Re: [qubes-users] Attaching USB bus/device to VM.. What happens next?

2016-07-13 Thread neilhardley
Am I supposed to attach this Device before or after the VM has started..? The problem is... when I assign it, I get this error message: "Error starting VM. Requested operation is not valid. PCI device :00:1a.0 is in use by driver xenlight", domain test" -- You received this message

Re: [qubes-users] QUBES 3.2 taskbar icons are useless - they only show padlock icon

2016-07-24 Thread neilhardley
How about just being able to group windows by VM..? Is there any way to do that? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] QUBES 3.2 taskbar icons are useless - they only show padlock icon

2016-07-24 Thread neilhardley
In QUBES 3.2, the taskbar icons don't show the application icon. They only show a padlock, coloured in the colour of the VM. Google Chrome doesn't show the Chrome logo. It just shows a padlock. This makes it very hard to actually open a window, because I have to go through loads of them to

[qubes-users] Re: Qubes 3.2 rc2 has been released!

2016-07-28 Thread neilhardley
Does this come with the newest Xen patch after the exploit yesterday? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com.

[qubes-users] Question on creating USB qube

2016-07-28 Thread neilhardley
I am installing QUBES 3.2 to a new laptop. With the 1st option: [X] "Create a USB qube holding all USB controllers (sys-usb) [experimental]" There is then a 2nd option underneath: [ ] "Use sys-net qube for both networking and USB devices" Is it recommended to check the box for the 2nd option

Re: [qubes-users] MP3 support

2016-07-23 Thread neilhardley
Yeah. I have a major problem with VLC though. Whenever I close VLC, it causes all the windows for App VM to disappear from the task bar. Then when I open another app, they all come back. It also disables all future VLC playback. Once I close VLC once, it never works again after, until I

[qubes-users] Will SLAT / EPT truly make QUBES 4.0 more secure..?

2016-07-28 Thread neilhardley
Based on 2 Xen exploits in just the last 1 year, QUBES 4.0 is moving over to using SLAT / EPT for memory isolation, and to using HVM/PVH rather than PV. Certainly, in the last 2 Xen exploits, it has only affected PV and not HVM. However, is it possible that using Intel's EPT is even riskier..?

[qubes-users] Re: Qubes 3.2 rc2 has been released!

2016-07-29 Thread neilhardley
The QUBES website incorrectly lists the file size for 3.2-rc2 It still lists: "4.8 GB (4,816,109,568 bytes)" It's actually now small enough to fit within a DVD disc now. 3.92 GB -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe

[qubes-users] Nautilus is broken

2016-07-26 Thread neilhardley
Nautilus is broken for me on the fedora-23 template "nautilus: error while loading shared libraries: libicui18n.so.54: cannot open shared object file: No such file or directory" I tried installing libicuil8n.so.54 in the template VM. but it still has the same error message. I did this after

Re: [qubes-users] Nautilus is broken

2016-07-26 Thread neilhardley
Surely cloning the template will just clone it with Nautilus still broken..? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] Live disc won't work

2016-07-27 Thread neilhardley
The QUBES 3.1 live disc won't work. I wrote it to external USB HDD using Rufus and DD It boots, and goes to the screen for starting it. I start it up by pressing ENTER. But then it says something about "FICO over-run" and just exits to BIOS. What can I do to fix this..? -- You received this

[qubes-users] Question about Whonix / Tor Browser / exploits

2016-08-02 Thread neilhardley
I have a question about Whonix/Tor Browser exploits. I have played around a bit with Metasploit to see how browser exploits work. They basically rig a web page with exploits, and then it does what's known as "arbitrary code execution", to open up a "remote shell". As far as I can tell.. the

[qubes-users] Qubes VM Manager crashes on USB un-plug, "Houston, we have a problem"

2016-08-01 Thread neilhardley
Qubes VM Manager crashes on USB un-plug, "Houston, we have a problem" I plug in a USB, then attack it as a block device to a VM. Then I remove the USB device without first unmounting from within the VM And then USB no longer works at all, and if I try to detach the block device, the VM manager

Re: [qubes-users] Question about Whonix / Tor Browser / exploits

2016-08-03 Thread neilhardley
So you're saying that you can run an entire Xen exploit without installing anything to the hard drive at all... Just purely run it in the RAM itself. Wow. And what do you think about Selfrando..? Is this going to fix browser exploits once and for all, or will it just fall to hackers..?

