 00:50, Stuart Perkins wrote: > Hi list. > > I'm considering setting up Qubes capable server at my home. What I need, > however, is to be able to remotely control it. Updates...reboot/stop/start > system and app vm's etc. Is this even possible with Qubes? I currently run > a

Re: [qubes-users] Move Firefox Bookmarks between AppVMs - Help with Script

2018-05-05 Thread Manuel Amador (Rudd-O)
On 2018-05-05 20:44, [799] wrote: > Hello, > > following a recent discussion in the qubes-community github repository, Ivan > has written an interesting script for handling links and disposable VMs. > This has inspired me to look how to move firefox bookmarks to other AppVMs. > While disposable

Re: [qubes-users] Small Templates

2018-04-20 Thread Manuel Amador (Rudd-O)
On 2018-04-19 00:50, Drew White wrote: > I don't want an insecure system that crashes every 5 seconds, so I > want one hat has no SystemD. Until then, smaller template. It pisses me off whenever you post because you always post destructive / nonconstructive nonsense such as this one post above

Re: [qubes-users] minimum size for a qube image

2018-04-20 Thread Manuel Amador (Rudd-O)
On 2018-04-16 20:50, Jan Hustak wrote: > Hello, > I'm also open to discussing the basic concept: is it worth trying to > keep, for example, Firefox and GIMP in separate qubes, or should I > just relax and use one fat TemplateVM with the union of all packages I > need? > Fat template with

Re: [qubes-users] Re: ANN: Qubes network server

2018-01-17 Thread Manuel Amador (Rudd-O)
On 10/09/2017 04:49 PM, Thierry Laurion wrote: > > Considering Qubes 4.x has switched to HVM, what needs to be done to support > this mode of operation? > Opened a ticket to track this issue: > https://github.com/Rudd-O/qubes-network-server/issues/4 > Thank you for opening the ticket.  It may

[qubes-users] Fedora minimal template users, watch out for updates

2017-07-26 Thread Manuel Amador (Rudd-O)
I had to restore my Fedora minimal template (now at release 25) from backups after I performed a DNF update that updated the following packages: ↺ updates update yum packages for non-qubes dom0s (task @

Re: [qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

2017-05-13 Thread Manuel Amador (Rudd-O)
On 05/12/2017 03:02 PM, Tom Hutchinson wrote: > Thanks for the contribution Manuel. I'll check it out. My pleasure :-) Agreed about the passwords thing! -- Rudd-O http://rudd-o.com/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To

Re: [qubes-users] OpenWhisper Systems Signal not quite right in Qubes 3.2/Fedora23/Chromium

2017-05-08 Thread Manuel Amador (Rudd-O)
On 05/08/2017 02:05 AM, Neal Rauhauser wrote: > > I installed Qubes 3.2 on a Dell Precision M4600 (slick) and I've been trying > to migrate a portion of my day to day work to it. > > > I have many contacts who use Open Whisper Systems Signal App for > communication. I've used the Google Chrome

Re: [qubes-users] Re: Intel ME exploitable

2017-05-08 Thread Manuel Amador (Rudd-O)
On 05/08/2017 05:16 AM, Vít Šesták wrote: > While I sometimes use the arguments “in such case e, attacker gains nothing, > because it assumes you are already compromised”, one has to be careful with > this, because compromise doesn't imply a total compromise. True, yet see below. > > A simple

Re: [qubes-users] Re: Youtube/Video Problem

2017-05-07 Thread Manuel Amador (Rudd-O)
On 05/07/2017 07:07 PM, cooloutac wrote: > there is also vlc plugin for firefox browser. vlc uses its own codecs > don't think it installs anything for systemwide. You have to install > gstreamer packages for that. Although you shouldn't need to to for > youtube, but i had to install

Re: [qubes-users] Re: Intel ME exploitable

2017-05-07 Thread Manuel Amador (Rudd-O)
On 05/02/2017 05:25 AM, Vít Šesták wrote: > * There seems to be some MEI PCI device (see lspci | grep -i mei) in dom0 and > /dev/mei0. I am not sure how all the parts (network stack, MEI PCI device, > MEI software for OS and management while offline) are connected together. I > am also unsure

