Re: [qubes-users] Re: Screen recorder for Qubes..?

2016-11-08 Thread neilhardley
On Tuesday, 8 November 2016 12:49:53 UTC, Eva Star  wrote:
> It's not hard to integrate video capturing to my qubes screenshot tool 

What is the command name for your screenshot tool...? Can it be run on the 
command line..?

Because I'd be willing to just write a script to run it multiple times per 
second, and then view the JPG / PNG images individually

I'd be willing to write that script myself right now and not even integrate it 
into Qubes or anything... To just do it for myself.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/a87c04b2-6e0e-46d3-9162-243b78a4795c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: Screen recorder for Qubes..?

2016-11-07 Thread neilhardley
None of this makes any sense to me.

There is already a screenshot tool

This would just be multiple screenshots per second.

I don't see why it isn't possible

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8f43a994-6238-4a04-9336-0193cec44d2d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Screen recorder for Qubes..?

2016-11-07 Thread neilhardley
I see that dom0 has a screenshot tool, but how about a screen recorder tool..?

I.e. one that would record video.

Sound is not needed, but I certainly need to record many screenshots per 
second.. Many frames per second.

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/57173cf7-8ad4-4d6a-aa35-6bed93d77aaf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] A list of computers that do not "hold state"..?

2016-10-22 Thread neilhardley
Does anyone have a list of computers with no writable firmware..?

If you get hacked, hackers can deeply infect the BIOS, GPU, WiFi and other 
components that "hold state".

Then, even if you wipe your hard drive after getting infected, you can still 
just get re-infected again, due to the deep firmware infections.

The Raspberry Pi is an example of a device that does not "hold state".

Every component on the Raspberry Pi has its firmware and drivers loaded in from 
an SD card.

Thus, if you wipe the SD card, you have truly wiped the device, and can be sure 
that it is totally clean.

Does anyone have a list of similar devices to the Pi, that do not "hold state" 
on ANY of the components...?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/f00af64b-c89e-4451-bec5-8667bc52a5ab%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Restart sound card "state"..?

2016-10-15 Thread neilhardley
OK. Solved. It was muted in "output devices".

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/cfc78921-8b88-45e5-8b14-11d28051b864%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Switch of DMA altogether..?

2016-10-09 Thread neilhardley
OK, so how about using PIO purely..?

A device which can do PIO and PIO only.

Would this then be more secure..? Or would the attack just be carried out by 
the CPU rather than RAM..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3e9f6d8d-901f-42dc-9571-58f832f23a33%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Switch of DMA altogether..?

2016-10-08 Thread neilhardley
DMA allows network card to read/write RAM.

DMA attack allows one already-compromised VM to read the RAM of another VM, 
thus breaching Qubes isolation... unless you use VT-D, although flaws in VT-D 
have been shown.

Remote DMA attack allows packets sent to the network card directly over the 
web, not even having to compromise your VM first... as demonstrated in the 
paper by the French intel agency.

That is what I understand so far. Hence, why I am asking if using PIO rather 
than DMA would prevent such attacks.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8d3ffc8d-8658-4a32-b3aa-7c486b653e15%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Switch of DMA altogether..?

2016-10-08 Thread neilhardley
OK, so we've gone from not do-able remotely, to "may or may not be possible", 
and "this is hard"
Are there any proven such attacks on Ethernet? Any proof of concepts?

Also, would USB Ethernet make this attack any easier..? Something like a USB 
Ethernet dongle?

http://i.imgur.com/l5ntqFe.jpg

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/bcdf1789-0d36-4fd7-bc1c-4dbfb930beb4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Switch of DMA altogether..?

2016-10-08 Thread neilhardley
OK, so we've gone from not do-able remotely, to "may or may not be possible", 
and "this is hard"

Are there any proven such attacks on Ethernet? Any proof of concepts?

Also, would USB Ethernet make this attack any easier..? Something like a USB 
Ethernet dongle?

http://i.imgur.com/l5ntqFe.jpg

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6c874d29-01ff-462b-8dde-6d37dec9cbda%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Switch of DMA altogether..?

2016-10-07 Thread neilhardley
OK. This is getting confusing.

So you are now saying that you can't do a DMA attack over the web..?

If I had one computer connected to another via Ethernet crossover, could one 
computer infect the other via DMA by sending the DMA attack over the crossover 
cable..?

Or can a computer only launch a DMA attack on itself?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6a7e0a00-72a4-4939-804b-0687e08bad4f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Switch of DMA altogether..?

2016-10-07 Thread neilhardley
Another question...

Are DMA attacks on Ethernet are even plausible?

WiFi seems much more vulnerable than Ethernet, due to more complexity.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/999d2ee0-f6aa-4617-80de-9264d87be87e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Switch of DMA altogether..?

2016-10-07 Thread neilhardley
"
The original cards, the NE1000 (8-bit ISA; announced as "E-Net adapter" in 
February 1987 for 495 USD) and NE2000 (16-bit ISA), and the corresponding use 
of limited 8-bit and later 16-bit DMA in the NE2000
"

That seems to say that DMA is in fact used in the NE2000.

By the way, will these cards support modern Ethernet cables, like cat5e...?

Do they support Ethernet crossover?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/a4eb75f1-3a78-48f5-addf-063e014f79fe%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Switch of DMA altogether..?

2016-10-07 Thread neilhardley
On Friday, 7 October 2016 19:37:50 UTC+1, Achim Patzner  wrote:
> I think I’ve still got a bunch of NE2000 and early RealTekNICs somewhere in 
> the cellar – how much do you want to offer?

Are you saying that these devices are non-DMA...?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e30f1d83-efa0-468d-a1a0-6032f70d7f0a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: Switch of DMA altogether..?

2016-10-07 Thread neilhardley
So are you saying that VT-D does not actually depend on Xen...?

With a Xen bug, couldn't a hacked WiFi device just break out of sys-net..?

Or not..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0e9712cf-5c52-41d4-92bd-7a5853add4c1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Switch of DMA altogether..?

2016-10-07 Thread neilhardley
Presumably through the CPU.

We know this option exists for hard drives for a facts.

So I see no reason you couldn't get Ethernet + WiFi chips without DMA.

Not all devices support switching off DMA, so I can see why Qubes decided to 
use VT-D + Xen instead.