Re: [qubes-users] What exactly is stored in an App VM backup..?

2016-08-14 Thread neilhardley
OK, that's really nice to know that startup scripts are not saved. Really nice. The thing about having to shut down the VM is still annoying though. The other thing is, the progress bar for Qubes backups is very bad.. It stays at 0% for a long time, and then hours later, gets to 100%... There

[qubes-users] What exactly is stored in an App VM backup..?

2016-08-14 Thread neilhardley
I want to know.. what exactly is stored in an App VM backup..? When you back it up, and you have your single backup file, what is in that file? Obviously, your personal files, like folder structure, Documents, Downloads, Music etc. But how about programs..? Are programs stored in there, or are

Re: [qubes-users] What exactly is stored in an App VM backup..?

2016-08-14 Thread neilhardley
But presumably this private.img is going to include things like: folder: /etc/init.d/ file: /etc/rc.local things like this, which are used to do start-up scripts. So anyone who hacked the VM might place some start-up scripts which link to malware stored on the machine. So these are going to

[qubes-users] Tool to record Whonix / Tor browsing history..?

2016-08-12 Thread neilhardley
I would like to be able to do something like: 1. Use Whonix/Tor as a disposable VM 2. Record browsing history using an external software One of the reasons I don't use Tor that much (other than slow speed, captchas etc) is because I actually want to have a record of the websites I have

[qubes-users] Question on SECURITY of WHONIX VM

2016-07-12 Thread neilhardley
I have a question about the security of Whonix, which is used as the Tor VM in QUBES 3.2. My question is... we know that the Tor Browser can be hacked, mainly based on Firefox exploits. So it's very possible that when I'm using Whonix, the Tor Firefox browser gets hacked. So when this

[qubes-users] Buying new laptop.. What check should I do in-store..?

2016-07-12 Thread neilhardley
I have QUBES running now, but my processor only has VT-X, and not VT-D. So I'm thinking about buying a new laptop just to get VT-D. I want to go into a physical store and try out the live USB for 3.1.. just to make sure that everything is working before I buy the laptop. My question is... what

Re: [qubes-users] Question on DMA attacks

2016-07-15 Thread neilhardley
Wow.. Thanks Marek... That was a very clear explanation of DMA attacks... The best that I've ever seen. Perhaps this should even be posted somewhere on the QUBES website. I think that's convinced me that I definitely need to get VT-D. -- You received this message because you are subscribed to

[qubes-users] Attaching USB bus/device to VM.. What happens next?

2016-07-13 Thread neilhardley
So, let's say I follow the steps to attach my USB bus to a VM. I go into VM Settings and see that it's attached. What next..? Where do I actually find the attached USB devices..? Let's say that I have a USB disk plugged in. Where would I actually now find this device in the VM...? -- You

[qubes-users] Re: Question on DMA attacks

2016-07-14 Thread neilhardley
But it's still not clear how these malicious packets can be sent to the network card can these be sent after compromising an App VM (via something like a browser exploit)...?? Or can they be sent just purely over the internet itself to any device connected to the web...? Directly send

[qubes-users] Re: Question on DMA attacks

2016-07-14 Thread neilhardley
Oh OK. I see you have now updated with a new answer. "The main benefit would be to try and prevent dma attacks from the network card and the netvm, which receives all the packets from the internet" -- You received this message because you are subscribed to the Google Groups "qubes-users"

[qubes-users] Re: Question on DMA attacks

2016-07-14 Thread neilhardley
So essentially, this is isolating the network card/Wifi from dom0.. Just like you create a USB qube, to isolate USB from dom0 But still.. no one has ever shown a proof of concept for this... You see plenty of videos of people exploiting browsers with Metasploit... but no videos of anyone doing