Re: [qubes-users] Re: Intel ME exploitable

2017-05-07 Thread Manuel Amador (Rudd-O)
On 05/02/2017 05:25 AM, Vít Šesták wrote: > Some notes: > > > * I wonder what is the technical distinction between home and SMB/Enterprise. > Is it vPro? I deduced this in the affirmative a few years ago by comparing the SKUs for various Intel products, and whether they had vPro. --

Re: [qubes-users] Re: Intel ME exploitable

2017-05-07 Thread Manuel Amador (Rudd-O)
On 05/01/2017 05:26 PM, Vít Šesták wrote: > AFAIU, if https://ark.intel.com/ shows “Intel® vPro™ Technology: no”, then > the particular CPU is safe. But I am not 100% confident in vPro and related > technologies, so I might be wrong. Can someone confirm/deny this claim? That has been my

Re: [qubes-users] Re: Intel ME exploitable

2017-05-07 Thread Manuel Amador (Rudd-O)
On 05/01/2017 05:14 PM, Reg Tiangha wrote: > On 05/01/2017 10:38 AM, Jean-Philippe Ouellet wrote: >> *Sigh*... Yep. We were right to be concerned (of course). And now we >> have something other than our tin foil hats to point at too: >> >>

[qubes-users] ANN: qubes-pass for Ansible — an Ansible lookup plugin for Qubes pass integration

2017-05-07 Thread Manuel Amador (Rudd-O)
Building on https://github.com/Rudd-O/qubes-pass, the new Ansible Qubes Pass lookup plugin allows you to create Ansible playbooks and roles that integrate seamlessly with your Qubes OS pass store. Check it out at https://github.com/Rudd-O/ansible-qubes/tree/master/lookup_plugins Enjoy! --

Re: [qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

2017-05-07 Thread Manuel Amador (Rudd-O)
On 05/07/2017 05:23 PM, Andrew David Wong wrote: > > I prefer the security of qvm-backup[-restore], since it allows me to > keep the vault and its contents permanently offline. The entire VM is > BZIP compressed, AES-256 encrypted, and HMAC-SHA512 authenticated. The > integrity verification,

Re: [qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

2017-05-07 Thread Manuel Amador (Rudd-O)
> overhead for not a lot of gain. > > > On May 7, 2017 9:50:26 AM CDT, "Manuel Amador (Rudd-O)" > > <rud...@rudd-o.com> wrote: > >> Building on the excellent pass (https://passwordstore.org), it > >> gives me great pleasure to announce the initial r

Re: [qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

2017-05-07 Thread Manuel Amador (Rudd-O)
eature which is useful for stuff like https://github.com/Rudd-O/ansible-qubes/tree/master/lookup_plugins > > On May 7, 2017 9:50:26 AM CDT, "Manuel Amador (Rudd-O)" > <rud...@rudd-o.com> wrote: > > Building on the excellent pass (https://passwordstore.org), i

Re: [qubes-users] Re: Changed resolution, now screen doesn't work?

2017-05-07 Thread Manuel Amador (Rudd-O)
On 05/01/2017 05:42 PM, almir.aljic1...@gmail.com wrote: > On Monday, May 1, 2017 at 6:51:51 PM UTC+2, almir.a...@gmail.com wrote: >> I changed the resolution of my Qubes from 1920x1080 to 1600x1200 (by >> accident) and now my screen doesn't show anything when I choose HDMI2 (my >> desktop PC is

[qubes-users] ANN: qubes-pass — an inter-VM password manager and store for Qubes OS

2017-05-07 Thread Manuel Amador (Rudd-O)
Building on the excellent pass (https://passwordstore.org), it gives me great pleasure to announce the initial release of qubes-pass — an inter-VM password manager and store for Qubes OS. Check it out here! https://github.com/Rudd-O/qubes-pass -- Rudd-O http://rudd-o.com/ -- You

Re: [qubes-users] Cannot execute commands in terminal - not root?