But certainly, I think there are devices out there without DMA. I think you 
just need to search the market for a Ethernet/WiFi that supports non-DMA.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1dfba313-0f8f-4ddd-83fe-1e61c684ccd2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Switch of DMA altogether..?

2016-10-07 Thread neilhardley
Qubes uses VT-D and a Net VM to attempt to isolate buggy WiFi adapters from the 
rest of the Qubes system.

But this isolation still depends on Xen not having bugs... And we know that Xen 
has bugs, and will likely continue to have more going forward.

So, instead of VT-D, why not just switch off DMA altogether..?

In Debian, you can edit "/etc/hdparms.conf", and do stuff like this:

/dev/hdc {
dma = on
}

Why not just do this for WiFi and Ethernet chips in Qubes, and thus, not have 
to rely on Xen for isolation?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7da00a1d-df99-46fd-8f22-efb638d4f463%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Detach a USB mic from sys-usb into dom0

2016-10-03 Thread neilhardley
OK, here is the solution. I solved it myself.

You install "pavucontrol" in the internal VM.

Then ,if you look at it, you will see that the USB mic is actually detected 
automatically.

So in fact, no need to detach anything, or disable any USB qube.

You just simply install "pavucontrol" inside the App VM.

The USB mic doesn't show up in dom0's pavucontrol

But it does show up in pavucontrol of the internal VM

Solved.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/dab90fec-8bbb-4738-a6c4-ed009977d21a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Detach a USB mic from sys-usb into dom0

2016-10-03 Thread neilhardley
I remember, before I had Qubes with the USB qube, my USB mic seemed to be in 
dom0.

To the point where I could see the USB mic as an option in "Volume Control"/ 
pavucontrol in dom0.

In the volume control mixer, I would be able to select the VM from there, and 
choose the USB mic as the input device for a particular VM.

But now, because I have sys-usb, the USB mic is in sys-usb, and thus, I cannot 
select it from the dom0 volume mixer.

How do I get the USB mic to detach from sys-usb and go back into dom0...?

Or is there some way to direct a mic to a certain VM using sys-usb instead?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e486d232-1713-4c80-817c-0e8bda112aad%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Would USB Ethernet be more secure than WiFi..?

2016-10-01 Thread neilhardley
There is talk that Ethernet is more secure than WiFi, due to the complexity of 
WiFi.

So, my laptop only has WiFi.

If I were to remove the WiFi chip, and use a USB Ethernet adapter, do you think 
that would be more secure..?

Something like this:

https://www.amazon.co.uk/Network-Adapter-TechRise-Ethernet-Supporting/dp/B01JS7U3GQ/ref=cm_cr_arp_d_product_top?ie=UTF8

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5ec8c014-c00b-4cf8-98da-05415037f466%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] A computer with read-only firmware..?

2016-10-01 Thread neilhardley
Does anyone know of any computer that has read-only firmware..?

I'm talking, just about anything that could have a virus written to it.

Stuff like

1. BIOS

2. GPU

3. Ethernet

4. Mouse

5. Keyboard

etc

I want this system because then if it is infected, then all I need to do is 
wipe the HDD and then it's clean again.

Ideally the system should only have HDD as persistently writable.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/10d3da1d-030b-4230-9c07-e08c3a12f114%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Failed to add USB controller to App VM

2016-09-30 Thread neilhardley
OK, this seems to be what I need.

One further question...

https://www.qubes-os.org/doc/dom0-tools/qvm-prefs/

"

pci_strictreset
Accepted values: True, False

Control whether prevent assigning to VM a device which does not support any 
reset method. Generally such devices should not be assigned to any VM, because 
there will be no way to reset device state after VM shutdown, so the device 
could attack next VM to which it will be assigned. But in some cases it could 
make sense - for example when the VM to which it is assigned is trusted one, or 
is running all the time.

"

---

So... if you were to shut down and restart your entire computer (not just VMs), 
would the device state be reset to a safe state...?

Or is this just going to make it unsafe forever..?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/11078d82-5423-4e52-96ce-a7cc5b766490%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Failed to add USB controller to App VM

2016-09-29 Thread neilhardley
I am using Qubes 3.2 rc2

I need to use an external USB WiFI device.

I was told in a previous thread that I need to attach the entire USB 
controller, rather than just using qvm-usb -a

https://groups.google.com/forum/#!msg/qubes-users/o8zUPDdA0Vs/8LkwfalPCAAJ;context-place=topic/qubes-users/o8zUPDdA0Vs

However, when I do this, I get the following error message:

"

Error starting VM 'anon-whonix': internal error: Unable to reset PCI device 
:00:14.0: no FLR, PM reset or bus reset available

"

What is the solution here..? I'm adding a USB controller to anon-whonix. Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b520cc8f-3d7f-4707-b8f8-9636c3712ce0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] sys-firewall no longer works after creating new Net VM

2016-09-29 Thread neilhardley
I created a new Net VM, in order to use Debian, and it works fine.

But now I want to revert back to sys-net.

The problem is that my sys-firewall no longer works.

How do I get sys-firewall to work again?

It starts up fine, but simply doesn't work. Other App VMs are not getting data 
through it.

Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5f2dfb2a-597a-4fc8-81e9-76dec90187dd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Set different NetVM for dom0

2016-09-29 Thread neilhardley
How do I change the NetVM used by dom0..?

I have sys-firewall as does everyone.

But I actually set up a new NetVM a while back, and sys-firewall no longer 
works for me.

Call it "NetVM2".

So I want to set the NetVM used by dom0 to "NetVM2", or whatever replace 
"NetVM2" with the name of the NetVM.

Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c474d179-f406-41be-9ac6-1c6524a5b84b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Physical isolation using Whonix and Qubes..?

2016-09-28 Thread neilhardley
I am looking to use Qubes/Whonix as a dedicated Tor router.

And then route a laptop through my Qubes/Whonix system.

Main router => Qubes/Whonix computer that acts as a Tor-only router => My 
laptop for browsing web

I want to know how to share the connection of Whonix/Tor in Qubes, with a 
laptop that connects into the machine physically.

I tried asking this question on Whonix forums, but they told me to ask on 
qubes-users instead, because it is "unsupported".

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6be60815-54a4-47de-90b7-fa92052597f0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: Anything else to wipe other than HDD and BIOS..?

2016-09-27 Thread neilhardley
Yeah, Joanna is seriously epic.

How about Raspberry Pi..? That seems to have very few components.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b628b960-618f-41da-b0ae-3b15282af050%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Anything else to wipe other than HDD and BIOS..?

