Re: [qubes-users] traveling - best practice

2017-02-07 Thread taii...@gmx.com
On 02/07/2017 03:36 PM, Jake wrote: On 02/07/2017 08:43 AM, Franz wrote: > > > On Tue, Feb 7, 2017 at 10:09 AM, haaber > > wrote: > > Hello, I wonder how you behave when traveling, for example in places > with cameras all around. I feel

Re: [qubes-users] Thunderbolt, dockingstations, DMA and security

2017-02-05 Thread taii...@gmx.com
On 02/05/2017 07:30 AM, Stickstoff wrote: Hello everybody, I have been thinking about the risks involved using different kinds of dock or dockingstation. [I'll recap what I think I found out about the docking situation, skip if you know how docks, usb type c and DMA works] Most business

Re: [qubes-users] AMD GPU under Qubes OS

2017-02-04 Thread taii...@gmx.com
On 02/04/2017 10:42 AM, Top Hatted Cat wrote: Hi, I have just installed Qubes OS R3.2 on an external HDD for trying it on my laptop. The laptop in question has an AMD APU. When booting the OS, it will freeze on "Starting Show Plymouth Boot Screen". Is there a driver I need to install or

Re: [qubes-users] Chipping/Crackling noise on HDMI

2017-01-22 Thread taii...@gmx.com
What drivers are you using for the video device? Is this a qubes-specific issue? (have your tried other linux distros) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an

Re: [qubes-users] Lenovo x230 Laptop vs. Lenovo x230t Tablet on Qubes R3.2

2017-01-23 Thread taii...@gmx.com
It is a decent choice, you can install a better screen from alibaba and the better keyboard from the x220 if you dont like an island style keyboard. On 01/22/2017 06:11 PM, knaoxf...@gmail.com wrote: I'm looking into getting a budget laptop around $100-$250 for Qubes R3.2. I've heard good

[qubes-users] Error: Failed to synchronize cache for repo 'updates'

2017-02-20 Thread taii...@gmx.com
I am using fedora 24 template vm, how can I fix this? The internet is filled with plenty of "resolved" questions about that error but no actual help. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop

[qubes-users] Certified Hardware - Why purism and not system76 or thinkpenguin?

2017-02-18 Thread taii...@gmx.com
Purism is selling snake oil and taking money away from the honest companies that admit they're selling a re-badged quanta laptop that will never ever have libre firmware. Here is a reddit post with more info about the situation (yeah its from leah but whatever its true)

Re: [qubes-users] Fwd: HCL - Dell Latitude E7470

2017-02-16 Thread taii...@gmx.com
On 02/16/2017 05:55 AM, Elias Mårtenson wrote: (resend, with attachments this time) I've been using Qubes 3.2 on this laptop for a month or two now, and pretty much everything works well. Note that immediately after installing the system the WLAN didn't work. I connected using ethernet and

Re: [qubes-users] Qubes using Cloudflare - Why?

2017-02-24 Thread taii...@gmx.com
https://arstechnica.com/security/2017/02/serious-cloudflare-bug-exposed-a-potpourri-of-secret-customer-data/ Wow. It wouldn't have been such a big problem if cloudflare didn't have monopoly status. -- You received this message because you are subscribed to the Google Groups "qubes-users"

Re: [qubes-users] please help: realtek pci-express nic not detected by sys-net

2017-02-12 Thread taii...@gmx.com
On 02/12/2017 12:44 PM, Surf Nx wrote: The nic works fine on Fedora Live Tried all the following over the last 4 (now 6) days. Please help if possible. rpm -q linux-firmware : linux-firmware-20161205-69.git91ddce49.fc24.noarch Failed with DMA setting at: qvm-prefs -s netvm kernelopts

Re: [qubes-users] Re: Nested virtualization

2017-02-11 Thread taii...@gmx.com
On 02/11/2017 08:35 AM, adonis28...@gmail.com wrote: On Saturday, February 11, 2017 at 2:35:15 AM UTC-5, pixel fairy wrote: On Friday, February 10, 2017 at 9:03:47 PM UTC-8, adoni...@gmail.com wrote: Hi guys, thanks for the responses, I will have a look at it. What I need in this case in

Re: [qubes-users] Is Qubes OS compatilable with Ledger Nano S/Trezor/Keepkey?

