[qubes-users] Re: Restoring VM causes drive to fill but it isn't full..

On Monday, 14 November 2016 17:19:43 UTC+11, Drew White wrote: > Hi folks, > > > I'm trying to restore a guest. > I have / which has 2.1 GB free. (The root drive where things exist) > Then I have my /var/lib/qubes with 78 GB free. (drive which contains all my > Guests) > > I try to restore a

[qubes-users] Re: Installing VPN in Qubes Versus VPN on a Router

I guess the main benefit to having VPN on router is it takes that overhead off the PCs CPU & memory. But the paper is right, a lot of network hardware is backdoored. Especially the cisco stuff. And im suspicious of the Chinese stuff too. We should endeavor to run open source routers. But im

Re: [qubes-users] [feature request] Shutdown template after update

Am 10.11.2016 um 00:24 schrieb Marek Marczykowski-Górecki: > On Tue, Nov 08, 2016 at 10:37:02PM +0100, Achim Patzner wrote: > > Maybe I should have added the (obviously in my eyes obvious) argument: > > The current update-procedures are launched by a GUI-application and then > > open a window that

Re: [qubes-users] [feature request] Shutdown template after update

Am 10.11.2016 um 12:43 schrieb Eva Star: >> I hope I'm not too offtopic but a gui option to shut down multiple vms at >> once would be cool. > `qvm-shutdown --all --wait` -- will shutdown all VMs (if it helps) Multiple, not all. Select multipel lines and then get a pop-up option "shut these

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

Ideally you would want a blob free coreboot system with no Intel ME or AMD PSP type backdoors. https://www.coreboot.org/Binary_situation Intel is actively trying to nerf free software with Boot Guard/ME, if you buy a computer with those features it isn't really your computer. A backdoor in a

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

Am 13.11.2016 um 14:22 schrieb hed...@tutanota.com: > 13. Nov 2016 08:48 by amad...@riseup.net : > > We see much correspondence in these forums about installing a VPN > within Qubes. Surely, the most secure place for VPN is to install > on a Router? > You

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

13. Nov 2016 16:01 by no...@noses.com: > > Am 13.11.2016 um 14:22 schrieb > hed...@tutanota.com> : > > >> 13. Nov 2016 08:48 by >> amad...@riseup.net>> : >> > Thoughts on thispaper and it's conclusions are welcomed > >> > > There

Re: [qubes-users] Problems with Qubes setup with AMD GPU (r9 290)

On 11/11/2016 07:14 AM, panecond...@gmail.com wrote: Hey there, I am currently trying to get a live usb drive of Qubes running but the OS freezes after the first login prombt. I since tried to get several linux based live systems (e.g. Tails, regular Debian) running, but all fail right after

Re: [qubes-users] Re: Intel TXT advice

On Tuesday, February 23, 2016 at 1:54:30 AM UTC-8, Marek Marczykowski-Górecki wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On Tue, Feb 23, 2016 at 04:11:55AM +, Rusty Bird wrote: > > marmarek: > > > On Mon, Feb 22, 2016 at 08:52:43PM +, Rusty Bird wrote: > > >> Though

Re: [qubes-users] Fedora 24 template available for Qubes 3.2

On 2016-11-13 03:52, Marek Marczykowski-Górecki wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi all, Fedora 24 template is now available for direct installation. This means there are now two ways to have it on Qubes 3.2 system: 1. Upgrade existing Fedora 23 template according to

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

VT-d is intels marketing term for IOMMU, you can buy an AMD system that has IOMMU (AMD-Vi) (but not FM2/AM4 as that has PSP). Qubes needs IOMMU not "VT-d" You can use a VMM with a pfsense VM and separate driver domains for the network interfaces, qubes isn't a router operating system...