2016-09-27 Thread neilhardley
If I think a computer has been infected, is there anything else I should 
wipe/re-install other than

1. Hard Drive / Operating System

2. BIOS

Is there anything else that a hacker could possibly infect that needs to be 
wiped/re-installed..?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/43647750-ce02-45db-b745-865ffee84df3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-26 Thread neilhardley
Very useful info, but what I meant is whether the Ethernet drivers/firmware etc 
are more secure than the WiFi ones.

I wasn't really talking things like RF leakage etc.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ecbd7136-a6f1-4bcf-b7c5-8a830ee3c7fa%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-26 Thread neilhardley
And yes, by all means, I will use Whonix's system rather than my own custom 
script.

I originally created my own, because I saw that Whonix didn't have VT-D.

But then I learned that VT-D is nowhere near as good as I thought.

I originally thought VT-D isolates the devices from the Net VM itself. But in 
fact, VT-D only keeps the devices inside of Net VM... and the security of Net 
VM itself is still dependent on Xen.

So... yes I will definitely look into using Whonix for this rather than my 
own script.

But just to re-iterate my previous question.. do you think Ethernet is any more 
secure than WiFi.

In your answer, you explicitly say to get rid of WiFi, due to security 
problems... But how about Ethernet..?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9774f4fb-2cfd-4848-887e-1a8dcce18c62%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-26 Thread neilhardley
Well, entr0py, you are correct.

It does indeed come down, to either Xen, or my networking stack.

Let me ask... what is the security like for Ethernet..?

Let's say I connected to my home router via Ethernet, and also served out the 
Tor connection to a 2nd laptop, over Ethernet.

In this setup, there is no WiFi at all.

Would that make things more secure..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7fc44baf-ea60-485d-93c9-faa06fb04bde%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
I guess the only other thing I would add is.

With Firefox, you have a page "Security Advisories", which lists the history of 
Firefox exploits.

I wonder if such a thing exists for WiFi drivers + firmware.

Or even a list of any major audits of WiFi drivers + firmware.

If there is some really easy way to see which WiFi devices are the most secure.

Something like "security advisories", but for WiFi devices.

But I guess if no eyeballs are even looking at the code, then no one will find 
any bugs.

Ultimately, what's needed is a Truecrypt-style major audit.

If we could crowd-fund an audit of a major WiFi chip(s), that may be the key.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6848617d-b373-48f5-b103-eb3b634dde65%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
OK, so the main takeaway from your answer:

"The card doesn't have a host CPU and so it doesn't require a firmware source"

that seems like the most interesting

the driver would still need to be bug-free though

who knows whether any of these have even been audited

thanks for your replies though... very detailed and very useful

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/91ed9119-b5dd-49bd-9152-f141d126c3ce%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
In terms of "hotspot" terminology, what it does is, quote from author of the 
script:

"it bridges the two interfaces but uses NAT to achieve it"

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6b5e42ea-e2dc-420d-933a-3c591b75639d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
NET VM
--
--
- WiFi device-
--
- Ethernet device-
--
- Tor ethernet hotspot script-
--
--
-
-
-Ethernet crossover cable
-
-
LAPTOP 2-
---
- -
- -
- -
-   Web browser, apps etc -
- -
- -
- -
- -
---


Question:

Could a DMA attack on WiFi device or Ethernet device then take over the entire 
Net VM, modify my Tor script, and then do whatever, like, leak my real IP, pass 
all data to the hacker, etc?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c53c0456-5878-43d3-93cf-3fc692cd5ea8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
OK.. here we go This is my question with a DIAGRAM to help you visualise it:

http://imgur.com/a/CTbLk

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e5651253-3453-4fa4-8795-1639d599e62f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
OK, it's the original poster here.

The consensus so far is that anything I run inside sys-net should be 
vulnerable, and that it is advised not to run programs in sys-net.

So, in this case, how am I supposed to run my Ethernet Tor hotspot..?

I had somebody write me a script that lets Qubes connect by WiFi to my home 
router, and then serve out an Ethernet hotspot that runs everything through Tor.

The program works fine, but yes, it does run within sys-net.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/62d3ca97-2e26-41a8-90e3-4b50f28be1d6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] What is the purpose of sys-firewall..?

2016-09-24 Thread neilhardley
What is the purpose of sys-firewall..?

I noticed that every App VM has its own "Firewall Rules" inside of VM Settings.

So therefore, what is the purpose of sys-firewall..?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3709cdc5-4d09-47e0-b59b-40a188c3908f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-24 Thread neilhardley
Simple question: Why are Ethernet and WiFi in sys-net..?

Is it

(A) Just for easy access to the same network for all App VMs..?

(B) Because this is isolating Ethernet and WiFi from the rest of the system, to 
stop DMA attacks..?

It's not clear to me whether the VT-D protection is occurring because you are 
putting these devices in sys-net.

Or whether the VT-D is implemented regardless of which VM the Wifi/Ethernet are 
in.

I ask this because I want to run some programs in sys-net, and wonder whether a 
DMA attack could screw up these programs.

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3b37e397-f889-48fa-8a1d-cbe201e4acdf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] How to add a "sys-firewall" to a NetVM..?

2016-09-23 Thread neilhardley
I created a new NetVM to use debian8, rather than fedora-23

It all works fine.

But I noticed that the original "sys-net" has a "sys-firewall" tied to it.

Do I need to add something like this for my new Net VM, and if so, how do I do 
it..?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/88743796-2866-4900-8ec6-3ced381fc0fc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Is it possible to have 2 Net VMs - one for Ethernet, another for WiFi..?

2016-09-23 Thread neilhardley
I want to have 2 Net VMs running at the same time.

One would hold Ethernet in "Devices"

The other would hold WiFi in "Devices"

Is this possible?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1825a2b3-2e29-4df1-89e5-20c57c37595b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Can't get WiFi driver to work in Debian 8

2016-09-22 Thread neilhardley
Obviously restart the Template VM and Net VM afterwards.

