Re: [qubes-users] Re: Please help, can't get into Qubes

On 11/12/2016 04:32 AM, Sec Tester wrote: > On Saturday, 12 November 2016 06:39:50 UTC+10, Fred wrote: >> I made a change to the PCI devices for the sys-net VM and now >> Qubes hangs on boot when starting this vm. >> >> I've tried using the installation image to get to system rescue via >> the tr

Re: [qubes-users] Re: #2 .odt files and LibreOffice Install

sudo dnf install libreoffice yielded the following results, despite multiple attempts: Error: Error downloading pachages: Cannot download l/libreoffice-core-5.0.6.2-10.fc23.x86_64.rpm: All mirrors were tried Additionally, in the Software applicaton, LibreOffice is missing, including when I sea

Re: [qubes-users] Re: #2 .odt files and LibreOffice Install

Your trying to modify the fedora-23 template correct? Is sys-firewall specified as its net VM? If not, set the fedora-23 template NetVM to sys-firewall. Then try "sudo dnf install libreoffice" Do your other app VM's have internet access? If not. Does sys-firewall have sys-net set as its "NetVM"?

Re: [qubes-users] Leak Problems with VPN ProxyVM + AirVPN & Network lock

> I would also advise users *not* to > rely on firewall settings in Qubes Manager/VM Settings as the options > are too limited to stop compromised VMs that are supposed to be confined > to the VPN tunnel from leaking data to clearnet (e.g. a hostile access > point or other upstream node) regardles

Re: [qubes-users] Re: #2 .odt files and LibreOffice Install

>Your trying to modify the fedora-23 template correct? Yes. >Is sys-firewall specified as its net VM? Yes. >Do your other app VM's have internet access? Yes. >Does sys-firewall have sys-net set as its "NetVM"? Yes. >Sys-net and Sys-firewall pings to Google both were successful. >After restarting Qu

[qubes-users] Re: Thoughts on Qubes OS Security... Could be improved.

Some examples of Default Root access possibly being exploited in Qubes. === Looks like the DRAMA attack would require root access in VM, to compromises Qubes shared memory "taskset 0x2 sudo ./measure -p 0.7 -s 16." https://groups.google.com/forum/#!topic/qubes-users/qAd8NxcJB3I

[qubes-users] proper way to autostart script in dom0

Hello, I looked on various old threads and there is mentioned a ~/.config/autostart, so I tried in dom0 using Qubes 3.2 cp myfile.sh ~/.config/autostart but after rebooting nothing is autostarted. The script is simply for starting various applicaions and settings in VMs and works well with ./my

Re: [qubes-users] Re: #2 .odt files and LibreOffice Install

Im not sure about the kernel problem, maybe one of the Qubes team will have advice on that, post the error log if you can find it. One other small thing that you've probably tried. sudo dnf upgrade Good luck -- You received this message because you are subscribed to the Google Groups "qubes-

[qubes-users] Re: some trouble installing qubes on a macbook air. please help

Just a suggestion. In bios try differnt settings. Maybe change hard drive from ahci to ide or legacy of vise versa. In my bios i had to change from uefi before i could even get to the install menu. -- You received this message because you are subscribed to the Google Groups "qubes-users" gro

Re: [qubes-users] VPN proxyVM iptables Quick Question!

On 11/11/2016 06:32 PM, 3n7r0...@gmail.com wrote: I followed the Qubes VPN documentation to set up a non-Qubes VPN proxyVM + added in Qubes default firewall rules. "non-Qubes" I don't know what that means? myproxyVM connected to internet on eth0. connected to on eth1. vpn is tunneled on tun

[qubes-users] Re: proper way to autostart script in dom0

maybe it needs to be made exacutable.. from the directory of file in terminal sudo chmod +x /the/directory/of/file/filename.sh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send

Re: [qubes-users] Re: #2 .odt files and LibreOffice Install

Can someone provide me with the terminal commands (from template: fedoara-23) to receive the downloaded LibreOffice install file (LibreOffice_5.2.3_Linux_x86-64_rpm.tar.gz) from the [work: web browser], and then run the installation script? Alternatively, could you provide the terminal commands

Re: [qubes-users] Leak Problems with VPN ProxyVM + AirVPN & Network lock

11. Nov 2016 12:20 by sectesting0...@gmail.com: > I have successfully applied the setup and scripting in > > https://www.qubes-os.org/doc/vpn > > No more DNS leaks. > Quite some time ago I created a number of proxyVMs us

Re: [qubes-users] Re: Please help, can't get into Qubes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sat, Nov 12, 2016 at 09:27:13AM +0100, Alex wrote: > On 11/12/2016 04:32 AM, Sec Tester wrote: > > On Saturday, 12 November 2016 06:39:50 UTC+10, Fred wrote: > >> I made a change to the PCI devices for the sys-net VM and now > >> Qubes hangs on b