2017-01-15 Thread taii...@gmx.com
On 01/16/2017 12:37 AM, Franz wrote: On Sat, Jan 14, 2017 at 10:39 PM, Marek Marczykowski-Górecki < marma...@invisiblethingslab.com> wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sat, Jan 14, 2017 at 09:17:32PM +0100, Maksymilian Skica wrote: Hi, Does anyone actually make Qubes

Re: [qubes-users] Is Qubes OS compatilable with Ledger Nano S/Trezor/Keepkey?

2017-01-16 Thread taii...@gmx.com
On 01/16/2017 05:38 PM, Marek Marczykowski-Górecki wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Mon, Jan 16, 2017 at 04:39:04PM -0500, taii...@gmx.com wrote: On 01/16/2017 07:45 AM, Franz wrote: On Mon, Jan 16, 2017 at 4:08 AM, taii...@gmx.com <taii...@gmx.com> wrote:

Re: [qubes-users] Qubes R3.2 on AMD 890FX board, making Interrupt Remapping work.

2017-03-01 Thread taii...@gmx.com
*forgot to say* If you see "AMD-Vi: Interrupt remapping enabled" in dmesg then you should be fine as the hardware supports it. The HCL doesn't test for IR. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop

Re: [qubes-users] Qubes R3.2 on AMD 890FX board, making Interrupt Remapping work.

2017-03-01 Thread taii...@gmx.com
On 02/22/2017 10:19 AM, Illidan Pornrage wrote: Hello Qubes Community, this is my first contact. I have tried to get Qubes R3.2 running on the Gigabyte GA-890FXA-UD7 Board. Mostly worked but Xen disabled Interrupt Remapping because of: (XEN) AMD-Vi: IVHD Device Entry: type 0x48 id 0 flags

Re: [qubes-users] Re: HCL - DELL PRECISION T7400

2016-10-28 Thread taii...@gmx.com
Updating the bios might fix your VT-d issue however a lot of the older dell computers have bad implementations/DMAR tables - you are also stuck with an earlier processor with IOMMU V1 which lacks interrupt remapping (a security feature). Worse comes to worse you can always use flashrom and

Re: [qubes-users] Re: Intel TXT advice

2016-11-14 Thread taii...@gmx.com
On 11/14/2016 04:50 PM, entr0py wrote: taii...@gmx.com: On 11/14/2016 03:12 PM, Eric wrote: On Monday, November 14, 2016 at 11:58:32 AM UTC-8, entr0py wrote: Eric: On Sunday, November 13, 2016 at 10:44:33 PM UTC-8, tai...@gmx.com wrote: Forgot to say: Purism is just an overpriced quanta

Re: [qubes-users] Re: Qubes 4.x and Librem 13

2016-11-24 Thread taii...@gmx.com
Purism laptops are new intel so they will never have real coreboot support, only FSP shimboot which is a black box that does most of the work. Its pointless, honestly you might as well just get an AMD (with iommu/amd-vi) laptop if you want to avoid ME (just make sure it does not have AMD PSP,

Re: [qubes-users] vPro and Qubes

2016-11-16 Thread taii...@gmx.com
Accidentally sent before I was finished, didn't include: https://www.crowdsupply.com/raptorcs/talos - open source hardware, thus making it more difficult for unaccountable hardware backdoors (ME = software supported by hardware VS a true hardware backdoor) There are ARM devices like the

Re: [qubes-users] vPro and Qubes

2016-11-16 Thread taii...@gmx.com
Intel ME (2006+ systems)/AMD PSP (for FM2/AM4), malicious firmware, exploits for the various devices on your system (the IOMMU is initialized too late on x86 to protect the host from DMA exploits in the pre-OS boot window) The sky truly is the limit. If you want *reasonably* secure computing

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

2016-11-16 Thread taii...@gmx.com
I have purchased systems that had just that but the proprietary bios still did not properly implement the iommu. This is considered a "pro" level technology and you are generally SOL if you buy a consumer level laptop (even some "enterprise" ones) - If you don't care about ME the best choice

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

2016-11-16 Thread taii...@gmx.com
If you really do belong to some massive enterprise I am sure your dell/hpe/whatever rep will be able to give you a yes/no answer on what laptops support IOMMU. There is no "uncertainty", if it supports linux plus IOMMU and SLAT or RVI (any recent cpu) it supports qubes. Ask your rep and get it

Re: [qubes-users] recommendation for a laptop to use windows in qubes?