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

taii...@gmx.com: > VT-d is intels marketing term for IOMMU, you can buy an AMD system > that has IOMMU (AMD-Vi) (but not FM2/AM4 as that has PSP). Qubes > needs IOMMU not "VT-d" Thanks for reply. I understood this previously but I'm not familiar with AMD's offerings and didn't realize they had a

Re: [qubes-users] Re: Intel TXT advice

On Sunday, November 13, 2016 at 5:01:59 PM UTC-8, entr0py wrote: > Eric: > > Just bought a laptop with a Skylake processor for running Qubes, and from > > looking around on Intel's website it appears that no Skylake Core-branded > > processors support Intel TXT. Any point in running

Re: [qubes-users] Re: Fedora 24 template available for Qubes 3.2

On Sun, 13 Nov 2016 12:30:25 -0800 (PST), Grzesiek Chodzicki wrote: > W dniu niedziela, 13 listopada 2016 20:54:06 UTC+1 użytkownik yaqu > napisał: > > > > It looks like you do not have this package installed (or you have > > executed this command in VM instead of

Re: [qubes-users] Fedora 24 template available for Qubes 3.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sun, Nov 13, 2016 at 11:12:34PM +, Gaijin wrote: > I have several templates based on Fedora 23 where I've installed various > software. When I follow the manual upgrade instructions the update proceeds > without error. However, when I get to

Re: [qubes-users] Re: Intel TXT advice

Eric: > On Tuesday, February 23, 2016 at 1:54:30 AM UTC-8, Marek Marczykowski-Górecki > wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA256 >> >> On Tue, Feb 23, 2016 at 04:11:55AM +, Rusty Bird wrote: >>> marmarek: On Mon, Feb 22, 2016 at 08:52:43PM +, Rusty Bird wrote:

[qubes-users] Lenovo ThinkPad T460s 20FAS5WM00

m. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f34a4ca4-44f9-daa5-a06d-f2f14bc83ffd%40riseup.net. For more options, visit https://groups.google.com/d/optout. Qubes-HCL-LENOVO-20FAS5WM0

Archlinux template – dend early Christmas gifts to Marek ASAP! Re: [qubes-users] Arch-template and Firefox (49.0.2)

> qubes-template-archlinux package is available qubes-templates-community > repository! Make a wish 8-). But watch the movie “Wishmaster” first to see why getting more Genies is not a good idea. > I haven't tested it in any way. It include only what builder-archlinux > scripts does > - test

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

13. Nov 2016 08:48 by amad...@riseup.net: > We see much correspondence in these forums about installing a VPN within > Qubes. Surely, the most secure place for VPN is to install on a Router? > I say these things after reading the following paper [ > >

Re: [qubes-users] dom0 window manager style

Den 2016-11-13 kl. 20:49, skrev cubit: > I have a really stupid question. I was looking at dom0's window manager > settings and changed the style and now I can not find the one that Qubes > uses by default. Can anyone know what it is called or how to get it > back, I've gone though the list and

Re: [qubes-users] Re: Fedora 24 template available for Qubes 3.2

W dniu niedziela, 13 listopada 2016 20:54:06 UTC+1 użytkownik yaqu napisał: > On Sun, 13 Nov 2016 11:23:35 -0800 (PST), Grzesiek Chodzicki > wrote: > > > Following error message is printed after running sudo dnf remove > > qubes-template-fedora-23: "No match for

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

taii...@gmx.com: > Ideally you would want a blob free coreboot system with no Intel ME or AMD > PSP type backdoors. > https://www.coreboot.org/Binary_situation > Intel is actively trying to nerf free software with Boot Guard/ME, if you buy > a computer with those features it isn't really your

[qubes-users] dom0 window manager style

I have a really stupid question.  I was looking at dom0's window manager settings and changed the style and now I can not find the one that Qubes uses by default.   Can anyone know what it is called or how to get it back, I've gone though the list and nothing looks similar and yes I have tried