2017-04-27 Thread Manuel Amador (Rudd-O)
On 04/27/2017 01:52 PM, jimmycarter wrote: > I am following this guide to create a ProxyVM: > https://www.mullvad.net/guides/qubes-os-and-mullvad-vpn/ > > However, when I try to execute the commands in step 2 I am not able to > execute the sudo bash command with the error message "permission

Re: [qubes-users] Boot Problem

2017-04-19 Thread Manuel Amador (Rudd-O)
On 04/19/2017 08:35 PM, craig.g.jes...@gmail.com wrote: > I am having at boot problem with my Qubes OS 3.2. When I boot up I enter the > disk password and the boot process continues until it gets to the line... > > A start job is running for Qubes NetVM startup (32s / no limit) > You must boot

Re: [qubes-users] qubes manager add start terminal

2017-04-19 Thread Manuel Amador (Rudd-O)
On 04/16/2017 11:29 PM, Eva Star wrote: > I'm get tired that Qubes Manager till now do NOT have "Start Terminal" > at right click menu of each vm, but only "Run command in VM". > > I want to patch it to add "Run terminal". I found that need to > duplicate "Run command" entry, name it "Run

Re: [qubes-users] Feedback request: Incremental file-based backup PoC

2017-02-27 Thread Manuel Amador (Rudd-O)
On 02/27/2017 01:53 PM, Manuel Amador (Rudd-O) wrote: > > I am terrified that Qubes 4.0 will force me to use LVM, because LVM is > frankly a disaster for data recovery and for data integrity as well. I > would be willing to write an adapter to use ZFS zvols instead. That > wou

Re: [qubes-users] Feedback request: Incremental file-based backup PoC

2017-02-27 Thread Manuel Amador (Rudd-O)
On 02/26/2017 10:07 PM, Vít Šesták wrote: > Q: Can I backup VM that is running? > A: If you have LVM-based private.img, you can. (See README for details.) If > you have standard file-based private.img, you cannot. I don't plan to > implement this feature for file-based private.img, because Qubes

Re: [qubes-users] Feedback request: Incremental file-based backup PoC

2017-02-27 Thread Manuel Amador (Rudd-O)
On 02/27/2017 12:51 PM, Chris Laprise wrote: > > In some backup systems, each backup appears complete to the system, > even though it was created with incremental deltas. A benefit of this > is you can delete any backup in the set to reclaim space, without > affecting any of the remaining

Re: [qubes-users] qubes partitioning questsion

2017-02-18 Thread Manuel Amador (Rudd-O)
Separate /usr is not supported. There is no point in sub mount points under /var/lib/qubes. /var/lib/Qubes is enough as a single mountpoint. There is no point in /var/lib/* sub mount points. Or /var/log for that matter. You don't have to have /home under a mountpoint. Dom0 /home should be

Re: [qubes-users] Resize dom0

2017-02-18 Thread Manuel Amador (Rudd-O)
It is the standard procedure to enlarge any root partition on any Linux — enlarge encrypted volume, enlarge LVM physical volume, enlarge enlarge LVM logical volume, enlarge root file system. You will have to do this from a rescue initramfs or another Linux system you booted from. On February

Re: [qubes-users] MP3 support but SMB issues on DebVM or SMB support with MP3 issues on FedVM?

2017-02-18 Thread Manuel Amador (Rudd-O)
Create a mount unit in your template of the Deb VM, which does the mount. Have it WantedBy=multi-user.target. Enable it. Add a ConditionPathExists=/var/run/qubes-service/mediamount to the unit. Power off the template and the Deb VM. Thru Qubes Manager, add a Qubes service to the DebVM,

Re: [qubes-users] NetVM without firewall, no PING from outside?

2017-02-17 Thread Manuel Amador (Rudd-O)
Qubes-network-server takes care of this for you. On February 14, 2017 2:02:18 AM PST, Jarle Thorsen wrote: >> Unman: >> > I suggest you read the docs: >> > www.qubes-os.org/doc/firewall has a section on allowing traffic in >to >> > qubes. >> >> Thank you for the link.

