Permit me to ask two questions?
1) I was reading this
-----
https://security.stackexchange.com/questions/151300/what-is-the-safest-way-to-deal-with-loads-of-incoming-pdf-files-some-of-which-c
(Credits: Micah Lee)
What's that “Convert to Trusted PDF” you were talking about?
Let's say you found an interesting document, and let's say that you had
an offline virtual machine specifically dedicated for storing and
opening documents. Of course, you can directly send that document to
that VM, but there could still be a chance that this document is
malicious and may try for instance to delete all of your files (a
behavior that you wouldn't notice in the short-lived DisposableVM). But
you can also convert it into what's called a ‘Trusted PDF’. You send the
file to a different VM, then you open the file manager, navigate to the
directory of the file, right-click and choose “Convert to Trusted PDF”,
and then send the file back to the VM where you collect your documents.
But what does it exactly do? The “Convert to Trusted PDF” tool creates a
new DisposableVM, puts the file there, and then transform it via a
parser (that runs in the DisposableVM) that basically takes the RGB
value of each pixel and leaves anything else. It's a bit like opening
the PDF in an isolated environment and then ‘screenshoting it’ if you
will. The file obviously gets much bigger, if I recall it transformed
when I tested a 10Mb PDF into a 400Mb one. You can get much more details
on that in this blogpost by security researcher and Qubes OS creator
Joanna Rutkowska.
[https://theinvisiblethings.blogspot.nl/2013/02/converting-untrusted-pdfs-into-trusted.html]
------
Upon reading it on the suggested sequence of opening random/all PDFs,
maybe , people vary their sequence.
It sounds like in say my Whonix Anon-appvm , I d/l a PDF, is it then
suggested I copy this PDF to a , what, PDF dedicated AppVM 1st,
Before doing a “Convert to Trusted PDF” on the PDF file ?
This would add a step to the much faster, just “Convert to Trusted
PDF” from the actual Anon-Whonix AppVM
2)
Do folks typically backup their Template VMs ? as I noticed they
aren't set up by default to backup ?
and/or what is the thinking behind backing up various VMs ? I guess the
ones that have been the most modified eg the AppVMs ? I have 1 very
large 20 gigabyte VM with old videos/pictures on it, do I back that
one up ? for example?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/5d7631b1-9885-ec62-abe9-4ee4c20f82a6%40riseup.net.
For more options, visit https://groups.google.com/d/optout.