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

W dniu niedziela, 13 listopada 2016 21:39:29 UTC+1 użytkownik entr0py napisał: > taii...@gmx.com: > > Ideally you would want a blob free coreboot system with no Intel ME or AMD > > PSP type backdoors. > > https://www.coreboot.org/Binary_situation > > Intel is actively trying to nerf free software

Re: [qubes-users] VM label icons

Thanks for comments. I'd tried a few "styles" but must they had little effect - so I assumed there was another problem! Around 30% of styles seem very faint - but fortunately the rest seem fine. Must have been unlucky with original choices. I know it's a trivial issue - but it was good to get a

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sat, Nov 12, 2016 at 08:40:26PM -0800, Sec Tester wrote: > > > > This might add significant time to the install, but could be a tick box > > > option, with a note about extra time. > > > > I think a better practice along these lines is to

Re: [qubes-users] R3.2, xfce, resume and changing resolution issues

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Mon, Nov 07, 2016 at 11:04:20AM +0100, yaqu wrote: > On Sun, 6 Nov 2016 19:34:30 -0800, Andrew David Wong > wrote: > > > > Now icons are not accessible. To fix it one needs to turn LCD off > > > and on: > > > > > >

Re: [qubes-users] Re: #2 .odt files and LibreOffice Install

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sat, Nov 12, 2016 at 09:30:07PM -0800, Sec Tester wrote: > you want to copy the file from your work VM to the fedora-23 template and > then install all with terminal? > > 1)open terminal in your workVM > 2)ls (useful to lists directories/files)

[qubes-users] Re: Fedora 24 template available for Qubes 3.2

W dniu niedziela, 13 listopada 2016 05:01:37 UTC+1 użytkownik Sec Tester napisał: > NICE!! > > Any specific improvements or fixes running Fedora-24? > > I noticed F-23 seemed to have trouble playing flash videos for me. > > F-24 Min template coming? > A Deb-8 min template would also be nice :)

Re: [qubes-users] dom0 window manager style

13. Nov 2016 19:52 by qu...@axenhus.com: > If you're using XFCE I think it's Nodoka. (That's what I got anyway.) That was it! I guess I skipped over that. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group

Re: [qubes-users] Re: Fedora 24 template available for Qubes 3.2

On Sun, 13 Nov 2016 11:23:35 -0800 (PST), Grzesiek Chodzicki wrote: > Following error message is printed after running sudo dnf remove > qubes-template-fedora-23: "No match for argument: > qubes-template-fedora-23 Error: No packages marked for removal." It looks

[qubes-users] selfsecure systems - redunancy?

Hello, due to this artical https://nakedsecurity.sophos.com/2016/10/19/linux-kernel-bugs-we-add-them-in-and-then-take-years-to-get-them-out/ Linux bugs are expoitable for ca. 1-2 years, until they are fixed. Selfsecure Sytems are running redudant subsystems Will it be possible to run to

Re: [qubes-users] Re: Installing VPN in Qubes Versus VPN on a Router

On 11/13/2016 04:38 AM, Sec Tester wrote: I guess the main benefit to having VPN on router is it takes that overhead off the PCs CPU & memory. But the paper is right, a lot of network hardware is backdoored. Especially the cisco stuff. And im suspicious of the Chinese stuff too. We should

Re: [qubes-users] Re: Intel TXT advice

On 11/13/2016 08:36 PM, Eric wrote: On Sunday, November 13, 2016 at 5:01:59 PM UTC-8, entr0py wrote: Eric: Just bought a laptop with a Skylake processor for running Qubes, and from looking around on Intel's website it appears that no Skylake Core-branded processors support Intel TXT. Any

[qubes-users] A really nice guide on installing Coreboot on a X220 with a Raspberry Pi

https://tylercipriani.com/blog/2016/11/13/coreboot-on-the-thinkpad-x220-with-a-raspberry-pi/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] A really nice guide on installing Coreboot on a T420 with a Raspberry Pi

https://tylercipriani.com/blog/2016/11/13/coreboot-on-the-thinkpad-x220-with-a-raspberry-pi/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

On 11/12/2016 03:21 AM, Sec Tester wrote: > SELinux or AppArmor. SELinux would be absofuckinglutely great. Confined apps like Firefox would run much more securely. I got one DispVM owned by an attacker at Defcon in 2014. Isolation was nice to have because the machine didn't get owned, but the

Re: [qubes-users] Thoughts on Qubes OS Security... Could be improved.