Re: [qubes-users] Minimal VM requirements for Salt configuration are not documented

2017-01-22 Thread Manuel Amador (Rudd-O)
On 01/20/2017 08:58 AM, qu...@posteo.de wrote: > Hi, > > I am trying to setup all VMs with Salt since the switch to Fedora 24. > > I usually took the minimal template and create the others on base of > this with more packages. > > The problem is that the Qubes salt documentation does not document

Re: [qubes-users] Re: Fedora Desktop in Qubes

2017-01-07 Thread Manuel Amador (Rudd-O)
On 12/24/2016 05:58 PM, Andrew David Wong wrote: > > This is not true. Dropbox doesn't even start automatically, much less > communicate automatically. If you install Dropbox in a Fedora > TemplateVM according to the above instructions, the Dropbox daemon > will *not* start automatically in any

Re: [qubes-users] Fedora Desktop in Qubes

2017-01-07 Thread Manuel Amador (Rudd-O)
On 12/21/2016 11:13 AM, Patrick Bouldin wrote: > Hi, I saw some threads on this but am not clear at a high level. > > I thought I would install dropbox client on one of my Fedora VMs so that > working with files is much smoother than from a browser. So, is installing a > Fedora Desktop the best

Re: [qubes-users] How to rollback Dom0 updates?

2016-12-12 Thread Manuel Amador (Rudd-O)
On 12/10/2016 09:51 AM, Simon wrote: > Hello everybody, > > Is there a way to rollback updates which corrupted a Qubes-OS system? > > I checked DNF history, but it seems to have been disabled / bypassed > for all events following the OS installation back in September: > > - 8<

Re: [qubes-users] How to backup an iPhone under Qubes

2016-12-08 Thread Manuel Amador (Rudd-O)
On 10/05/2016 08:23 PM, qu...@posteo.de wrote: > Hi, > > how can I back up my iPhone without a separate Os? > > I have installed Windows 10 in an HVM and tried to add both USB > controller devices but then the VM does not start. > > Backing up via Wifi does not work because the HVM is behind a

Re: [qubes-users] Shortcuts of PlayonLinux

2016-12-05 Thread Manuel Amador (Rudd-O)
On 12/05/2016 09:46 AM, peter tseng wrote: > I installed window applications by PlayonLinux and the shortcuts generated in > /home/user/desktop. then I copy those shortcuts to /usr/share/applications > but I can't see any of them in Add more shortcuts setting. I surely run > qvm-sync-appmenus

Re: [qubes-users] Re: Issue with hdmi

2016-12-04 Thread Manuel Amador (Rudd-O)
On 12/05/2016 04:27 AM, Patrick Bouldin wrote: > > ** 2nd update ** while the above update is true, unfortunately when the > machine hibernates the only thing that brings the display back is a cold boot. > > So it seems to be associated with losing the hdmi somehow - causing the > machine not to

[qubes-users] Any plans for a CCC meeting?

2016-12-01 Thread Manuel Amador (Rudd-O)
I have a couple friends who are huge fans of Qubes OS and they are going to CCC. Since they are not subbed to this list, I'd love to know if there's a meeting of Qubes OS devs and users planned for CCC, so I can tell them and they can go. Any plans? -- Rudd-O http://rudd-o.com/ --

Bluetooth locking (was Re: [qubes-users] safer typing in public places)

2016-11-30 Thread Manuel Amador (Rudd-O)
On 11/30/2016 04:18 AM, pixel fairy wrote: > has anyone here experimented with bluetooth locks? it seems like a lot of > extra scary code to run in dom0, but i like the idea of auto shutdown if > device loses range. or maybe after a timeout period of some trigger?thats > another discussion.

Re: [qubes-users] desktop sharing, capturing and screenshoting

2016-11-19 Thread Manuel Amador (Rudd-O)
On 11/19/2016 09:30 AM, Ray Brainer wrote: > I am having hard time to make desktop sharing in Qubes. > Within VM I see white screen. X server in VM does not allow screengrabs at all. Security measure. > Installing software on dom0 and using it in broadcast is denied. > What should I do? > dom0

Re: [qubes-users] How to rotate VPNs?