All solved.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/f4fb56b1-52c2-4c46-a883-76e19be13746%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Can't get WiFi driver to work in Debian 8

2016-09-22 Thread neilhardley
OK. I solved it. The solution is to get the jessie-backports .deb file and 
install it in the "debian-8" template VM:

Go here

https://packages.debian.org/jessie-backports/firmware-iwlwifi

Then here

https://packages.debian.org/jessie-backports/all/firmware-iwlwifi/download

Copy the file to debian-8

run

dpkg -i firmware-iwlwifi_20160110-1-bpo8+1_all.deb

Solved

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/07a73682-4b96-4d45-9532-f4d523aea9c1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Can't get WiFi driver to work in Debian 8

2016-09-22 Thread neilhardley
I am on Qubes 3.2 rc2.

I have an Intel 3165 WiFi driver.

It simply does not work.

It works fine in Fedora, but not Debian.

According to this:

https://github.com/QubesOS/qubes-issues/issues/1526

There is something where Debian no longer recognises WiFi in Qubes Net VMs..?

Is this true..? 

If so, it says to downgrade to 3.18 kernel.

So I follow these instructions:

https://www.qubes-os.org/doc/managing-vm-kernel/

But then I try going to dom0, and running:

"sudo qubes-dom0-update grub2-xen"

and it returns:

"Cannot download rpm/grub2-xen-2.02beta2-3.fc23.x86_64.rpm: All mirrors were 
tried"

So I just don't get it.

Do I need to downgrade the kernel or not..? Does anyone have WiFi drivers 
working in a Debian8 Net VM..??

And if I do, why is this failing in dom0..? 

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/86779166-8c7b-4f76-b87b-554c5a34dbb8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] If you change "sys-net" from Fedora to Debian template, will it break anything..?

2016-09-22 Thread neilhardley
Yeah, what actually happened to me, is that Ethernet DOES work just fine.

But WiFi doesn't.

So this is actually I think related to this issue:

https://github.com/QubesOS/qubes-issues/issues/1526

Wifi no longer recognised in Debian-based sys-net VM after 3.0 -> 3.1 upgrade

I have an Intel 3165 WiFi chip.

There is something where Debian in Qubes no longer works with WiFi or 
something. They say to downgrade to a lower kernel.. Errgh

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ccb14b4a-149c-4f72-92ba-1119f9fb04a3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] If you change "sys-net" from Fedora to Debian template, will it break anything..?

2016-09-22 Thread neilhardley
OK, now, I had real problems trying to switch to debian8.

I shut down sys-net and sys-firewall

Switched them both over to debian8

First thing, it said "Internet disconnected" in network manager, and simply 
wouldn't show any WiFi networks at all.

Second thing, it wouldn't even open the terminal for "sys-net".

So, this really did not work for me.

Chris Laprise, what did you do, other than shutting down VMs and changing to 
debian..?

Did you have to shut down sys-usb as well..? 

Or do I have to do a bunch of other VMs or other stuff..?

This certainly didn't work smoothly for me at all. I've switched back over to 
Fedora just to type this.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7bacb435-a9d7-466e-a4f3-30c21f7ee570%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] How to install DHCP in "sys-net"

2016-09-22 Thread neilhardley
I am doing a project with someone.

I need to install DHCP in "sys-net".

I did:

sudo dnf install dhcp

and

sudo dnf install dhcpcd

---

After this, I was asked to look for this file:

/usr/lib/dhcpcd/dhcpcd-hooks/70-ipv4-nat

---

But it just hadn't been created.

I don't understand how to install DHCP in sys-net

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/927f22bd-e0f2-4246-a478-7e2143c68e59%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Can TeamViewer or similar work with Qubes..?

2016-09-22 Thread neilhardley
OK, that's pretty useless, because I want someone to connect to my PV, not to a 
win7 HVM.

Are there any other options at all..? I guess I could let someone SSH into my 
VM..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9e58efa9-0465-4811-8e34-bf914db566ee%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] If you change "sys-net" from Fedora to Debian template, will it break anything..?

2016-09-22 Thread neilhardley
Can I also ask

Is it true to say

"enp0s1" is the sys-net equivalent of "eth0"

and "wlp0s0" is the sys-net equivalent of "wlan0"

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ec853dd6-b6fa-4d6d-8b8f-b06134cbb8b4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Can TeamViewer or similar work with Qubes..?

2016-09-22 Thread neilhardley
I am working on a project with someone.

And they want to remote into Qubes with TeamViewer.

Will this work at all... or is there any alternative software..? Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1ebd7725-5155-48b2-8539-9ae40f5e4986%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] If you change "sys-net" from Fedora to Debian template, will it break anything..?

2016-09-22 Thread neilhardley
I may need to change "sys-net" from the Fedora template VM, to the Debian 
template VM.

If I did this, would it break anything..? Or does it simply have to be Fedora..?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9a2414f8-a548-419d-92bf-2a7c4bcdcc39%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] How do you install external USB WiFi adapters..?

2016-09-20 Thread neilhardley
I plug in a USB WiFi adapter.

I go to sys-usb, and run "lsusb".

It shows up there as, "Bus 002 Device 028: ID 148f:3070 Ralink Technology, 
Corp. RT2870/RT3070 Wireless Adapter"

What happens next..?

How do I get this to the point where it can be used..?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d824fe21-3423-449c-8dd4-57ad18fc24d4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] WHERE is VT-D implemented..?

2016-09-19 Thread neilhardley
Quick question.

WHERE is VT-D protection against DMA attacks implemented..?

Is it implemented at a particular VM, such as

"sys-net"

or

"sys-firewall"

Or is this just built-in to the entire Qubes system regardless of which VM you 
are using..?

If I were to run something like

wget google.com

within "sys-net" terminal

Would that be protected by VT-D..?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/28354a3a-a7bc-4d91-8d21-76f4201f30e2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: How to attach Ethernet to a VM other than sys-net..?

2016-09-18 Thread neilhardley
Alright. 

I came to the conclusion that this is all a waste of time.

A hacker (especially nation state) would hack your main home router.

Then hack your endpoint laptop.

Then they can see that both are connected to a dedicated Tor router in the 
middle, through its MAC address or other identifier, such as device name.

So they can see that both are connected to the same dedicated Tor router, and 
thus, they can see who you are that way.

So unless you are confident that you can secure your main home router, then 
this idea of a dedicated Tor router is hopeless.

You would be better off using a QUBES live disc and ONLY use Tor from the very 
start.

As the internal NSA Snowden documents say, "one page request" is all it takes 
to hack you.. but note, they can only do this page request if you are actually 
connecting via your real IP address.

