[qubes-users] Anyone got any interesting scripts for i3wm they wish to share?

2016-06-13 Thread jkitt
Since i3 is without most of th pointy clicky benefits I was wondering if any of you guys have any scripts that make life easier. I was thinking about writing a python script to control VM applications and domains with little effort. -- You received this message because you are subscribed to

Re: [qubes-users] Change WM_CLASS(STRING) on domain windows

2016-06-14 Thread jkitt
On Tue, Jun 14, 2016 at 06:39:18AM -0700, jkitt wrote: > > Soon is good. Are the qvm-tools something I can contribute to? I will be > > making something for myself anyway and it will be properly tested. > > If you just want to work on something useful, take a look at qubes

[qubes-users] Re: i3-configs?

2016-06-16 Thread jkitt
I would share mine but it's pretty much the default. There's not really much to tinker with in i3 because it's pretty headless. I was going to write some scripts to place some VM info in the bar at the bottom but I haven't got round to it yet - I will no doubt post them in this group when I

Re: [qubes-users] T420s and pci passthrough

2016-06-19 Thread jkitt
Thanks. I read that in the man page but what does "reset" mean in this context? On Sunday, 19 June 2016 15:07:12 UTC+1, Andrew David Wong wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 2016-06-18 17:49, jkitt wrote: > > So I was unable

Re: [qubes-users] Issues with ACPID in Dom0?

2016-06-15 Thread jkitt
Oh thanks! Turns out i wasn't setting the display variable. On Wednesday, 15 June 2016 08:08:28 UTC+1, Marek Marczykowski-Górecki wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On Tue, Jun 14, 2016 at 09:11:41AM -0700, jkitt wrote: > > Are there any speci

[qubes-users] Controlling pulse form the command line

2016-06-15 Thread jkitt
So it appears that pactl or pacmd isn't in qubes Dom0 repository. Any suggestions on how I can control Pulse Audio through the command line? Apparently it can be done with amixer: amixer -D pulse sset Master mute However, the device pulse doesn't exist. amixer without arguments displays all

[qubes-users] Re: Debian listening sockets and RPC

2016-06-17 Thread jkitt
Bump, okay, the "systemd" process turned out to be a service for scanners. However, I'm stil not sure whether qubes requires quests to run rpcbind or not. On Sunday, 12 June 2016 13:38:17 UTC+1, jkitt wrote: > > I was wondering what listening sockets are required

[qubes-users] shared clipboard is inconsistent

2016-07-14 Thread jkitt
Sometimes it works; sometimes it doesn't. Has anyone else noticed this? v3.1 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] Centrino 6505 hard blocked

2016-07-24 Thread jkitt
I have a Thinkpad t420s and the WiFi card is showing as hard blocked. The kill switch, on the side, is in the on position; I've disabled and removed the card for an extended period of time (20 mins) to try and reset potential state corruption; run rfkill on it with modules unloaded (however,

Re: [qubes-users] Unable to update templates

2016-07-20 Thread jkitt
My netvm is a proxyvm that I've set up. I've just found out about the global in which the updatevm can be changed. However, i've set this to my VPN VM yet nothing - it's still trying to connect to the same IP. IRRC that IP is a non-existent node but it's filtered by a proxy. How do i get that

[qubes-users] Re: shared clipboard is inconsistent

2016-07-15 Thread jkitt
On Thursday, 14 July 2016 21:57:23 UTC+1, jkitt wrote: > Sometimes it works; sometimes it doesn't. Has anyone else noticed this? > > v3.1 secure copy handle_clipboard_data, len=0x0 open /var/run/qubes/qubes-clipboard.bin.xevent: No such file or directory -- You received this messag

Re: [qubes-users] Re: shared clipboard is inconsistent

2016-07-15 Thread jkitt
On Friday, 15 July 2016 21:32:05 UTC+1, Marek Marczykowski-Górecki wrote: > Len 0? VM returned no data for copy request. Are you sure you've copied > it there (i.e. Ctrl-C before Ctrl-Shift-C)? Well, therein lies the problem. I wasn't copying it to the clipboard first (for some reason I thought

[qubes-users] Re: debian firefox and whonix torbrowser can no longer play videos in fullscreen and freeze

2016-06-20 Thread jkitt
The same happens with me. i suspect hardware acceleration. It can be switched off in flash with: sudo su mkdir /etc/adobe && echo "EnableLinuxHWVideoDecode = 0" > /etc/adobe/mms.cfg Restart the browser. For HTML5 videos (YouTube) the media.* configs are for controlling HTML5 decoding

[qubes-users] Re: Just realized one of the major disadvantages of Qubes OS...