[qubes-users] QUBES 3.2 won't install... EFI_MEMMAP is not enabled... ESRT header is not in the memory map

2016-07-09 Thread neilhardley
I am trying to install QUBES 3.2-rc1 I get onto the screen with penguins, and it says efi: EFI_MEMMAP is not enabled esrt: ESRT header is not in the memory map --- And then it just stays there and doesn't do anything. Is this normal..? Am I just supposed to wait..? Or is there something

[qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
I wrote the QUBES 3.0 ISO to an external HDD. Then I ran the installation, to install QUBES to the local internal HDD. Works fine. Tells me all done and restart. Yet, it then says "no bootable device", and press ENTER to go back to BIOS boot selection. Previously, I tried installing QUBES

Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
My EUFI is disabled and i still get the message "bootable device was not found" What do i do? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
It was all disabled from the start. It simply will not work. As I say, it can install to an external HDD just fine. Just not the local drive. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving

Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
One thing I notice is that I used to be able to press F12, and get the HDD as a boot option. Now it's just missing altogether. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it,

Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
In the installer, it shows the USB external HDD, and the local HDD. I am currently in a Ubuntu live disc, and in the partition manager, it shows partition -- file system -- size -- used -- flags /dev/sda1 -- ext4 -- 500MB -- 155.12MB -- boot /dev/sda2 -- crypt-luks -- 698.15GB -- N/A -- N/A

Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
It may be possible that I'm following the EUFI guidelines incorrectly. Replace existing Qubes entry with modified one. Replace with entry number from previous step, /dev/sda with your disk name and -p 1 with /boot/efi partition number): With this for example.. how am I supposed to

Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-10 Thread neilhardley
OK... This is what I get ubuntu@ubuntu:~$ sudo mount /dev/sda1 /mnt ubuntu@ubuntu:~$ sudo mount /dev/sda2 /mnt mount: block device /dev/sda2 is write-protected, mounting read-only NTFS signature is missing. Failed to mount '/dev/sda2': Invalid argument The device '/dev/sda2' doesn't seem to have

Re: [qubes-users] Qubes 3.0 won't install... "No bootable device"

2016-07-11 Thread neilhardley
I have to say from a user experience... figuring that all out was hell. When you look at what I did.. I essentially added 2 main bits to the code mapbs=1 noexitboot=1 I really just wonder.. if there's any reason QUBES developers couldn't just add these 2 lines themselves, so that the user

[qubes-users] Question about the SECURITY of backing up QUBES.

2016-07-11 Thread neilhardley
I have a question about the security of backing up QUBES. I see that the VM backup procedure lets you back up both template VMs and App VMs, as well as dom0. The question is... let's say that we find out about another Xen escape, like the one from October 2015. At this point, surely we now

Re: [qubes-users] Question about the SECURITY of backing up QUBES.

2016-07-11 Thread neilhardley
Is it possible that someone who compromised QUBES, could re-write the AppVM in a way that whenever it is loaded up, it re-infects the entire system all over again...? In that case, the only safe thing would be to manually back up the files within the AppVM with some sort of Fedora backup tool.

Re: [qubes-users] Question on creating USB qube

2016-07-28 Thread neilhardley
OK thanks for the explanation. Let me follow up with another question. Do I need to create a USB qube in order to take advantage of the VT-D/IOMMU protection for my internal WiFi chip... or is sys-net OK in that regard..? -- You received this message because you are subscribed to the Google

[qubes-users] Why does QUBES recommend SSD drives..?