2016-11-17 Thread Manuel Amador (Rudd-O)
On 10/29/2016 03:09 AM, Gaiko Kyofusho wrote: > Is it possible to set up a VpnVM to automatically/randomly switch > between vpn servers? At the moment I have to manually replace > openvpn-client.opvn file with another file (with other server info) > every time I want to change, would be great if I

Re: [qubes-users] Re: ANN: Qubes network server

2016-11-17 Thread Manuel Amador (Rudd-O)
On 11/07/2016 02:29 PM, Max wrote: > > This worked first time! > > I pinged from the Debian AppVM to a new Fedora AppVM. I checked that the > pinging did not work first and then went through the steps to change the > Fedora AppVM to connect to the proxy server NetVM, assign a static IP, >

Re: [qubes-users] ANN: Leakproof Qubes VPN

2016-11-17 Thread Manuel Amador (Rudd-O)
On 11/09/2016 01:38 PM, SEC Tester wrote: > Hey Rudd-O, > > Thanks for your effort and great contribution to the Qubes community. Not > sure why Chris was critical, especially without specifically showing evidence > of any problems. Maybe just a troll? > > I haven't tried your program out yet,

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

2016-11-17 Thread Manuel Amador (Rudd-O)
On 11/12/2016 08:58 PM, Chris Laprise wrote: > > That was my first reaction, too. But years later, I am so, s glad > ITL de-emphasized kernel-based security. > > If they had kept it as a supported security layer, the > "security-in-depth" mindset would have dominated most of our > discussions

Re: [qubes-users] Re: Does the Standard Firewall-VM Actaully do anything?

2016-11-17 Thread Manuel Amador (Rudd-O)
On 11/17/2016 04:20 AM, Sec Tester wrote: > It also raises the question, > > Is there any benefit running a VPN-Proxy-VM through sys-firewall? > > Or maybe save the overhead and just connect VPN-Proxy-VM directly to sys-Net? > Either works. With the firewall in between, you can limit the

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

2016-11-13 Thread Manuel Amador (Rudd-O)
On 11/12/2016 03:21 AM, Sec Tester wrote: > SELinux or AppArmor. SELinux would be absofuckinglutely great. Confined apps like Firefox would run much more securely. I got one DispVM owned by an attacker at Defcon in 2014. Isolation was nice to have because the machine didn't get owned, but the

[qubes-users] Re: ANN: Qubes network server

2016-11-06 Thread Manuel Amador (Rudd-O)
On 11/05/2016 03:54 PM, Max wrote: > > Thanks for the response! > > I ran this and also ran 'sudo dnf install go' when I came across the > following error: 'go is needed by qubes-network-server-0.0.4-1.fc23.noarch'. A commit is now out which eliminates this dependency. > I then did the cd into

Re: [qubes-users] Your Battery is syping on you...

2016-11-04 Thread Manuel Amador (Rudd-O)
On 11/04/2016 08:32 PM, 198730178489710317470139 wrote: > Hello, > > good to know that Firefox and other mainstream-browser's spy-features don't > work inside the Q-VMs. > > But here are many ways to find out, who is sitting in front of the screen, > without get logged in, e.g. also

Re: [qubes-users] Display Calibration and Audio Equalizer for Dom0 ?

2016-11-04 Thread Manuel Amador (Rudd-O)
On 11/02/2016 06:28 PM, Marek Marczykowski-Górecki wrote: > > > @Marek: > > Do you have any idea what to look for in order to be able to calibrate > > my screen under Qubes? > > I have no idea how such software works... Especially at which stage > calibration is applied. Is it something that

Re: [qubes-users] Your Battery is syping on you...

2016-11-04 Thread Manuel Amador (Rudd-O)
On 11/02/2016 09:49 PM, '109384'019834'09128'340932189 wrote: > Hello, > > in Q the Firefox battery fingerprinting is enabled. > > https://blog.lukaszolejnik.com/battery-status-readout-as-a-privacy-risk/ > > Manual you might disable it: > > 1. start Firefox > 2. open the URL about:config > 3.

Re: [qubes-users] Re: ANN: Qubes network server

2016-11-03 Thread Manuel Amador (Rudd-O)
On 11/02/2016 07:03 AM, Max wrote: > On Thursday, 13 October 2016 01:31:01 UTC+8, Manuel Amador (Rudd-O) wrote: >> Update: >> >> I have dramatically enhanced the documentation of the project: >> >> * https://github.com/Rudd-O/qubes-network-server >> * >

Re: [qubes-users] Qubes 3 MacOSX

2016-10-30 Thread Manuel Amador (Rudd-O)
On 06/17/2016 04:11 AM, Drew White wrote: > > > On Sunday, 15 May 2016 14:05:50 UTC+10, Jeremy Rand wrote: > > FWIW, I think a legal argument could be made that such license > agreements are anti-competitive and therefore unenforceable. > However, > I am unaware of any specific