2016-11-16 Thread taii...@gmx.com
The "certified" program is stupid in its current form I agree but what is stopping you from buying a dell business or hpe machine with iommu/TPM and using that? Nobody says you have to buy stuff from whatever company gives kickbacks. (purism "coreboot" with FSP is just a shimboot loader, FSP

Re: [qubes-users] Re: Intel TXT advice

2016-11-15 Thread taii...@gmx.com
So you know AFIAK OPOWER8+ systems have a emulation layer for x86 that works quite well, on the TALOS page you can see them playing a modern 3d game with it via pass thru video although obvious you wouldn't want to emulate a VMM. Xen isn't the be all-end all of virtualization, there are many

[qubes-users] Screen blanks instead of power off

2016-11-12 Thread taii...@gmx.com
I have tried all the options in the power control menu but my screen still doesn't turn off it just disconnects the output so the screen will say "NO VGA/DVI DETECTED" when power save mode turns on. Ideas? -- You received this message because you are subscribed to the Google Groups

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

2016-11-13 Thread taii...@gmx.com
Ideally you would want a blob free coreboot system with no Intel ME or AMD PSP type backdoors. https://www.coreboot.org/Binary_situation Intel is actively trying to nerf free software with Boot Guard/ME, if you buy a computer with those features it isn't really your computer. A backdoor in a

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

2016-11-13 Thread taii...@gmx.com
apparently value your privacy but you are using gmail - if you do not pay for a service YOU are the product. On 11/13/2016 03:39 PM, entr0py wrote: taii...@gmx.com: Ideally you would want a blob free coreboot system with no Intel ME or AMD PSP type backdoors. https://www.coreboot.org/Binary_situa

Re: [qubes-users] Cryptsetup Vulnerability affects QubesOS?

2016-11-19 Thread taii...@gmx.com
On 11/19/2016 02:31 PM, Marek Marczykowski-Górecki wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sat, Nov 19, 2016 at 07:20:56PM +, Fred wrote: On 2016-11-19 11:54, Andrew David Wong wrote: On 2016-11-16 13:31, Fred wrote: A good time to ask if Qubes encrypts /boot in it's

Re: [qubes-users] Re: installing nvidia

2016-11-21 Thread taii...@gmx.com
Just as a tip you aren't likely to gain performance over the latest versions of nouveau as everything on qubes is done via a VMM that doesn't support 2d acceleration (including multimedia), considering the security tradeoff (nvidia has no https and no hashes/sigs) it really isn't worth it.

Re: [qubes-users] Re: Intel TXT advice

2016-11-13 Thread taii...@gmx.com
Forgot to say: Purism is just an overpriced quanta/oem whitebox laptop, it takes 5mil+ of startup funds to do a small run of *just a motherboard* let alone an entire laptop computer including the fab for a fancy aluminum case - it is quite obvious that their components are not "hand selected"

Re: [qubes-users] Installing VPN in Qubes Versus VPN on a Router

2016-11-13 Thread taii...@gmx.com
On 11/13/2016 07:39 PM, entr0py wrote: taii...@gmx.com: VT-d is intels marketing term for IOMMU, you can buy an AMD system that has IOMMU (AMD-Vi) (but not FM2/AM4 as that has PSP). Qubes needs IOMMU not "VT-d" Thanks for reply. I understood this previously but I'm not familiar

Re: [qubes-users] Re: Intel TXT advice

2016-11-13 Thread taii...@gmx.com
I am assuming you were one of those people who bought a computer from those purism scammers. https://blogs.coreboot.org/blog/2015/02/23/the-truth-about-purism-why-librem-is-not-the-same-as-libre/ It is impossible to disable (ie, like it was never there, 100% gone) ME on any intel system post

[qubes-users] Qubes using Cloudflare - Why?

2016-12-17 Thread taii...@gmx.com
How come you guys use cloudflare? They have a dangerous monopoly on internet services and discriminate against people using VPN's and the like, by insisting that you enable javascript and perform a captcha even for simply viewing a website and by subverting them a hostile actor would

Re: [qubes-users] USB hardware firewall

2016-12-11 Thread taii...@gmx.com
On 12/10/2016 05:36 PM, Robert Fisk wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/10/2016 08:25 AM, Marek Marczykowski-Górecki wrote: On Sun, Sep 04, 2016 at 06:35:42PM +1200, Robert Fisk wrote: On 09/01/2016 06:55 PM, johnyju...@sigaint.org wrote: I was thinking earlier that

Re: [qubes-users] Qubes using Cloudflare - Why?

