Re: [qubes-users] Re: whonix tor browser customization
On Fri, Aug 23, 2019 at 7:59 PM wrote: > panina: > > On 7/31/19 5:35 PM, 'awokd' via qubes-users wrote: > >> panina: > >>> Hello. > >>> > >>> > >>> I've been looking for how to fix some bad default settings in the whonix > >>> tor browser. Namely, they removed NoScript from the toolbar, so that the > >>> NoScript cannot be used as intended. > >>> > >>> Since it's not adviced (and not easily possible) to start the browser in > >>> the template, I have to do this manually each time I start a whonix dvm. > >>> Since this is cumbersome, I'm not using the NoScript plugin as intended. > >>> > >>> Does anyone know how to get this plugin into the toolbar for each dvm? I > >>> realize that this is a Whonix issue, but all of the affected users are > >>> on this list... > >> > >> You might be able to hack it like in 14- > >> https://forums.whonix.org/t/how-do-i-customise-tor-browser-in-a-whonix-templatebased-dvm-in-whonix-14/5580/27. > >> Note it may compromise anonymity by making your browser unique or at > >> least less generic. > >> > > > > Can't seem to get this working. I get confused by how the dvm's work, > > and am not succeeding in starting any applications in the dvm template. > > > > > > > > On 8/9/19 9:05 AM, Patrick Schleizer wrote: > >>> panina: > >>> Namely, they removed NoScript from the toolbar, so that the > >>> NoScript cannot be used as intended. > >> > >> > >> We did not. Decision by upstream, The Tor Project. > >> > >> > > https://forums.whonix.org/t/workstation-15-dropped-both-noscript-and-https/7733 > > > > Thanks, duly noted. Is there any chance to get them to add a setting for > > this? Or re-think their decision? > > > > <3 > > /panina > > > > > Thanks, duly noted. Is there any chance to get them to add a setting for > > this? Or re-think their decision? > > Please see: > https://trac.torproject.org/projects/tor/ticket/30600 > https://trac.torproject.org/projects/tor/ticket/30570 > > TL;DR The TBB developers pushed out some half-baked changes that > compromise UX, are hostile to the idea of reverting those changes, and, > three months later, apparently have zero interest in fully baking those > changes. > > ¯\_(ツ)_/¯ That's a little harsh, isn't it? Saying there is no interest is ignoring the fact that Tor Browser is maintained by a team of 10 people for four different operating systems. Tor Browser is useless (and actively harmful) if users are confused about which settings they should change (due to careful design choices) and which settings they shouldn't change. The Noscript and https-everywhere buttons on the toolbar allowed people to tweak the settings easily, and this was not something a normal user should do. If someone really needs to change these settings, then they can go through a more complicated procedure for accomplishing that. The team will finish implementing this, but (in particular) the highest priority task right now is migrating the Tor Browser patches and build system from Firefox 60esr to 68esr within the next few weeks. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAGF8hsss10Ugap-brrFWVjh0Gmvtv5%3D1%3Da1PWD%2BdagzBrOdwiQ%40mail.gmail.com.
Re: [qubes-users] Announcement: Insurgo PrivacyBeast X230 Laptop meets and exceeds Qubes 4.0 hardware certification
On Friday, July 19, 2019, Andrew David Wong wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Dear Qubes Community, > > We are very pleased to announce that the Insurgo PrivacyBeast X230 [1] > has passed Qubes 4.0 Hardware Certification and is now a Qubes-certified > Laptop! [2] Can you say how many USB controllers this laptop has? Thanks, Matt -- Matthew Finkel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAGF8hsvas-dcbgYYaHhtjerfnyMV9AO%3D0Dnd3ALoL5zhqKw3fQ%40mail.gmail.com.
[qubes-users] Re: Using http_proxy environment variable in Templates with qubes Updates Proxy
On Sunday, March 10, 2019 at 3:24:08 PM UTC, farrilis wrote: > Using Qubes 4.0 in Whonix 14 template > > > When using curl, the -x (or --proxy) parameter accepts the address > (127.0.0.1:8082) that redirects to Qubes Updates proxy over RPC, and > returns what you would expect. > > But with wget (which I think is a better choice than curl), setting the > http_proxy environment variable is needed (according to 'man wget' and > web resources) > > > Using the following commands: > > 'export use_proxy=on' > 'export http_proxy=http://127.0.0.1:8082' > 'wget https://gitlab.com/repo/filename' > > produces this output: > > " Resolving gitlab.com (gitlab.com)... failed: Non-recoverable failure > in name resolution. > wget: unable to resolve host address 'gitlab.com' " > > > Then try a domain name that does not exist: > > " Connecting to 127.0.0.1:8082... connected. > Proxy request sent, awaiting response... 500 Unable to connect > 2019-03-10 15:17:23 ERROR 500: Unable to connect. " > > > What could the problem be? curl can use 127.0.0.1:8082, why not wget? wget leaks dns - by this I mean wget tries resolving the domain name locally and then uses the result from that as the destination of the proxied connection. If the DNS resolution query fails, then wget gives you that error. Curl, in comparison, (correctly) asks the proxy to handle the entire connection including the hostname resolution. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7bf862a9-f536-41b0-90fb-80557c8bf825%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Torsocks and dnf no longer work in Fedora 29 -- Any Ideas?
On Sunday, March 24, 2019 at 6:22:49 PM UTC, ashleyb...@tutanota.com wrote: > I utilize torsocks dnf to perform updates over tor inside of HVM linux > installs (so not in templates obviously which would use qubes normal update > mechanism). > > > > Since upgrading to Fedora 29 torsocks is not working with DNF. It throws an > exception message. This is not directly related to qubes, but I imagine > others have had this issue. Does anyone know how to use torsocks with dnf > now. For example: > > > > sudo torsocks --isolate dnf update > > > > > > Running the above used to work perfectly. Now, it will work until it reaches > a random error which is unrelated to networking. It is the following: > > > > terminate called after throwing an instance of 'libdnf::File::CloseException' > > what(): Cannot close file: /var/cache/dnf/fedora-modular-[random > letters]/repodata/[random letters]]-modules.yaml.gz > > Aborted > > > > So, it seems related to closing a file and for some reason this causes a > termination, but only when using torsocks. When not using torsocks it works > normally. I have run dnf clean all and all of that. Nifty. This could be a torsocks bug. I stopped using torsocks with dnf, I configure dnf with proxy support directly, in '/etc/dnf/dnf.conf' I add: proxy="socks5h://127.0.0.1:9050" proxy_username="dnf" proxy_password="1234" Unfortunately, it doesn't seem like dnf respects the http_proxy env variable (and it doesn't like username/password within the url). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b2b9b170-c713-4e61-a275-2df6d67f16cc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