Re: [qubes-users] Re: How to view Youtube in Fullscreen ? (for dummies)

2016-10-28 Thread Manuel Amador (Rudd-O)
On 10/27/2016 01:31 AM, raahe...@gmail.com wrote: > On Wednesday, October 26, 2016 at 5:15:53 PM UTC-4, jamie wrote: >> does not matter if I use fedora, debian or whonix ... whenever I press >> fullscreen on any youtube video the brower freezes.. >> >> it also does not matter which browser I use

Re: [qubes-users] "Start Button" and "Task Bar" are Missing

2016-10-28 Thread Manuel Amador (Rudd-O)
On 10/27/2016 02:00 PM, Scott Bourne wrote: > On Wed, Oct 26, 2016 at 9:22 PM, Andrew David Wong > wrote: > > On 2016-10-26 09:25, scot...@gmail.com wrote: > > I installed R3.2 yesterday and everything looked and worked

Re: [qubes-users] How to destroy files without leaving any traces ?

2016-10-28 Thread Manuel Amador (Rudd-O)
On 10/27/2016 01:31 PM, 7v5w7go9ub0o wrote: > > > On 10/27/2016 12:14 PM, Manuel Amador (Rudd-O) wrote: >> On 10/26/2016 04:46 PM, maritnez wrote: >>> you have a file that contains sensitive banking data and would like >>> to delete it without leaving any trace

Re: [qubes-users] Crashplan?

2016-10-28 Thread Manuel Amador (Rudd-O)
On 06/26/2016 03:40 PM, Andrew David Wong wrote: > On 2016-06-26 04:27, Niels Kobschaetzki wrote: > > Hi, > > > does anyone have experiences with running Crashplan in Qubes? If > > yes, how did you install it? > > > Niels > > > I installed it in a StandaloneVM with the installer's default options.

Re: [qubes-users] Internal networking: How are IPs chosen, why class C subnet.

2016-10-28 Thread Manuel Amador (Rudd-O)
On 10/28/2016 08:51 AM, Robert Mittendorf wrote: > Hey, > > yesterday I noticed that even if VMs share a class C network, all > trafic is routed through the gateway and by default the gateway does > not allow a connection to other VMs in the same subnet. > This makes a lot of sense from a security

Re: Request for test: Re: [qubes-users] Fedora 24?

2016-10-28 Thread Manuel Amador (Rudd-O)
On 10/28/2016 09:40 AM, Marek Marczykowski-Górecki wrote: > > Actually yes, we may hook qubes-gui-agent.service into graphical.target > and call it "display manager", preventing others from running. This is > good idea, but something I'd like to avoid as a stable update - so, for > Qubes 4.0.

[qubes-users] Re: ANN: git-remote-qubes: Inter-VM Git for Qubes OS

2016-10-28 Thread Manuel Amador (Rudd-O)
On 10/28/2016 10:51 AM, cyrinux wrote: > Le jeudi 27 octobre 2016 13:47:14 UTC+2, Manuel Amador (Rudd-O) a écrit : >> It gives me great pleasure to announce the inter-VM Git bridge for Qubes >> OS, which allows you to git push and git pull from VMs stored in other >> repo

Re: [qubes-users] Re: Introducing the qubes-announce read-only mailing list

2016-10-28 Thread Manuel Amador (Rudd-O)
On 10/28/2016 05:02 AM, Achim Patzner wrote: > Am 28.10.2016 um 02:00 schrieb Drew White: >> On Friday, 28 October 2016 10:57:03 UTC+11, Andrew David Wong wrote: >> We've just introduced a new mailing list: qubes-announce >>> So it's a forum, not a mailing list > > No, darling. It's a mailing

Re: Request for test: Re: [qubes-users] Fedora 24?

2016-10-28 Thread Manuel Amador (Rudd-O)
On 10/28/2016 01:56 AM, Marek Marczykowski-Górecki wrote: > On Thu, Oct 27, 2016 at 03:31:46PM +0200, Marek Marczykowski-Górecki > wrote: > > On Thu, Oct 27, 2016 at 09:50:56AM +0200, Zrubi wrote: > >> On 09/06/2016 01:24 AM, Marek Marczykowski-Górecki wrote: > >> > >>> I've just tried this and

Re: [qubes-users] Networking between two vms?