Therefore, use a QUBES live disc, use TOR ONLY (never mix it up with clearnet), 
and make sure your BIOS is freshly installed, and then just cross your fingers 
and hope you don't get hacked while using Tor browser. By all means, use 
NoScript etc.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/37ad9472-69d0-46fa-9502-73c4d3f9c8b8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: How to set up Internet Connection Sharing over USB..?

2016-09-14 Thread neilhardley
Alternatively, I could do this with Ethernet.

I know that you can right-click the network icon, click "edit connections", go 
to IPV4 settings, and edit it as network sharing for the WIRED connection.

However, this is only going to share the overall connection.

I am looking to explicitly share the Whonix/Tor connection only.

thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5d825c8f-a563-4bfd-8785-b0f5731117fd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Is there any way to mount a Qubes volume from an external drive..?

2016-09-14 Thread neilhardley
I'm not trying to mount the external HDD itself.

I'm trying to mount the Qubes installation it. The encrypted Qubes OS that I 
have installed on the drive. I want to somehow decrypt and read the data from 
that itself.

It's not a VM backup format. It's the actual hard drive for Qubes itself on an 
external HDD.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/18e995c3-fd41-49c8-b2b9-99076e8aa774%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] How to set up Internet Connection Sharing over USB..?

2016-09-14 Thread neilhardley
Is there any way to set up Internet Connection Sharing using USB..?

For example, with an Android phone, you can share its connection with a 
computer using so-called "tethering".

But I want to "tether" the Whonix VM's internet connection to another computer, 
using USB.

The purpose is to use Qubes as a dedicated Tor router, to take advantage of the 
VT-D protection, but then to use a separate computer to do web browsing, seeing 
as web browsers are so vulnerable, and I don't want Qubes to be hacked due to a 
web browser flaw. 

All I want to run on Qubes is Whonix VM and some kind of Internet sharing over 
USB.

How do I do this..?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/67657be0-a884-4b0e-8cc9-9ccc8ee7f5c4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Is there any way to mount a Qubes volume from an external drive..?

2016-09-13 Thread neilhardley
I have an external HDD with a Qubes installation on it, i.e Qubes installed 
direct to an external HDD.

I want to be able to get the data from it, but my laptop won't boot up the 
drive for some reason. Maybe it's a problem with my laptop, but either way, I 
can't seem to get it to boot.

However, when I plug in the HDD, I can see that the files are very much still 
on it... It has the EFI folder, and the main Qubes encrypted drive on there.

So, is there any way of mounting this HDD in Qubes..?

I have Qubes running now, but it's installed on the local disk.

I want to mount a Qubes installation from an external HDD.

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6c606b47-bdc1-4c13-8e28-1ae6b71b0ee0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Can DMA attacks work against Ethernet... or just WiFi/wireless...?

2016-09-12 Thread neilhardley
jkitt Yeah, I know that Ethernet is capable of DMA.

But DMA is different from a DMA Attack

A DMA attack is when a hacker exploits a software error in the Ethernet 
firmware, and uses that to take over the device and issue malicious DMA attacks.

So I guess I'm asking whether any such software errors have been found in 
Ethernet firmware before.

Things like you could get with ordinary software, like buffer overflow, heap 
overflow etc.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/753a71d6-451f-4b58-95f4-880f828d2b1e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: Does anyone use a dedicated Tor router box..?

2016-09-10 Thread neilhardley
It's true that MOST don't affect Qubes.

But just in the last 1 year, 2 Xen exploits have directly affected Qubes.

Hence, why they switched over to SLAT for QUBES 4.0.

So no.. Xen really is a very big issue for Qubes.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/525a6d90-50e5-4dd0-9a2a-ec9ab4ed6fef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Do Linux browser exploits exist..?

2016-09-10 Thread neilhardley
I've seen some dispute that a Linux browser exploit even exists.

Like, could you take Chrome or Firefox to a page, and then have a remote shell, 
that loads a file onto the hard drive to monitor everything?

I can do this with Metasploit on Windows, but I've actually seen a lot of 
people saying that it's not even possible on Linux.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/4f493648-b51b-4459-aee2-c2d80881913d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Does anyone use a dedicated Tor router box..?

2016-09-10 Thread neilhardley
Qubes is insecure due to Xen exploits.

Qubes tends to quickly patch the exploits, but we know how it works in the real 
world... nation states and other people buy up the exploits before they can get 
to the market.

I would also suggest that if you are using Qubes, this may even be a flag at 
somewhere like the NSA to target you for surveillance.

I could be wrong, but see the NSA Snowden documents mentioning "extremist" 
Tails OS.

So if you assume that simply using Qubes puts you on a nation state's attention 
list... then, at this point, the question is.. do you think the NSA has Xen 
exploits before everyone else finds out about them...?

Considering that Snowden is literally advertised on the Qubes home page, I 
would suggest the answer is "Yes" The NSA is now very likely spending money 
buying up Xen exploits and developing them themselves.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6947f09a-c605-417c-b591-ec2a2d85f90e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Does anyone use a dedicated Tor router box..?

2016-09-09 Thread neilhardley
Does anyone use a dedicated Tor router..?

The theory is, Tor is secure, but Firefox is not.

Therefore, you have 1 computer that runs Tor only, and a WiFi hotspot... 
Another computer runs Firefox and any other programs.

So long as the other computer connects to the Tor computer for network access, 
it doesn't matter if it gets hacked, because your real IP address never leaks.

Qubes implements this somewhat by separating the Whonix Net VM and App VM. 

However, the problem with Qubes, of course, is all the Xen exploits which make 
it insecure.

If you were hacked in Qubes, the hacker could easily then leak out your real IP 
address.

But if you were hacked behind a physical Tor box, your real IP can never leak, 
unless the Tor box itself can be compromised... And as far as we know, there 
are no exploits for the Tor network itself, only for Firefox.

I would use Qubes for the Tor box and the other box, if only for the VT-D 
protection, although maybe there are other free Linux OSs that have VT-D 
protection.

What do you think...? Has anyone tried doing this..? How did it work out...?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/99f09226-7eb1-48db-8927-a1809a4a0db1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] QUBES Windows Tools won't install

2016-08-22 Thread neilhardley
I remember when I first installed Windows Tools, I accidentally double-clicked 
it and it was installing 2 versions of it at the same time.

This may have been what screwed up network access.

It may not be a glitch with Windows Tools at all.

Can Windows Tools be removed and re-installed in Windows "Add/Remove Programs" 
or something like that..?