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Fri, Nov 11, 2016 at 07:21:18PM -0800, Sec Tester wrote: > So Im still new to Qubes, but after going through a bit of a learning curve, > building & customizing VM's to suit my security needs, I have a few thoughts > on its security. > > Firstl

Re: [qubes-users] proper way to autostart script in dom0

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sat, Nov 12, 2016 at 09:55:44AM -0300, Franz wrote: > Hello, > > I looked on various old threads and there is mentioned a > ~/.config/autostart, so I tried in dom0 using Qubes 3.2 > > cp myfile.sh ~/.config/autostart > > but after rebooting not

Re: [qubes-users] VPN proxyVM iptables Quick Question!

Chris Laprise: > On 11/11/2016 06:32 PM, 3n7r0...@gmail.com wrote: >> I followed the Qubes VPN documentation to set up a non-Qubes VPN proxyVM + >> added in Qubes default firewall rules. > > "non-Qubes" I don't know what that means? > I replicated the VPN proxyVM rules (including DNS PREROUTING

[qubes-users] Re: Qubes Windows Tools 3.2.2-3 released

On Saturday, October 22, 2016 at 9:26:08 AM UTC-4, omeg wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Hi all, > > We uploaded a new version of Qubes Windows Tools (3.2.2-3) to the > current-testing repository. > > Changelog: > - - Updated Xen PV drivers to be in line with upstre

[qubes-users] VM label icons

AM new user - just finding my way around. On all VM's that I open, the label heading is clear and bold (obviously less so when inactive) but the icons (eg minimise, maximise, close etc) are all very faint. (barely visible) Am sure there just be a way to enhance them (screen examples from online

Re: [qubes-users] VM label icons

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sat, Nov 12, 2016 at 10:38:41AM -0800, longridge wrote: > AM new user - just finding my way around. > > On all VM's that I open, the label heading is clear and bold (obviously less > so when inactive) but the icons (eg minimise, maximise, close

[qubes-users] Use YubiKey for Anti-Evil-Maid?

Is there any way to use a YubiKey for Anti-Evil-Maid, instead of just a regular USB flash drive? I imagine (though I will be the first to say that I don't know), that the firmware on it is much less resistant to compromise/BadUSB attacks, and since it crypto something something, it seems a natur

Re: [qubes-users] Leak Problems with VPN ProxyVM + AirVPN & Network lock

On 11/12/2016 10:40 AM, hed...@tutanota.com wrote: 11. Nov 2016 12:20 by sectesting0...@gmail.com : I have successfully applied the setup and scripting in https://www.qubes-os.org/doc/vpn No more DNS leaks. Quit

Re: [qubes-users] Leak Problems with VPN ProxyVM + AirVPN & Network lock

On 11/12/2016 06:26 AM, David Hobach wrote: > I would also advise users *not* to > rely on firewall settings in Qubes Manager/VM Settings as the options > are too limited to stop compromised VMs that are supposed to be confined > to the VPN tunnel from leaking data to clearnet (e.g. a hostile ac

[qubes-users] Genymotion in Qubes

Good day I want to install an android emulator in Qubes and reading some review, Genymotion is the best. The issue is that it run in Virtualbox, how can I install it in Qubes? Thanks -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

On 11/11/2016 10:21 PM, Sec Tester wrote: So Im still new to Qubes, but after going through a bit of a learning curve, building & customizing VM's to suit my security needs, I have a few thoughts on its security. Firstly I really love the direction Qubes has taken the future of operating syst

Re: [qubes-users] [feature request] Shutdown template after update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Tue, Nov 08, 2016 at 01:07:38AM -0800, Andrew David Wong wrote: > On 2016-11-07 10:05, Eva Star wrote: > > After template updated ask user at the console to shutdown current template. > > > > "Shutdown current template [Y/n]" > > > > Currently

Re: [qubes-users] Leak Problems with VPN ProxyVM + AirVPN & Network lock

12. Nov 2016 20:39 by tas...@openmailbox.org: > > By 'template' you mean the setup at my github repo? If you look closely, they > are 90% the same except the doc version uses rc.local to start the client and > the one on github creates a systemd service for it. What makes it look > simpler

Re: [qubes-users] Use YubiKey for Anti-Evil-Maid?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-11-12 12:07, Eric wrote: > Is there any way to use a YubiKey for Anti-Evil-Maid, instead of just a > regular USB flash drive? AFAIK, yes, but I haven't personally tried it, since I don't own a YubiKey. > I imagine (though I will be the fir

Re: [qubes-users] Re: #2 .odt files and LibreOffice Install

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-11-12 04:28, 'IntersolarMN' via qubes-users wrote: >> Your trying to modify the fedora-23 template correct? Yes. >> Is sys-firewall specified as its net VM? Yes. >> Do your other app VM's have internet access? Yes. >> Does sys-firewall have s