2016-08-16 Thread neilhardley
The Qubes website recommends SSD drives. Is there any particular reason..? Does Qubes use read/write to the hard drive any more than Windows... to the point where it's going to cause drive failure a lot earlier..? Or is it simply a speed thing..? Or what.? -- You received this message

Re: [qubes-users] QUBES Windows Tools won't install

2016-08-21 Thread neilhardley
I installed it. Networking was working prior to Windows Tools. After installing it, the network no longer works. "no network access" when you click the network icon in the taskbar. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe

[qubes-users] QUBES Windows Tools won't install

2016-08-21 Thread neilhardley
I have a Win7 machine running, but I need to install Windows Tools. in dom0, I run sudo qubes-dom0-update qubes-windows-tools I get "no package qubes-windows-tools available" I am running QUBES 3.2-rc2 -- You received this message because you are subscribed to the Google Groups

[qubes-users] Re: Can DMA attacks work against Ethernet... or just WiFi/wireless...?

2016-09-12 Thread neilhardley
jkitt Yeah, I know that Ethernet is capable of DMA. But DMA is different from a DMA Attack A DMA attack is when a hacker exploits a software error in the Ethernet firmware, and uses that to take over the device and issue malicious DMA attacks. So I guess I'm asking whether any such

[qubes-users] How to set up Internet Connection Sharing over USB..?

2016-09-14 Thread neilhardley
Is there any way to set up Internet Connection Sharing using USB..? For example, with an Android phone, you can share its connection with a computer using so-called "tethering". But I want to "tether" the Whonix VM's internet connection to another computer, using USB. The purpose is to use

[qubes-users] Re: Is there any way to mount a Qubes volume from an external drive..?

2016-09-14 Thread neilhardley
I'm not trying to mount the external HDD itself. I'm trying to mount the Qubes installation it. The encrypted Qubes OS that I have installed on the drive. I want to somehow decrypt and read the data from that itself. It's not a VM backup format. It's the actual hard drive for Qubes itself on

[qubes-users] Re: How to set up Internet Connection Sharing over USB..?

2016-09-14 Thread neilhardley
Alternatively, I could do this with Ethernet. I know that you can right-click the network icon, click "edit connections", go to IPV4 settings, and edit it as network sharing for the WIRED connection. However, this is only going to share the overall connection. I am looking to explicitly share

[qubes-users] Re: Does anyone use a dedicated Tor router box..?

2016-09-10 Thread neilhardley
Qubes is insecure due to Xen exploits. Qubes tends to quickly patch the exploits, but we know how it works in the real world... nation states and other people buy up the exploits before they can get to the market. I would also suggest that if you are using Qubes, this may even be a flag at

Re: [qubes-users] Re: Does anyone use a dedicated Tor router box..?

2016-09-10 Thread neilhardley
It's true that MOST don't affect Qubes. But just in the last 1 year, 2 Xen exploits have directly affected Qubes. Hence, why they switched over to SLAT for QUBES 4.0. So no.. Xen really is a very big issue for Qubes. -- You received this message because you are subscribed to the Google Groups

[qubes-users] Is there any way to mount a Qubes volume from an external drive..?

2016-09-13 Thread neilhardley
I have an external HDD with a Qubes installation on it, i.e Qubes installed direct to an external HDD. I want to be able to get the data from it, but my laptop won't boot up the drive for some reason. Maybe it's a problem with my laptop, but either way, I can't seem to get it to boot.

[qubes-users] Does anyone use a dedicated Tor router box..?

2016-09-09 Thread neilhardley
Does anyone use a dedicated Tor router..? The theory is, Tor is secure, but Firefox is not. Therefore, you have 1 computer that runs Tor only, and a WiFi hotspot... Another computer runs Firefox and any other programs. So long as the other computer connects to the Tor computer for network

[qubes-users] Do Linux browser exploits exist..?

2016-09-10 Thread neilhardley
I've seen some dispute that a Linux browser exploit even exists. Like, could you take Chrome or Firefox to a page, and then have a remote shell, that loads a file onto the hard drive to monitor everything? I can do this with Metasploit on Windows, but I've actually seen a lot of people saying

[qubes-users] Is it possible to have 2 Net VMs - one for Ethernet, another for WiFi..?