If not, I'll re-install my entire win7 again, and maybe this time it will work.

What Windows Tools may need... is a system to prevent the user accidentally 
installing it multiple times at the same time.

I had 2 installations of the exact same thing going at the same time. 

That's all I can remember doing wrong. This may not even be the reason at all. 
It's just my theory.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/72bec03a-33c8-4c38-9525-57de96f9f488%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] QUBES Windows Tools won't install

2016-08-21 Thread neilhardley
I installed it. Networking was working prior to Windows Tools. After installing 
it, the network no longer works.

"no network access" when you click the network icon in the taskbar.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/48fc8ee9-b59d-4069-a853-4e4b3090649d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] QUBES Windows Tools won't install

2016-08-21 Thread neilhardley
I have a Win7 machine running, but I need to install Windows Tools.

in dom0, I run

sudo qubes-dom0-update qubes-windows-tools

I get

"no package qubes-windows-tools available"

I am running QUBES 3.2-rc2

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9a2848f8-da8b-45af-8175-7e9f09a53f15%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Why does QUBES recommend SSD drives..?

2016-08-16 Thread neilhardley
The Qubes website recommends SSD drives.

Is there any particular reason..?

Does Qubes use read/write to the hard drive any more than Windows... to the 
point where it's going to cause drive failure a lot earlier..?

Or is it simply a speed thing..?

Or what.?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b674086e-3c4d-4adf-9b5a-d7da5a888cfa%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] What exactly is stored in an App VM backup..?

2016-08-14 Thread neilhardley
OK, that's really nice to know that startup scripts are not saved.

Really nice.

The thing about having to shut down the VM is still annoying though.

The other thing is, the progress bar for Qubes backups is very bad.. It stays 
at 0% for a long time, and then hours later, gets to 100%... There is not the 
kind of progressive movement that lets you know how long this is going to take.

Apart from that though.. at least it's secure. That's the main thing I care 
about.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/797de76c-76ee-44fb-8917-6a29ce3652a4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] What exactly is stored in an App VM backup..?

2016-08-14 Thread neilhardley
But presumably this private.img is going to include things like:

folder: /etc/init.d/

file: /etc/rc.local

things like this, which are used to do start-up scripts.

So anyone who hacked the VM might place some start-up scripts which link to 
malware stored on the machine.

So these are going to be backed up by the Qubes backup system.

This is why I thought it would be better to use an internal Fedora system to do 
the backup.

Doing this would also prevent you from having to shut down your VM in order to 
do the backup, which is a drain on productivity.

---

Or am I wrong here..? Would this somehow not back up any start-up scripts...?

Because that's what I'm worried about.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c45479a8-c541-47cc-a427-34d8d3379e3f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] What exactly is stored in an App VM backup..?

2016-08-14 Thread neilhardley
I want to know.. what exactly is stored in an App VM backup..?

When you back it up, and you have your single backup file, what is in that file?

Obviously, your personal files, like folder structure, Documents, Downloads, 
Music etc.

But how about programs..? Are programs stored in there, or are they only stored 
in the template VM..?

How about things like startup scripts, for example, a startup script that may 
load up a virus..? Or are those just in the template VM..?

I say this in terms of security... as to whether it is safe to back up an App 
VM... or whether it's safer to back up the files from within the App VM using 
some sort of Fedora tool...

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/2cf22885-9220-41e2-9a4a-5b6d529cf43e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Tool to record Whonix / Tor browsing history..?

2016-08-12 Thread neilhardley
I would like to be able to do something like:

1. Use Whonix/Tor as a disposable VM

2. Record browsing history using an external software

One of the reasons I don't use Tor that much (other than slow speed, captchas 
etc) is because I actually want to have a record of the websites I have visited.

We know that it could be risky to have the Tor browser itself record history, 
if it gets hacked.

But to have some tool running outside of the VM would be useful..

Is that possible..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/72cae3bb-8359-49b3-91db-12e3b9e12c2a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Question about Whonix / Tor Browser / exploits

2016-08-03 Thread neilhardley
So you're saying that you can run an entire Xen exploit without installing 
anything to the hard drive at all... Just purely run it in the RAM itself.

Wow.

And what do you think about Selfrando..?

Is this going to fix browser exploits once and for all, or will it just fall to 
hackers..?

https://blog.torproject.org/blog/selfrando-q-and-georg-koppen

"Selfrando randomizes Tor browser code to ensure that an attacker doesn't know 
where the code is on your computer. This makes it much harder for someone to 
construct a reliable attack--and harder for them to use a flaw in your Tor 
Browser to de-anonymize you."

http://news.softpedia.com/news/tor-browser-integrates-tool-to-fend-off-deanonymization-exploits-505418.shtml

"While ASLR takes code and shifts the memory location in which it runs, 
Selfrando works by taking each code function separately and randomizing the 
memory address at which it runs.

If the attacker cannot predict the memory position at which pieces of code 
execute, then they cannot trigger memory corruption bugs that usually allow 
them to run rogue code inside the Tor Browser"

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d402e4ba-03b6-45b8-a0e8-381198bedbfd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Question about Whonix / Tor Browser / exploits

2016-08-02 Thread neilhardley
I have a question about Whonix/Tor Browser exploits.

I have played around a bit with Metasploit to see how browser exploits work.

They basically rig a web page with exploits, and then it does what's known as 
"arbitrary code execution", to open up a "remote shell".

As far as I can tell.. the remote shell is running in the browser's RAM. They 
are essentially hi-jacking the browser's RAM, and using it to run their own 
remote shell.

The hacker then usually loads a file from the remote shell, onto the computer's 
hard drive, in order to obtain persistence... As soon as the browser tab 
closes, the remote shell is gone, hence why they need persistence.

So my question is about persistence.

Is it possible to simply remove the hard drive altogether from Whonix, to 
prevent them achieving persistence...?

I know that TAILS simply doesn't have a hard drive at all.

Would this be useful to have in Whonix..? To remove the hard drive altogether, 
perhaps in VM Settings in QUBES...?

Or is it possible to run a Xen exploit purely in the browser's RAM anyway...? 
Thus, they don't even need a hard drive because they can just run the exploit 
in RAM anyway...?

So the main question is really whether they can run the Xen exploit in RAM 
anyway or not If not, then surely removing the hard drive itself would 
be useful...?