2017-01-11 Thread taii...@gmx.com
On 01/12/2017 12:33 AM, Andrew David Wong wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2017-01-11 12:34, Andrew David Wong wrote: On 01/11/17 11:04, taii...@gmx.com wrote: https://www.eff.org/deeplinks/2017/01/finally-revealed-cloudflare-has-been-fighting-nsls-years Three main

Re: [qubes-users] Setup for Graphic Design work / Failing to configure a PCI pasthrough on Archlinux

2017-01-11 Thread taii...@gmx.com
On 01/11/2017 09:06 PM, joseph.yeng...@gmail.com wrote: Hello. Firstly, thank you for taking the time to read this, I'll be brief. I'm a graphic designer, and a paranoid. With Qubes OS, I aspire to peform both of these roles at the same time, even if that requires some adaptation. I'm

Re: [qubes-users] Setup for Graphic Design work / Failing to configure a PCI pasthrough on Archlinux

2017-01-11 Thread taii...@gmx.com
Have you ran the HCL tools? does your chipset support IOMMU? (inspiron is a garbage consumer level device so probably not) Graphics device assignment is an experimental feature, it doesn't work all of the time and you can only (easily) assign a secondary graphics device that isn't in use. I

Re: [qubes-users] Re: HCL - Toshiba Satellite C55A

2017-01-10 Thread taii...@gmx.com
So everyone knows AMD's version of IOMMU is called AMD-Vi. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to

Re: [qubes-users] Re: Can NOT get Broadcom BCM43602 Wifi Card working , DELL XPS 15 9950- Qubes sys-net freezes/ crashes

2017-01-10 Thread taii...@gmx.com
On 01/10/2017 06:28 PM, solved1 wrote: I had the same problem the easiest thing is to replace the broadcom wifi card. its really simple to do that. order yourself an Intel Wifi card like me. costs around 45 USD it will work without doing anything once you replaced the broadcom card no need to

Re: [qubes-users] are skylake / kaby lake laptops just screwed?

2017-01-11 Thread taii...@gmx.com
On 01/11/2017 05:34 AM, pixel fairy wrote: https://www.scmagazine.com/debugging-mechanism-in-intel-cpus-allows-seizing-control-via-usb-port/article/630480/ in part of the talk he said to disable dci in the bios, but in q he seemed to say that doesnt help. i have a 7th gen and found no option

Re: [qubes-users] Qubes using Cloudflare - Why?

2017-01-11 Thread taii...@gmx.com
https://www.eff.org/deeplinks/2017/01/finally-revealed-cloudflare-has-been-fighting-nsls-years -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: [qubes-users] Re: KDE - Cube desktop query

2017-01-12 Thread taii...@gmx.com
On 01/12/2017 07:49 AM, Steve wrote: On Thursday, January 12, 2017 at 2:15:57 PM UTC+4, Steve wrote: I have installed Qubes 3.2 and changed the desktop manager to KDE , specifically to get the Cube desktop. I have gone into the KDE settings and enabled the cube effect however I can;t get it

Re: [qubes-users] Setup for Graphic Design work / Failing to configure a PCI pasthrough on Archlinux

2017-01-12 Thread taii...@gmx.com
On 01/12/2017 06:50 AM, joseph.yeng...@gmail.com wrote: Have you ran the HCL tools? No, where do can I find it? I comes installed with Qubes 3.2? I went through the system requirements and recommendations (https://www.qubes-os.org/doc/system-requirements/), they all check. ok open a terminal

Re: [qubes-users] Booting Xen directly from GRUB2 command line

2016-12-05 Thread taii...@gmx.com
Just as a heads up you can load a grub config file with "configfile (DRIVENAME,DRIVEPART)/blahblah/grub.cfg" Great for testing pre-baking it in. On 11/25/2016 07:37 PM, Duncan Guthrie wrote: Hej folks, I have installed Grub2 as my Coreboot payload, and now I want to boot Qubes from a USB

Re: [qubes-users] VT-d support in hcl report

2016-12-06 Thread taii...@gmx.com
On 11/26/2016 07:14 PM, te...@outoftheblue.pl wrote: On Thu, 24 Nov 2016 09:33:23 +0100 Zrubi wrote: Well, as you noted the qubes-hcl-report tool relays on xl info, and xl dmesg output. If both states tat IOMMU is enabled: virt_caps: hvm hvm_directio (XEN) I/O virtualisation

Re: [qubes-users] Re: Possible to get usable Win7 gui?