2016-09-23 Thread neilhardley
I want to have 2 Net VMs running at the same time. One would hold Ethernet in "Devices" The other would hold WiFi in "Devices" Is this possible? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving

[qubes-users] How to add a "sys-firewall" to a NetVM..?

2016-09-23 Thread neilhardley
I created a new NetVM to use debian8, rather than fedora-23 It all works fine. But I noticed that the original "sys-net" has a "sys-firewall" tied to it. Do I need to add something like this for my new Net VM, and if so, how do I do it..? Thanks -- You received this message because you are

Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
I guess the only other thing I would add is. With Firefox, you have a page "Security Advisories", which lists the history of Firefox exploits. I wonder if such a thing exists for WiFi drivers + firmware. Or even a list of any major audits of WiFi drivers + firmware. If there is some

Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
In terms of "hotspot" terminology, what it does is, quote from author of the script: "it bridges the two interfaces but uses NAT to achieve it" -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving

Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
OK, so the main takeaway from your answer: "The card doesn't have a host CPU and so it doesn't require a firmware source" that seems like the most interesting the driver would still need to be bug-free though who knows whether any of these have even been audited thanks for your replies

Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
OK.. here we go This is my question with a DIAGRAM to help you visualise it: http://imgur.com/a/CTbLk -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
NET VM -- -- - WiFi device- -- - Ethernet device- -- - Tor ethernet hotspot script- -

Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-26 Thread neilhardley
And yes, by all means, I will use Whonix's system rather than my own custom script. I originally created my own, because I saw that Whonix didn't have VT-D. But then I learned that VT-D is nowhere near as good as I thought. I originally thought VT-D isolates the devices from the Net VM itself.

Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-26 Thread neilhardley
Well, entr0py, you are correct. It does indeed come down, to either Xen, or my networking stack. Let me ask... what is the security like for Ethernet..? Let's say I connected to my home router via Ethernet, and also served out the Tor connection to a 2nd laptop, over Ethernet. In this setup,

Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-26 Thread neilhardley
Very useful info, but what I meant is whether the Ethernet drivers/firmware etc are more secure than the WiFi ones. I wasn't really talking things like RF leakage etc. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this

[qubes-users] Set different NetVM for dom0

2016-09-29 Thread neilhardley
How do I change the NetVM used by dom0..? I have sys-firewall as does everyone. But I actually set up a new NetVM a while back, and sys-firewall no longer works for me. Call it "NetVM2". So I want to set the NetVM used by dom0 to "NetVM2", or whatever replace "NetVM2" with the name of

[qubes-users] sys-firewall no longer works after creating new Net VM

2016-09-29 Thread neilhardley
I created a new Net VM, in order to use Debian, and it works fine. But now I want to revert back to sys-net. The problem is that my sys-firewall no longer works. How do I get sys-firewall to work again? It starts up fine, but simply doesn't work. Other App VMs are not getting data through it.

Re: [qubes-users] Failed to add USB controller to App VM

2016-09-30 Thread neilhardley
OK, this seems to be what I need. One further question... https://www.qubes-os.org/doc/dom0-tools/qvm-prefs/ " pci_strictreset Accepted values: True, False Control whether prevent assigning to VM a device which does not support any reset method. Generally such devices should not be assigned

Re: [qubes-users] Switch of DMA altogether..?

2016-10-07 Thread neilhardley
Another question... Are DMA attacks on Ethernet are even plausible? WiFi seems much more vulnerable than Ethernet, due to more complexity. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving

[qubes-users] Re: Switch of DMA altogether..?

2016-10-07 Thread neilhardley
Presumably through the CPU. We know this option exists for hard drives for a facts. So I see no reason you couldn't get Ethernet + WiFi chips without DMA. Not all devices support switching off DMA, so I can see why Qubes decided to use VT-D + Xen instead. But certainly, I think there are

Re: [qubes-users] Switch of DMA altogether..?

2016-10-08 Thread neilhardley
DMA allows network card to read/write RAM. DMA attack allows one already-compromised VM to read the RAM of another VM, thus breaching Qubes isolation... unless you use VT-D, although flaws in VT-D have been shown. Remote DMA attack allows packets sent to the network card directly over the

Re: [qubes-users] Switch of DMA altogether..?