2016-10-28 Thread Manuel Amador (Rudd-O)
On 04/08/2016 02:17 PM, edev.u...@gmail.com wrote: > On Sunday, February 1, 2015 at 11:45:05 PM UTC-5, Marek Marczykowski-Górecki > wrote: > >> By default firewallvm blocks all the inter-vm traffic. But you can add a >> rule to allow that. Take a look here: >>

Re: [qubes-users] Windows HVM doesn't get updates

2016-10-28 Thread Manuel Amador (Rudd-O)
On 04/10/2016 11:34 PM, Salmiakki wrote: > Well, maybe. I haven't looked at traffic yet. Is there a simple way to > do that with qubes? sudo tcpdump -i eth0 -nn in the ProxyVM that your Windows VM is attached to. -- Rudd-O http://rudd-o.com/ -- You received this message because you

Re: [qubes-users] Re: ANN: git-remote-qubes: Inter-VM Git for Qubes OS

2016-10-27 Thread Manuel Amador (Rudd-O)
On 10/27/2016 11:37 PM, Drew White wrote: > On Thursday, 27 October 2016 22:47:14 UTC+11, Manuel Amador (Rudd-O) wrote: >> It gives me great pleasure to announce the inter-VM Git bridge for Qubes >> OS, which allows you to git push and git pull from VMs stored in

Re: Request for test: Re: [qubes-users] Fedora 24?

2016-10-27 Thread Manuel Amador (Rudd-O)
On 09/06/2016 11:10 AM, Achim Patzner wrote: > Some key bindings might have changed; ctrl-"+" in a terminal window > increases the font size but the terminal window does not grow with it > anymore. Finally! The GNOME people finally unfucked Ctrl++! -- Rudd-O http://rudd-o.com/ -- You

Re: [qubes-users] ANN: Leakproof Qubes VPN

2016-10-27 Thread Manuel Amador (Rudd-O)
On 10/27/2016 12:03 PM, Robert Mittendorf wrote: > Just saw the Qubes VPN project right now. > > Quick-reading the tutorial I have to questions: > > 1) why does the VPN-VM need to be allowed to do DNS, The VPN VM does not need to be allowed to do DNS. You can set an IP in its configuration and

Re: [qubes-users] ANN: Leakproof Qubes VPN

2016-10-27 Thread Manuel Amador (Rudd-O)
On 10/27/2016 09:15 AM, cyrinux wrote: > > Hi Rudd-o, just for say I use Qubes VPN since 2 weeks, with mullad, and no > problem, this seems perfect ;) Thank you very, very much. You are very kind for taking the time to give public appreciation for my work :-) This is the stuff I live for.

[qubes-users] ANN: git-remote-qubes: Inter-VM Git for Qubes OS

2016-10-27 Thread Manuel Amador (Rudd-O)
It gives me great pleasure to announce the inter-VM Git bridge for Qubes OS, which allows you to git push and git pull from VMs stored in other repos, with no networking involved whatsoever, and observing full compliance with Qubes OS qrexec policy. This should usher in a new era of software

Re: [qubes-users] ANN: Leakproof Qubes VPN

2016-10-26 Thread Manuel Amador (Rudd-O)
Apologies for the reply to self, but I have received great news. The first piece of great news is that a user of Qubes VPN found a bug that made it impossible for Qubes VPN to work with tun-style VPN providers. We have fixed that bug thanks to his cooperation, and you can see the result of our

[qubes-users] Privacy issue in DisposableVMs

2016-10-22 Thread Manuel Amador (Rudd-O)
DisposableVMs have Firefox cookies for Google and other websites in them, unless you have customized the homedir of the DVM as per the instructions in the documentation pages. To read the details, please refer to: https://github.com/QubesOS/qubes-issues/issues/2390 To mitigate: I recommend

Re: [qubes-users] Most Secure way to encrypt your usb stick ?