[qubes-users] Screen blanks instead of power off

I have tried all the options in the power control menu but my screen still doesn't turn off it just disconnects the output so the screen will say "NO VGA/DVI DETECTED" when power save mode turns on. Ideas? -- You received this message because you are subscribed to the Google Groups "qubes-use

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

Hi Marek, >On Sunday, 13 November 2016 03:33:50 UTC+10, Marek Marczykowski-Górecki wrote: > > They have basically said, Elite hackers can gain root, so lets just not > > even bother with this foundational layer of security. > > The point is _if_ someone is able to run arbitrary code as user, he

[qubes-users] Re: Genymotion in Qubes

Nice question. I would also like to know. Have you setup a Win7 HVM? This maybe be the best place to try setup Genymotion. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an

Re: [qubes-users] Re: #2 .odt files and LibreOffice Install

Can someone provide me with the terminal commands (from template: fedoara-23) to receive the downloaded LibreOffice install file (LibreOffice_5.2.3_Linux_x86-64_rpm.tar.gz) from the [work: web browser] Downloads, and then run the installation script? Alternatively, could you provide the termi

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

On 11/12/2016 07:48 PM, Sec Tester wrote: Hi Marek, On Sunday, 13 November 2016 03:33:50 UTC+10, Marek Marczykowski-Górecki wrote: They have basically said, Elite hackers can gain root, so lets just not even bother with this foundational layer of security. The point is _if_ someone is able

Re: [qubes-users] Leak Problems with VPN ProxyVM + AirVPN & Network lock

On 11/12/2016 05:47 PM, hed...@tutanota.com wrote: I guess the question still stands: is the latest version materially superior to the March 2015 version? (And enough to want to re-create over a dozen proxyVMs?) Yes, the VPN doc method is better in the sense that it separates packets genera

[qubes-users] Fedora 24 template available for Qubes 3.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi all, Fedora 24 template is now available for direct installation. This means there are now two ways to have it on Qubes 3.2 system: 1. Upgrade existing Fedora 23 template according to this instruction: https://www.qubes-os.org/doc/fedora-te

[qubes-users] Re: Fedora 24 template available for Qubes 3.2

NICE!! Any specific improvements or fixes running Fedora-24? I noticed F-23 seemed to have trouble playing flash videos for me. F-24 Min template coming? A Deb-8 min template would also be nice :) -- You received this message because you are subscribed to the Google Groups "qubes-users" group

Re: [qubes-users] Re: Fedora 24 template available for Qubes 3.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sat, Nov 12, 2016 at 08:01:37PM -0800, Sec Tester wrote: > NICE!! > > Any specific improvements or fixes running Fedora-24? Nothing specific to Qubes, see upstream release notes for non-Qubes changes: https://docs.fedoraproject.org/en-US/Fedora/

Re: [qubes-users] Arch-template and Firefox (49.0.2)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, Nov 10, 2016 at 02:21:38PM +0100, Marek Marczykowski-Górecki wrote: > On Thu, Nov 03, 2016 at 08:17:18PM +0100, Achim Patzner wrote: > > Hi! > > > > > > I just tried moving my main working environments from the Fedora > > template to Arch.

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

> > This might add significant time to the install, but could be a tick box > > option, with a note about extra time. > > I think a better practice along these lines is to supply the additional > packages needed to create a desktop-friendly template... alongside the > minimal template. This wo

Re: [qubes-users] Re: Genymotion in Qubes

Sec Tester: > pl1...@sigaint.org: >> Good day >> I want to install an android emulator in Qubes and reading some review, >> Genymotion is the best. The issue is that it run in Virtualbox, how can I >> install it in Qubes? >> >> Thanks >> > Nice question. I would also like to know. > > Have you s

Re: [qubes-users] Re: Fedora 24 template available for Qubes 3.2

> Yes, it is also available - as noted in the message. And i read too quickly, doh :o) Look forward to taking 24 for a spin. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send

Re: [qubes-users] Re: #2 .odt files and LibreOffice Install

you want to copy the file from your work VM to the fedora-23 template and then install all with terminal? 1)open terminal in your workVM 2)ls (useful to lists directories/files) 3)cd Downloads (or where ever you saved it) 4)qvm-copy-to-vm "DestinationVM" filename https://www.qubes-os.org/doc/vm-

Re: [qubes-users] Leak Problems with VPN ProxyVM + AirVPN & Network lock

13. Nov 2016 02:54 by tas...@openmailbox.org: > On 11/12/2016 05:47 PM, > hed...@tutanota.com> wrote: >> >> I guess the question still stands: is the latest version materially superior >> to the March 2015 version? (And enough to want to re-create over a dozen >> proxyVMs?) > > Yes, the VPN do