2016-10-07 Thread neilhardley
On Friday, 7 October 2016 19:37:50 UTC+1, Achim Patzner wrote: > I think I’ve still got a bunch of NE2000 and early RealTekNICs somewhere in > the cellar – how much do you want to offer? Are you saying that these devices are non-DMA...? -- You received this message because you are subscribed

Re: [qubes-users] Switch of DMA altogether..?

2016-10-07 Thread neilhardley
" The original cards, the NE1000 (8-bit ISA; announced as "E-Net adapter" in February 1987 for 495 USD) and NE2000 (16-bit ISA), and the corresponding use of limited 8-bit and later 16-bit DMA in the NE2000 " That seems to say that DMA is in fact used in the NE2000. By the way, will these

Re: [qubes-users] Re: Switch of DMA altogether..?

2016-10-07 Thread neilhardley
So are you saying that VT-D does not actually depend on Xen...? With a Xen bug, couldn't a hacked WiFi device just break out of sys-net..? Or not..? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop

Re: [qubes-users] Switch of DMA altogether..?

2016-10-09 Thread neilhardley
OK, so how about using PIO purely..? A device which can do PIO and PIO only. Would this then be more secure..? Or would the attack just be carried out by the CPU rather than RAM..? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To

[qubes-users] Switch of DMA altogether..?

2016-10-07 Thread neilhardley
Qubes uses VT-D and a Net VM to attempt to isolate buggy WiFi adapters from the rest of the Qubes system. But this isolation still depends on Xen not having bugs... And we know that Xen has bugs, and will likely continue to have more going forward. So, instead of VT-D, why not just switch off

Re: [qubes-users] Switch of DMA altogether..?

2016-10-07 Thread neilhardley
OK. This is getting confusing. So you are now saying that you can't do a DMA attack over the web..? If I had one computer connected to another via Ethernet crossover, could one computer infect the other via DMA by sending the DMA attack over the crossover cable..? Or can a computer only

Re: [qubes-users] Switch of DMA altogether..?

2016-10-08 Thread neilhardley
OK, so we've gone from not do-able remotely, to "may or may not be possible", and "this is hard" Are there any proven such attacks on Ethernet? Any proof of concepts? Also, would USB Ethernet make this attack any easier..? Something like a USB Ethernet dongle? http://i.imgur.com/l5ntqFe.jpg

Re: [qubes-users] Switch of DMA altogether..?

2016-10-08 Thread neilhardley
OK, so we've gone from not do-able remotely, to "may or may not be possible", and "this is hard" Are there any proven such attacks on Ethernet? Any proof of concepts? Also, would USB Ethernet make this attack any easier..? Something like a USB Ethernet dongle? http://i.imgur.com/l5ntqFe.jpg

[qubes-users] Re: How to attach Ethernet to a VM other than sys-net..?

2016-09-18 Thread neilhardley
Alright. I came to the conclusion that this is all a waste of time. A hacker (especially nation state) would hack your main home router. Then hack your endpoint laptop. Then they can see that both are connected to a dedicated Tor router in the middle, through its MAC address or other

Re: [qubes-users] If you change "sys-net" from Fedora to Debian template, will it break anything..?

2016-09-22 Thread neilhardley
OK, now, I had real problems trying to switch to debian8. I shut down sys-net and sys-firewall Switched them both over to debian8 First thing, it said "Internet disconnected" in network manager, and simply wouldn't show any WiFi networks at all. Second thing, it wouldn't even open the

Re: [qubes-users] If you change "sys-net" from Fedora to Debian template, will it break anything..?