2017-01-25 Thread jkitt
On Tuesday, 24 January 2017 11:54:34 UTC, qmast...@gmail.com wrote: > I was sad when installed VirtualBox, tried launching it and it said that > something like "not supported on Xen hosts" But why would you want to do that? You already have virtual machines at your disposal.. -- You

Re: [qubes-users] Streisand - AntiCensorship software

2016-09-08 Thread jkitt
On Wednesday, 7 September 2016 14:08:16 UTC+1, Connor Page wrote: > agree, when I looked at it some time ago I could not imagine why I would need > all of that. too large an attack surface for my taste. however, I did > investigate what individual elements are capable of and borrowed some

[qubes-users] Re: Can DMA attacks work against Ethernet... or just WiFi/wireless...?

2016-09-11 Thread jkitt
On Monday, 12 September 2016 00:29:14 UTC+1, neilh...@gmail.com wrote: > Qubes uses VT-D to protect against DMA attacks on things such as WiFi chip. > > But are there any proven DMA attacks against wired networking, i.e. > Ethernet..? > > Hackers can exploit a buffer overflow on the network

[qubes-users] Re: Do Linux browser exploits exist..?

2016-09-11 Thread jkitt
On Saturday, 10 September 2016 19:18:10 UTC+1, neilh...@gmail.com wrote: > I've seen some dispute that a Linux browser exploit even exists. > > Like, could you take Chrome or Firefox to a page, and then have a remote > shell, that loads a file onto the hard drive to monitor everything? > > I

[qubes-users] Re: Qubes Security Bulletin #25

2016-09-11 Thread jkitt
> A malicious guest administrator can crash the host, leading to a DoS. > Arbitrary code execution (and therefore privilege escalation) Think this is an example of why it's a good idea to password protect guests? -- You received this message because you are subscribed to the Google Groups

[qubes-users] Re: Does anyone use a dedicated Tor router box..?

2016-09-10 Thread jkitt
On Friday, 9 September 2016 09:56:36 UTC+1, neilh...@gmail.com wrote: > the problem with Qubes, of course, is all the Xen exploits which make it > insecure. Off-topic here but is Qubes really insecure? Should I be worried? -- You received this message because you are subscribed to the Google

[qubes-users] Re: Can DMA attacks work against Ethernet... or just WiFi/wireless...?

2016-09-12 Thread jkitt
Any software can have flaws. The only distinction between ethernet and wifi in that regards is that WiFi can be exploited by anyone within RF range regardless whether they're authenticated to the same network or not; ethernet requires a physical connection. -- You received this message

[qubes-users] Re: hosts file.

2016-09-22 Thread jkitt
On Thursday, 22 September 2016 02:57:39 UTC+1, Drew White wrote: > Hi Qubes devs, > > Can you please point out how I can make the system STOP overwriting the HOSTS > FILE? > > I have different domains targeted to 127.0.0.1 > then when I boot, you automatically overwrite anything that is... >

[qubes-users] Re: how many passphrases and passwords do you need?

2016-10-03 Thread jkitt
it's a stupid mess. People don't deal with it. It would be nice if there was a specification, other than a shitty vulnerable USB, that would allow the plugging in of a key that stored a GPG private key. That way even your grandma could automagically sign an authentication token. Such a key-fob

Re: [qubes-users] Re: OpenBSD Xen PHVM

2016-10-22 Thread jkitt
On Friday, 21 October 2016 17:50:47 UTC+1, cubit wrote: > 7. Sep 2016 16:33 by jo...@johnrshannon.com: > From the OpenBSD 6.0 Release Notes: > The xen(4) driver now supports domU configuration under Qubes OS. > > > Has any persons investegated if OpenBSD as a AppVM is likely to possible? I'd

[qubes-users] Security announcement mailing list?

2016-10-21 Thread jkitt
Shouldn't a security focused distro make security announcement in a more direct and urgent way? I was surprised to find that Qubes only had a 'users' and 'development' mailing list. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To

[qubes-users] Re: beginner trying to choose a laptop question

2016-11-23 Thread jkitt
On Monday, 21 November 2016 16:45:10 UTC, Warren wrote: > I'm looking at the "HP Laptop 250 G5 (X9U07UT#ABA) Intel Core i5 6200U (2.30 > GHz) 8 GB Memory 256 GB SSD Intel HD Graphics 520" at >

[qubes-users] Quickest and easiest way to manage updates via command line?