Hopefully you understand my question.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6738a699-2afb-4a73-ade2-203608f142a8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Qubes VM Manager crashes on USB un-plug, "Houston, we have a problem"

2016-08-01 Thread neilhardley
Qubes VM Manager crashes on USB un-plug, "Houston, we have a problem"

I plug in a USB, then attack it as a block device to a VM.

Then I remove the USB device without first unmounting from within the VM

And then USB no longer works at all, and if I try to detach the block device, 
the VM manager crashes and we get "Houston, we have a problem" error message.

Sure, I can go into the VM in the first place, unmount it, and then detach the 
block device.

But sometimes I forget to do that

Other than restarting the entire OS... what can I do.?

It's really annoying having to restart the OS whenever I screw up and 
accidentally remove it without unmounting first.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0eee95c7-5321-4a08-9a0f-89a7b15bd351%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Qubes 3.2 rc2 has been released!

2016-07-29 Thread neilhardley
The QUBES website incorrectly lists the file size for 3.2-rc2

It still lists:

"4.8 GB (4,816,109,568 bytes)"

It's actually now small enough to fit within a DVD disc now. 3.92 GB

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3d427595-f9e7-4f4c-99d6-87346a41c898%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Will SLAT / EPT truly make QUBES 4.0 more secure..?

2016-07-28 Thread neilhardley
Based on 2 Xen exploits in just the last 1 year, QUBES 4.0 is moving over to 
using SLAT / EPT for memory isolation, and to using HVM/PVH rather than PV.

Certainly, in the last 2 Xen exploits, it has only affected PV and not HVM.

However, is it possible that using Intel's EPT is even riskier..?

Intel ME is said to be insecure by Joanna Rutkowska due to its insecure 
implementation, and not being able to look at the code, because it is 
closed-source.

Well, couldn't the same be said for Intel's EPT..? Surely this is closed-source 
too..? No..?

At least with Xen, we can actually see the code and fix the bugs, whereas 
surely with Intel we have no chance.

Or am I missing something here..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/fb61e544-740e-4e7a-a837-898e507d2711%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Question on creating USB qube

2016-07-28 Thread neilhardley
OK thanks for the explanation.

Let me follow up with another question.

Do I need to create a USB qube in order to take advantage of the VT-D/IOMMU 
protection for my internal WiFi chip... or is sys-net OK in that regard..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5dc5207a-ac2d-4360-935e-66f8ee07ae21%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Question on creating USB qube

2016-07-28 Thread neilhardley
I am installing QUBES 3.2 to a new laptop.

With the 1st option:

[X] "Create a USB qube holding all USB controllers (sys-usb) [experimental]"

There is then a 2nd option underneath:

[ ] "Use sys-net qube for both networking and USB devices"

Is it recommended to check the box for the 2nd option or not?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/f839361d-effb-4543-8fd2-8598398c40c7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Qubes 3.2 rc2 has been released!

2016-07-28 Thread neilhardley
Does this come with the newest Xen patch after the exploit yesterday?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3cfde5a7-d5b7-4bc5-94d2-0e918881c7b1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Live disc won't work

2016-07-27 Thread neilhardley
The QUBES 3.1 live disc won't work.

I wrote it to external USB HDD using Rufus and DD

It boots, and goes to the screen for starting it.

I start it up by pressing ENTER.

But then it says something about "FICO over-run" and just exits to BIOS.

What can I do to fix this..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/bdd55e01-56f7-4a05-9bf5-1df11eacc45c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Nautilus is broken

2016-07-26 Thread neilhardley
Surely cloning the template will just clone it with Nautilus still broken..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ee3ef7e4-c011-4bb6-ac9b-995f1cf9ddb8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Nautilus is broken

2016-07-26 Thread neilhardley
Nautilus is broken for me on the fedora-23 template

"nautilus: error while loading shared libraries: libicui18n.so.54: cannot open 
shared object file: No such file or directory"

I tried installing libicuil8n.so.54 in the template VM.

but it still has the same error message.

I did this after manually removing some packages, so this is definitely a screw 
up on my  part, and NOT a QUBES screw-up.

How can I get nautilus working again?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/25154dbb-b5d3-4e58-b4e5-ed094c8f649f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] QUBES 3.2 taskbar icons are useless - they only show padlock icon

2016-07-24 Thread neilhardley
How about just being able to group windows by VM..?

Is there any way to do that?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/46233098-93dd-47b3-804a-aaa65d78602c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] QUBES 3.2 taskbar icons are useless - they only show padlock icon

2016-07-24 Thread neilhardley
In QUBES 3.2, the taskbar icons don't show the application icon.

They only show a padlock, coloured in the colour of the VM.

Google Chrome doesn't show the Chrome logo. It just shows a padlock.

This makes it very hard to actually open a window, because I have to go through 
loads of them to even find the right window.

Is there any solution to this?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/cb635b92-128e-4726-b57f-bd95121477ec%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] MP3 support

2016-07-23 Thread neilhardley
Yeah. I have a major problem with VLC though.

Whenever I close VLC, it causes all the windows for App VM to disappear from 
the task bar.

Then when I open another app, they all come back.

It also disables all future VLC playback. Once I close VLC once, it never works 
again after, until I restart the App VM.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/85f0a062-f608-4f99-bc83-9be4e94a265f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Question on DMA attacks

2016-07-15 Thread neilhardley
Wow.. Thanks Marek... That was a very clear explanation of DMA attacks... The 
best that I've ever seen.

Perhaps this should even be posted somewhere on the QUBES website.

I think that's convinced me that I definitely need to get VT-D.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/f0d29dbd-cd47-4191-9048-c4ce0699ce23%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Question on DMA attacks

2016-07-14 Thread neilhardley
So essentially, this is isolating the network card/Wifi from dom0..

Just like you create a USB qube, to isolate USB from dom0

But still.. no one has ever shown a proof of concept for this... You see plenty 
of videos of people exploiting browsers with Metasploit... but no videos of 
anyone doing DMA attacks

Still, I take Joanna's word for it that it's a real thing. 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b3488f64-b5da-4581-a77f-972225ad7bd2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Question on DMA attacks

2016-07-14 Thread neilhardley
Oh OK. I see you have now updated with a new answer.

"The main benefit would be to try and prevent dma attacks from the network card 
and the netvm,   which receives all the packets from the internet"

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c59266e7-0738-4ed0-af25-90996a5d1322%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: Question on DMA attacks

2016-07-14 Thread neilhardley
But it's still not clear how these malicious packets can be sent to the network 
card can these be sent after compromising an App VM (via something like a 
browser exploit)...?? 