2016-09-22 Thread neilhardley
Yeah, what actually happened to me, is that Ethernet DOES work just fine. But WiFi doesn't. So this is actually I think related to this issue: https://github.com/QubesOS/qubes-issues/issues/1526 Wifi no longer recognised in Debian-based sys-net VM after 3.0 -> 3.1 upgrade I have an Intel 3165

[qubes-users] Can't get WiFi driver to work in Debian 8

2016-09-22 Thread neilhardley
I am on Qubes 3.2 rc2. I have an Intel 3165 WiFi driver. It simply does not work. It works fine in Fedora, but not Debian. According to this: https://github.com/QubesOS/qubes-issues/issues/1526 There is something where Debian no longer recognises WiFi in Qubes Net VMs..? Is this true..?

[qubes-users] Re: Can't get WiFi driver to work in Debian 8

2016-09-22 Thread neilhardley
OK. I solved it. The solution is to get the jessie-backports .deb file and install it in the "debian-8" template VM: Go here https://packages.debian.org/jessie-backports/firmware-iwlwifi Then here https://packages.debian.org/jessie-backports/all/firmware-iwlwifi/download Copy the file to

[qubes-users] Re: Can't get WiFi driver to work in Debian 8

2016-09-22 Thread neilhardley
Obviously restart the Template VM and Net VM afterwards. All solved. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com.

Re: [qubes-users] Can TeamViewer or similar work with Qubes..?

2016-09-22 Thread neilhardley
OK, that's pretty useless, because I want someone to connect to my PV, not to a win7 HVM. Are there any other options at all..? I guess I could let someone SSH into my VM..? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from

[qubes-users] Can TeamViewer or similar work with Qubes..?

2016-09-22 Thread neilhardley
I am working on a project with someone. And they want to remote into Qubes with TeamViewer. Will this work at all... or is there any alternative software..? Thanks -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group

[qubes-users] If you change "sys-net" from Fedora to Debian template, will it break anything..?

2016-09-22 Thread neilhardley
I may need to change "sys-net" from the Fedora template VM, to the Debian template VM. If I did this, would it break anything..? Or does it simply have to be Fedora..? Thanks -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from

Re: [qubes-users] If you change "sys-net" from Fedora to Debian template, will it break anything..?

2016-09-22 Thread neilhardley
Can I also ask Is it true to say "enp0s1" is the sys-net equivalent of "eth0" and "wlp0s0" is the sys-net equivalent of "wlan0" Thanks -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails

[qubes-users] How to install DHCP in "sys-net"

2016-09-22 Thread neilhardley
I am doing a project with someone. I need to install DHCP in "sys-net". I did: sudo dnf install dhcp and sudo dnf install dhcpcd --- After this, I was asked to look for this file: /usr/lib/dhcpcd/dhcpcd-hooks/70-ipv4-nat --- But it just hadn't been created. I don't understand how to

[qubes-users] How do you install external USB WiFi adapters..?

2016-09-20 Thread neilhardley
I plug in a USB WiFi adapter. I go to sys-usb, and run "lsusb". It shows up there as, "Bus 002 Device 028: ID 148f:3070 Ralink Technology, Corp. RT2870/RT3070 Wireless Adapter" What happens next..? How do I get this to the point where it can be used..? Thanks -- You received this message

[qubes-users] WHERE is VT-D implemented..?

2016-09-19 Thread neilhardley
Quick question. WHERE is VT-D protection against DMA attacks implemented..? Is it implemented at a particular VM, such as "sys-net" or "sys-firewall" Or is this just built-in to the entire Qubes system regardless of which VM you are using..? If I were to run something like wget google.com

Re: [qubes-users] QUBES Windows Tools won't install

2016-08-22 Thread neilhardley
I remember when I first installed Windows Tools, I accidentally double-clicked it and it was installing 2 versions of it at the same time. This may have been what screwed up network access. It may not be a glitch with Windows Tools at all. Can Windows Tools be removed and re-installed in

[qubes-users] Anything else to wipe other than HDD and BIOS..?

2016-09-27 Thread neilhardley
If I think a computer has been infected, is there anything else I should wipe/re-install other than 1. Hard Drive / Operating System 2. BIOS Is there anything else that a hacker could possibly infect that needs to be wiped/re-installed..? Thanks -- You received this message because you are

[qubes-users] Physical isolation using Whonix and Qubes..?