2016-10-22 Thread Manuel Amador (Rudd-O)
On 10/22/2016 12:09 PM, lakschmi wrote: > have sensitive data on your usb stick? > > whats the best way to encrypt/decrypt it? > > > > normally I use whonix-ws pgp and encrypt every file but Id rather have a > different method > > > > is there a way to install the tails os ecryption system in

Re: [qubes-users] Qubes R3.2, cannot find redshift{-gtk} packages on dom0

2016-10-20 Thread Manuel Amador (Rudd-O)
On 10/20/2016 01:47 AM, Pablo Di Noto wrote: > Hello all, > > I have reinstalled R3.2 and want to install Redshift (and its GUI) on dom0 > again. > I do not recall how I did it on R3.1, and successive updates. > > I see on a Fedora 23 VM that redshift and redshift-gtk are available in the >

Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-20 Thread Manuel Amador (Rudd-O)
On 10/20/2016 05:12 PM, pleom...@gmail.com wrote: > @Jeremy Rand > > realy sorry about that,i didnt think that someone get some emails. THOUSANDS of us get "some emails" from you. > But this thing of system security is important. > The fact that security — which you do not seem to understand

Re: [qubes-users] Re: Attaching USB 3g modem to sys-net.

2016-10-20 Thread Manuel Amador (Rudd-O)
On 10/20/2016 05:03 PM, f03gu9h3u9fh3...@gmail.com wrote: > Is there no software route i can take? Is is not possible to virtualize a > specific device and then attach that to the VM or something alike? > > I could just get 2 PS/2 adaptors for my keyboard and mouse and set up a > dedicated USBVM

Re: [qubes-users] SMB mount point location

2016-10-20 Thread Manuel Amador (Rudd-O)
On 10/18/2016 07:25 PM, John Maher wrote: > > Manuel, this is awesome! Thank you for the extensive explanation. My pleasure. > > Regarding option 3, are you referring to a Qubes service or some other type > of utility? Being new to Qubes, your mentioning of services above is my > introduction

Re: [qubes-users] SMB mount point location

2016-10-15 Thread Manuel Amador (Rudd-O)
On 10/13/2016 02:25 PM, John Maher wrote: > On Wednesday, October 12, 2016 at 12:06:15 PM UTC-4, Manuel Amador (Rudd-O) > wrote: >> On 10/12/2016 12:55 PM, John Maher wrote: >>> Hello, >>> >>> I'm trying to access file on the command line through an SMB moun

Re: [qubes-users] Re: Unable to uptade templates affer forced all traffic trhough VPN

2016-10-15 Thread Manuel Amador (Rudd-O)
On 10/15/2016 04:56 PM, 4lgaqp+cqeepdnbinsts via qubes-users wrote: > Hi Chris, > > Thanks for the suggestion. > Just to clarify, the VPN tunnel was created within the sys-firewall, I believe the VPN set up by the instructions in the official docs interfere with the updates proxy functionality.

Re: [qubes-users] Re: Unable to uptade templates affer forced all traffic trhough VPN

2016-10-15 Thread Manuel Amador (Rudd-O)
On 10/15/2016 04:56 PM, 4lgaqp+cqeepdnbinsts via qubes-users wrote: > Hi Chris, > > Thanks for the suggestion. > Just to clarify, the VPN tunnel was created within the sys-firewall, and > currently that's the only proxyVM that I'm using (apart from the sys-whonix), > hence all traffic from the

Re: [qubes-users] Re: How to send wake on lan from qubes?

2016-10-15 Thread Manuel Amador (Rudd-O)
On 10/15/2016 03:12 AM, pleom...@gmail.com wrote: > Rudd-O > might be you so nice and explain why it dosent work > > > https://groups.google.com/forum/#!topic/qubes-users/E2NBXnYazUk Please do not crosspost this problem to other threads. Keep it to the other thread. Please also comply with my

Re: [qubes-users] Re: ANN: Leakproof Qubes VPN

2016-10-15 Thread Manuel Amador (Rudd-O)
On 10/16/2016 01:03 AM, pleom...@gmail.com wrote: > my vpn connection is good bcs its connect > openvpn --config qubes-vpn.conf That's not what I asked for. Please give me the information required by the Troubleshooting section of the README.md file in the project Otherwise I cannot debug the

  1   2   >