2016-11-23 Thread jkitt
As the title states. Can this be done through salt? I'm looking for put together something that will manage the updates for all my template VMs and even Dom0. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and

[qubes-users] Re: Qubes 4 with Grsec could make a big splash

2016-11-23 Thread jkitt
On Tuesday, 22 November 2016 18:58:33 UTC, kev27 wrote: > On Tuesday, November 22, 2016 at 8:57:56 PM UTC+2, kev27 wrote: > > I saw this being retweeted by the Qubes account on Twitter. Can Grsec > > support still land in Qubes 4.0, or should we expect it for 4.1 or 4.2, etc? > > > > I think if

[qubes-users] Re: Qubes 4 with Grsec could make a big splash

2016-11-23 Thread jkitt
On Tuesday, 22 November 2016 19:49:07 UTC, Ronald Duncan wrote: > Will this be using the latest linux kernel since grsecurity only provide the > latest version free. Yes, it will be an "unstable" kernel. A bare metal grsec kernel is actually available in Debian's testing repo. However, it is

[qubes-users] Re: Qubes 4 with Grsec could make a big splash

2016-11-25 Thread jkitt
On Friday, 25 November 2016 11:38:21 UTC, raah...@gmail.com wrote: > can you just tell us the options so we can compile it ourselves? paste the > cfg or something. https://wiki.gentoo.org/wiki/Hardened/FAQ#Do_I_need_to_pass_any_flags_to_LDFLAGS.2FCFLAGS_in_order_to_turn_on_hardened_building.3F

[qubes-users] Why is whonix-ws necessary?

2016-10-12 Thread jkitt
Wouldn't an appvm, with the tor browser, and netvm set to sys-whonix do the same thing? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] Question to Mirage OS firewall users

2016-12-10 Thread jkitt
What's it like to update - is it relatively simple? Would you say it's more secure than Debian or Fedora? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] Re: Qubes takes a while to shut down (>30min!), is this normal?

2016-12-07 Thread jkitt
On Wednesday, 7 December 2016 13:37:36 UTC, throwaw...@tutanota.com wrote: > Hello everyone! =) > > Usually when I update dom0 and then I shutdown the computer it takes quiet a > while to finish, the progress bar reaches the end after nearly 5 min, but > then it takes 30min (yes!) for it to

[qubes-users] qubes-devel, what are the rules for posting?

2016-12-07 Thread jkitt
Can I ask development related questions there? Or is the mailing list only for core developers and contributors? (I'd like to get involved) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails

[qubes-users] Issues with debian-8 qrexec service

2016-12-04 Thread jkitt
I'm not 100% that this is the issue but I'm having troubles running anything with qvm-run on a Debian-8 template/app-vms. This happened after a recent upgrade. Fedora template/app-vms are working fine after some initiation problems (I have to killall qrexec-client in dom0 - possibly because

[qubes-users] Re: Issues with debian-8 qrexec service

2016-12-05 Thread jkitt
On Monday, 5 December 2016 05:26:04 UTC, jkitt wrote: > I'm not 100% that this is the issue but I'm having troubles running anything > with qvm-run on a Debian-8 template/app-vms. This happened after a recent > upgrade. Fedora template/app-vms are working fine after some initiation &

[qubes-users] Re: Issues with debian-8 qrexec service

2016-12-05 Thread jkitt
Fixed. Quoting marmarek: "Missing libxen-4.6 update seems to be the cause, just uploaded the update. Also, enabling testing repository should be enough (the package was there, but I missed uploading it to stable). So, to fix the issue - start the template, access its console (sudo xl console

[qubes-users] Re: Has anyone tried to activate SELINUX in Fedora 25?

2017-09-21 Thread jkitt
On Wednesday, 20 September 2017 09:41:58 UTC+1, pels wrote: > [1.617897] systemd[1]: Failed to mount tmpfs at /run: Permission denied > [.[0;1;31m!!.[0m] Failed to mount API filesystems, freezing. > [1.621206] systemd[1]: Freezing execution. Looks like a tmpfs cannot be mounted at

[qubes-users] Re: [Cryptography] Intel Management Engine pwnd (was: How to find hidden/undocumented instructions

2017-11-22 Thread jkitt
On Wednesday, 22 November 2017 13:34:26 UTC, Sandy Harris wrote: > From a crypto list, seemed relevant here. > . > Oh joy... > > Intel finds critical holes in secret Management Engine hidden in tons > of desktop, server chipsets >

[qubes-users] Upgrading from rc2 to release.

2017-11-06 Thread jkitt
Is this just a case of running a Dom0 update? Or would I have to manually install the stable release? FYI: I'm still on 3.2. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send