2016-09-28 Thread neilhardley
I am looking to use Qubes/Whonix as a dedicated Tor router. And then route a laptop through my Qubes/Whonix system. Main router => Qubes/Whonix computer that acts as a Tor-only router => My laptop for browsing web I want to know how to share the connection of Whonix/Tor in Qubes, with a

Re: [qubes-users] Re: Anything else to wipe other than HDD and BIOS..?

2016-09-27 Thread neilhardley
Yeah, Joanna is seriously epic. How about Raspberry Pi..? That seems to have very few components. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] Detach a USB mic from sys-usb into dom0

2016-10-03 Thread neilhardley
I remember, before I had Qubes with the USB qube, my USB mic seemed to be in dom0. To the point where I could see the USB mic as an option in "Volume Control"/ pavucontrol in dom0. In the volume control mixer, I would be able to select the VM from there, and choose the USB mic as the input

[qubes-users] Re: Detach a USB mic from sys-usb into dom0

2016-10-03 Thread neilhardley
OK, here is the solution. I solved it myself. You install "pavucontrol" in the internal VM. Then ,if you look at it, you will see that the USB mic is actually detected automatically. So in fact, no need to detach anything, or disable any USB qube. You just simply install "pavucontrol" inside

[qubes-users] What is the purpose of sys-firewall..?

2016-09-24 Thread neilhardley
What is the purpose of sys-firewall..? I noticed that every App VM has its own "Firewall Rules" inside of VM Settings. So therefore, what is the purpose of sys-firewall..? Thanks -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe

[qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-24 Thread neilhardley
Simple question: Why are Ethernet and WiFi in sys-net..? Is it (A) Just for easy access to the same network for all App VMs..? (B) Because this is isolating Ethernet and WiFi from the rest of the system, to stop DMA attacks..? It's not clear to me whether the VT-D protection is occurring

Re: [qubes-users] Why are Ethernet and WiFi in sys-net..?

2016-09-25 Thread neilhardley
OK, it's the original poster here. The consensus so far is that anything I run inside sys-net should be vulnerable, and that it is advised not to run programs in sys-net. So, in this case, how am I supposed to run my Ethernet Tor hotspot..? I had somebody write me a script that lets Qubes

[qubes-users] A computer with read-only firmware..?

2016-10-01 Thread neilhardley
Does anyone know of any computer that has read-only firmware..? I'm talking, just about anything that could have a virus written to it. Stuff like 1. BIOS 2. GPU 3. Ethernet 4. Mouse 5. Keyboard etc I want this system because then if it is infected, then all I need to do is wipe the HDD

[qubes-users] Would USB Ethernet be more secure than WiFi..?

2016-10-01 Thread neilhardley
There is talk that Ethernet is more secure than WiFi, due to the complexity of WiFi. So, my laptop only has WiFi. If I were to remove the WiFi chip, and use a USB Ethernet adapter, do you think that would be more secure..? Something like this:

[qubes-users] Failed to add USB controller to App VM

2016-09-29 Thread neilhardley
I am using Qubes 3.2 rc2 I need to use an external USB WiFI device. I was told in a previous thread that I need to attach the entire USB controller, rather than just using qvm-usb -a

[qubes-users] Screen recorder for Qubes..?

2016-11-07 Thread neilhardley
I see that dom0 has a screenshot tool, but how about a screen recorder tool..? I.e. one that would record video. Sound is not needed, but I certainly need to record many screenshots per second.. Many frames per second. Thanks -- You received this message because you are subscribed to the

Re: [qubes-users] Re: Screen recorder for Qubes..?

2016-11-08 Thread neilhardley
On Tuesday, 8 November 2016 12:49:53 UTC, Eva Star wrote: > It's not hard to integrate video capturing to my qubes screenshot tool What is the command name for your screenshot tool...? Can it be run on the command line..? Because I'd be willing to just write a script to run it multiple times

  1   2   >