On Sunday, November 13, 2016 at 7:51:09 PM UTC-8, Manuel Amador (Rudd-O) wrote: > On 11/12/2016 03:21 AM, Sec Tester wrote: > > SELinux or AppArmor. > > SELinux would be absofuckinglutely great. Confined apps like Firefox > would run much more securely. > > I got one DispVM owned by an attacker

Re: [qubes-users] Re: Intel TXT advice

Forgot to say: Purism is just an overpriced quanta/oem whitebox laptop, it takes 5mil+ of startup funds to do a small run of *just a motherboard* let alone an entire laptop computer including the fab for a fancy aluminum case - it is quite obvious that their components are not "hand selected"

Re: [qubes-users] Re: HCL - Lenovo Thinkpad X1 Carbon 4th gen (20FB)

tl;dr - kernel-4.8.7-11 +1 from me! On Thu, Oct 13, 2016 at 1:20 AM, Jean-Philippe Ouellet wrote: > The laptop fails to resume about once a day and requires a > hold-the-power-button reset > I'm hoping that newer kernels fix this (dom0 currently on 4.4.14-11), Since last Friday

Re: [qubes-users] Re: HCL - Lenovo Thinkpad X1 Carbon 4th gen (20FB)

On Mon, Nov 14, 2016 at 2:02 AM, Jean-Philippe Ouellet wrote: > kernel-4.8.7-11 from qubes-dom0-testing Err, that should be qubes-dom0-unstable. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and

Re: [qubes-users] Re: Intel TXT advice

On Sun, Nov 13, 2016 at 8:36 PM, Eric wrote: > though Intel ME is apparently disabled, which is a win, I guess? You can not "disable" ME. See page 37 of https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf -- You received this message because you are subscribed to

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

On 11/13/2016 07:39 PM, entr0py wrote: taii...@gmx.com: VT-d is intels marketing term for IOMMU, you can buy an AMD system that has IOMMU (AMD-Vi) (but not FM2/AM4 as that has PSP). Qubes needs IOMMU not "VT-d" Thanks for reply. I understood this previously but I'm not familiar with AMD's

[qubes-users] Where to bulk-download mailing list archives?

Does anyone know of a convenient place to grab the complete archives of this list? (and qubes-devel too?) With the (lets hope indeed temporary) death of gmane and its nntp interface, I lost the only easy way I knew of to bulk-download the entire history of arbitrary mailing lists for offline

Re: [qubes-users] Re: Intel TXT advice

I am assuming you were one of those people who bought a computer from those purism scammers. https://blogs.coreboot.org/blog/2015/02/23/the-truth-about-purism-why-librem-is-not-the-same-as-libre/ It is impossible to disable (ie, like it was never there, 100% gone) ME on any intel system post

Re: [qubes-users] Fedora 24 template available for Qubes 3.2

On 2016-11-13 23:33, Marek Marczykowski-Górecki wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sun, Nov 13, 2016 at 11:12:34PM +, Gaijin wrote: I have several templates based on Fedora 23 where I've installed various software. When I follow the manual upgrade instructions the

Re: [qubes-users] Re: Intel TXT advice

On Sunday, November 13, 2016 at 10:44:33 PM UTC-8, tai...@gmx.com wrote: > Forgot to say: > Purism is just an overpriced quanta/oem whitebox laptop, it takes 5mil+ > of startup funds to do a small run of *just a motherboard* let alone an > entire laptop computer including the fab for a fancy