Re: [qubes-users] Debian Template APT Vulnerability - A ticking bomb?

2019-01-27 Thread goldsmith
On 2019-01-27 01:34, unman wrote: > On Sat, Jan 26, 2019 at 04:39:45AM -0800, goldsm...@riseup.net wrote: >> >> Am I right in thinking that the recently discovered apt vulnerability >> (DSA 4371-1) in Debian based systems could and should have been >> mitigated against many years ago by

Re: [qubes-users] Debian Template APT Vulnerability - A ticking bomb?

2019-01-27 Thread Holger Levsen
On Sun, Jan 27, 2019 at 02:37:16AM -0800, goldsm...@riseup.net wrote: > > 2/ > > Imagine that apt-transport-https *had* been adopted - have you actually > > looked at the list of vulnerabilities in libcurlnd the various > > breakages in the TLS CA system? that. plus, apt is running as root and

Re: [qubes-users] Qube Window Manager; unable to list all open windows

2019-01-27 Thread Chris Laprise
On 01/27/2019 09:32 AM, Franz wrote: Command `wmctrl -l` gives the following error |Cannot get client list properties. (_NET_CLIENT_LIST or _WIN_CLIENT_LIST)| This works for me with KDE. But when I use |wmctrl| to display info about the window manager, Qubes is indeed found:

Re: [qubes-users] Debian Template APT Vulnerability - A ticking bomb?

2019-01-27 Thread goldsmith
On 2019-01-27 01:34, unman wrote: > On Sat, Jan 26, 2019 at 04:39:45AM -0800, goldsm...@riseup.net wrote: >> >> Am I right in thinking that the recently discovered apt vulnerability >> (DSA 4371-1) in Debian based systems could and should have been >> mitigated against many years ago by

Re: [qubes-users] Debian Template APT Vulnerability - A ticking bomb?

2019-01-27 Thread Achim Patzner
On 20190127 at 01:34 + unman wrote: > I would rule some things out. And in this case it looks like a simple > mistake. It could even be intention. Most of you do not think about the cost associated with TLS (and growing with key lengths). But there always were (and will be) discu

Re: [qubes-users] QSB #46: APT update mechanism vulnerability

2019-01-27 Thread Alexandre Belgrand
Le dimanche 27 janvier 2019 à 13:11 +, Holger Levsen a écrit : > I *believe* they probably misunderstood evil32.com and it's fallout. CAs and GNU/Linux distributions are #1 targets for national intelligence agencies. Debian developers are not using smartcards to store their GPG keys,

[qubes-users] Qube Window Manager; unable to list all open windows

2019-01-27 Thread Franz
Command `wmctrl -l` gives the following error Cannot get client list properties. (_NET_CLIENT_LIST or _WIN_CLIENT_LIST) But when I use wmctrl to display info about the window manager, Qubes is indeed found: [user@personal ~]$ wmctrl -m Name: Qubes Class: N/A PID: N/A Window manager's "showing

Re: [qubes-users] QSB #46: APT update mechanism vulnerability

2019-01-27 Thread unman
On Sun, Jan 27, 2019 at 03:33:11PM +0100, Alexandre Belgrand wrote: > Le dimanche 27 janvier 2019 à 13:11 +, Holger Levsen a écrit : > > I *believe* they probably misunderstood evil32.com and it's fallout. > > CAs and GNU/Linux distributions are #1 targets for national > intelligence

Re: [qubes-users] QSB #46: APT update mechanism vulnerability

2019-01-27 Thread Alexandre Belgrand
Le dimanche 27 janvier 2019 à 16:47 +, unman a écrit : > I'd be interested to know what system has been graced with your > approval. > If you believe all this, then what makes you think that national > intelligence agencies haven't infiltrated *bsd, coreboot and any > other > system you can

Re: [qubes-users] Debian Template APT Vulnerability - A ticking bomb?

2019-01-27 Thread unman
On Sun, Jan 27, 2019 at 02:37:16AM -0800, goldsm...@riseup.net wrote: > On 2019-01-27 01:34, unman wrote: > > On Sat, Jan 26, 2019 at 04:39:45AM -0800, goldsm...@riseup.net wrote: > >> > >> Am I right in thinking that the recently discovered apt vulnerability > >> (DSA 4371-1) in Debian based

Re: [qubes-users] QSB #46: APT update mechanism vulnerability

2019-01-27 Thread unman
On Sun, Jan 27, 2019 at 01:11:37PM +, Holger Levsen wrote: > On Sun, Jan 27, 2019 at 12:54:26AM +, unman wrote: > > > Keep in mind that all PGP Debian/Ubuntu signing keys have been stolen > > Do you have *any* evidence for this claim? > > I *believe* they probably misunderstood evil32.com

Re: [qubes-users] QSB #46: APT update mechanism vulnerability

2019-01-27 Thread Holger Levsen
On Sun, Jan 27, 2019 at 12:54:26AM +, unman wrote: > > Keep in mind that all PGP Debian/Ubuntu signing keys have been stolen > Do you have *any* evidence for this claim? I *believe* they probably misunderstood evil32.com and it's fallout. -- tschüß, Holger

Re: [qubes-users] Qubes 4.0.1 Dell Inspiron 7380

2019-01-27 Thread mrf...@t-online.de
Hello again, does any one have a clue or a hint for me please? Further I would like to know do you think this fits for issue tracker? 1:07:55,633 WARNING kernel:[0.00] ACPI BIOS Warning (bug): Incorrect checksum in table [FACP] - 0x8B, should be 0xBF (20170728/tbprint-211)

Re: [qubes-users] Debian Template APT Vulnerability - A ticking bomb?

2019-01-27 Thread billollib
On Sunday, January 27, 2019 at 12:22:03 PM UTC-5, unman wrote: >[snip] > Qubes provides a framework for using software - it doesn't take away the > onus on users to use that software properly, and to ensure they are aware > of good practice. (As an aside I'm always baffled by people querying >

[qubes-users] Re: Window7 VM install - No device drivers found

2019-01-27 Thread imamushroom
On Sunday, 27 January 2019 20:38:51 UTC+1, imamushroom wrote: > Hello, > > I'm following the instructions here: https://www.qubes-os.org/doc/windows-vm/ > and everything went well up to a point. Windows setup boots but when it gets > to the partitioning and formatting section the message in

[qubes-users] Window7 VM install - No device drivers found

2019-01-27 Thread imamushroom
Hello, I'm following the instructions here: https://www.qubes-os.org/doc/windows-vm/ and everything went well up to a point. Windows setup boots but when it gets to the partitioning and formatting section the message in Windows "No device drivers found" message appears. Clearly, it's not

[qubes-users] Broadcom wireless driver issue.

2019-01-27 Thread qubesbcmissue
o I’m trying to get wireless networking properly configured. First I decided to do this by installing Fedora 29 as a main OS, since I supposed that if I get it working there, it should work in a Qubes Fedora 29-based VM, right? Well not so fast. I got my BCM4331 working in the pure Fedora 29 OS

[qubes-users] Re: Broadcom wireless driver issue.

2019-01-27 Thread qubesbcmissue
Extra info : I have already tried running a Fedora 29 TemplateVM then setting the default kernel as none in order to make it run the fc29.x86_64 kernel. I did the same with my sys-net VM and set its TemplateVM as the modified one. Unfortunately it did not work. While I got the kernels running