Or can they be sent just purely over the internet itself to any device 
connected to the web...? Directly send packets just over the web?

Or does it require attacking the Net VM, and not just the App VM... however 
that would be done...?

I'm just trying to figure out FROM WHERE the network card could be attacked.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/24ed289e-dec9-4d6e-86b8-14763a5bcf37%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Attaching USB bus/device to VM.. What happens next?

2016-07-13 Thread neilhardley
Am I supposed to attach this Device before or after the VM has started..?

The problem is... when I assign it, I get this error message:

"Error starting VM. Requested operation is not valid. PCI device :00:1a.0 
is in use by driver xenlight", domain test"

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5e0acfe8-ec35-4631-b74b-d3c05d984011%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Attaching USB bus/device to VM.. What happens next?

2016-07-13 Thread neilhardley
So, let's say I follow the steps to attach my USB bus to a VM.

I go into VM Settings and see that it's attached.

What next..?

Where do I actually find the attached USB devices..?

Let's say that I have a USB disk plugged in. Where would I actually now find 
this device in the VM...?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c24348ed-5363-477d-ba4b-4f990cf8de7f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Buying new laptop.. What check should I do in-store..?

2016-07-12 Thread neilhardley
I have QUBES running now, but my processor only has VT-X, and not VT-D.

So I'm thinking about buying a new laptop just to get VT-D.

I want to go into a physical store and try out the live USB for 3.1.. just to 
make sure that everything is working before I buy the laptop.

My question is... what checks should I do in-store..? 

What do you consider a full list of things that I should check for QUBES 
compatibility...?

Obviously, check VT-X and VT-D.

Check whether Wifi works, sound works.

etc etc

I just wonder what you consider a full list of things to check.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/bbe1cf8b-d21a-470e-92a9-50f8b66ee3a9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Question on SECURITY of WHONIX VM

2016-07-12 Thread neilhardley
I have a question about the security of Whonix, which is used as the Tor VM in 
QUBES 3.2.

My question is... we know that the Tor Browser can be hacked, mainly based on 
Firefox exploits.

So it's very possible that when I'm using Whonix, the Tor Firefox browser gets 
hacked.

So when this happens, and I restart the Whonix VM... is the hack now gone, or 
is it persistent..?

In other words, does the App VM load the browser itself from the Whonix 
template...? 

Or, does the browser itself reside in the App VM..?

Presumably, if the browser is in the App VM, then the hack is persistent, and I 
would have to create the App VM all over again in order to clean it up.

But if it's in the template VM, then it's wiped clean whenever you restart the 
App VM.

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/98ccf160-e3a8-4300-9fd1-299ac51ac05a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Question about the SECURITY of backing up QUBES.

2016-07-11 Thread neilhardley
Is it possible that someone who compromised QUBES, could re-write the AppVM in 
a way that whenever it is loaded up, it re-infects the entire system all over 
again...?

In that case, the only safe thing would be to manually back up the files within 
the AppVM with some sort of Fedora backup tool.

Or is that not an issue... and it's safe to just back up the entire AppVM using 
the QUBES tool...?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/4d8500bf-e231-4bd6-bb7d-e70791d65e2e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Question about the SECURITY of backing up QUBES.

2016-07-11 Thread neilhardley
I have a question about the security of backing up QUBES.

I see that the VM backup procedure lets you back up both template VMs and App 
VMs, as well as dom0.

The question is... let's say that we find out about another Xen escape, like 
the one from October 2015.

At this point, surely we now the consider that the entire system was 
compromised.

So let's then say that we download an entirely new version of QUBES, and 
upgrade to the latest Xen before doing anything else.

What is then the backup procedure for templates and App VMs..?

Surely this means that it's not safe to restore the backed up VMs.. seeing as 
they were present on the old compromised machine?

Or what..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b6e2f5a0-d6aa-49da-80b7-c90a89d7b2ae%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-11 Thread neilhardley
I have to say from a user experience... figuring that all out was hell.

When you look at what I did.. I essentially added 2 main bits to the code

mapbs=1
noexitboot=1 

I really just wonder.. if there's any reason QUBES developers couldn't just add 
these 2 lines themselves, so that the user doesn't have to do it.

I'm not an expert at all, so I could be totally wrong but I really wonder

Do any devs know the answer to this..?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d992b417-7e2b-4742-a374-13e52df9e018%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
It may be possible that I'm following the EUFI guidelines incorrectly.

Replace existing Qubes entry with modified one. Replace  with entry number 
from previous step, /dev/sda with your disk name and -p 1 with /boot/efi 
partition number):

With this for example.. how am I supposed to know the /boot/efi partition 
number...? What would the number usually be? 

I have no clue.. errgh. Just my guess... I think I'll leave this one to the 
experts I am very confused.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/513000c6-f95f-4344-bb88-42f543f3b018%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
OK... This is what I get

ubuntu@ubuntu:~$ sudo mount /dev/sda1 /mnt
ubuntu@ubuntu:~$ sudo mount /dev/sda2 /mnt
mount: block device /dev/sda2 is write-protected, mounting read-only
NTFS signature is missing.
Failed to mount '/dev/sda2': Invalid argument
The device '/dev/sda2' doesn't seem to have a valid NTFS.
Maybe the wrong device is used? Or the whole disk instead of a
partition (e.g. /dev/sda, not /dev/sda1)? Or the other way around?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3c3c6c4f-2ce1-4173-aa33-a9dc6a95aa33%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
One thing I notice is that I used to be able to press F12, and get the HDD as a 
boot option.

Now it's just missing altogether.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/dd06b03a-d493-416b-9b6d-b0fd599c456c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
In the installer, it shows the USB external HDD, and the local HDD.

I am currently in a Ubuntu live disc, and in the partition manager, it shows

partition -- file system -- size -- used -- flags

/dev/sda1 -- ext4 -- 500MB -- 155.12MB -- boot

/dev/sda2 -- crypt-luks -- 698.15GB -- N/A -- N/A

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6eb0265c-03bf-4860-b78b-fc6b4d0d3be0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
It was all disabled from the start.

It simply will not work.

As I say, it can install to an external HDD just fine. Just not the local drive.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d3305aa9-e981-4297-916c-369e0ebeebd0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


  1   2   >