2017-01-01 Thread taii...@gmx.com
Windows post-XP needs at least 2d acceleration for a quality desktop environment experience especially at those high resolutions, you will need to assign a secondary graphics card or at least an emulated device which has better performance and more VRAM such as QXL/spice (but that a is

Re: [qubes-users] Computer Models Guaranteed to work with Qubes 4.0?

2017-01-04 Thread taii...@gmx.com
On 01/03/2017 04:01 PM, 'James Funkhauser' via qubes-users wrote: I would like to start saving up for a desktop that will run 4.0 out of the box. Price isn't really an issue; what's important is that I have a computer that meets all the standards necessary for running 4.0. I have looked at

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-19 Thread taii...@gmx.com
this a GPU only thing, or have there been cases of "bugs" on other forms of hardware as well, such as a CPU? Thank you, - Mike Mez On Mon, Dec 19, 2016 at 12:17 AM, taii...@gmx.com <taii...@gmx.com> wrote: As a tip if you desire to attempt gpu passthrough do not buy an NVID

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-20 Thread taii...@gmx.com
I would get the radeon definitely, AMD is more foss/linux friendly than NVIDIA as well. Things to get: a kgpe-d16, the best available g34 socket 16 core opteron 62xx CPU in your price range off ebay (such as 6284SE, 6282SE or 6276) and 32GB DDR3 ECC RDIMM RAM (I would go with 4, 8gb sticks

Re: [qubes-devel] Re: [qubes-users] Qubes using Cloudflare - Why?

2016-12-18 Thread taii...@gmx.com
On 12/17/2016 10:52 PM, Andrew David Wong wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-12-17 18:33, taii...@gmx.com wrote: How come you guys use cloudflare? The main reasons are: 1. A core tenet of the Qubes philosophy is "Distrust the infrastructure,&q

Re: [qubes-users] Re: BIOS Security Settings?

2016-12-18 Thread taii...@gmx.com
On 12/18/2016 03:29 PM, Nicklaus McClendon wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 12/18/2016 03:17 PM, taii...@gmx.com wrote: Some laptops such as dell latitudes/precisions have a "master recovery password" that is generated from the current serial number of the

Re: [qubes-users] Qubes refuses to boot

2016-12-18 Thread taii...@gmx.com
On 12/18/2016 07:32 PM, Chris Laprise wrote: On 12/18/2016 05:15 PM, iReallyWantQubesToWork wrote: I burned the Qubes ISO to a USB (using Rufus) and completed the installation without any problems, except that Qubes refuses to boot on the installed drive. I installed it onto my external HDD

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-18 Thread taii...@gmx.com
As a tip if you desire to attempt gpu passthrough do not buy an NVIDIA card as they like to introduce driver "bugs" that make it difficult to try and entice you to buy a quadro. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe

Re: [qubes-users] Qubes refuses to boot

2016-12-22 Thread taii...@gmx.com
On 12/23/2016 12:42 AM, QubesPls wrote: On Wednesday, December 21, 2016 at 10:54:03 PM UTC-5, raah...@gmail.com maybe a silly question but can you boot another os from usb drive? Yes, I can boot other linux distros like Debian and Mint perfectly fine from my USB. Qubes installed to my

Re: [qubes-users] New Lenovo laptops: X1 (4th Gen), T460/p, and T560

2016-12-26 Thread taii...@gmx.com
Lenovo is a shitty company if you care about security, they have stuck irremovable rootkits their BIOS 4 separate times and they are partially owned by the PRC government. Not to mention how they've ruined the thinkpad line and made it just another consumer level laptop. I wouldn't buy from

Re: [qubes-users] Qubes OS Live

2016-12-26 Thread taii...@gmx.com
On 12/26/2016 07:32 AM, niely.b0y...@gmail.com wrote: Hi This page [https://www.qubes-os.org/doc/live-usb/] says that Qubes OS Live is still in Beta-version. I'm wondering if this is than safe to use. Will I have the same security-benefits if I use the Live-version than when I use the

Re: [qubes-users] Re: Is Fedora Really A Good Choice For QubeOS?

2016-12-27 Thread taii...@gmx.com
On 12/26/2016 08:30 PM, Drew White wrote: On Thursday, 3 October 2013 08:52:22 UTC+10, Mailbe User wrote: I think the hardest problem here is people putting aside their distro war differences. Here I see Joanna mention this; 'it should have the latest Desktop Environment and Xorg drivers

Re: [qubes-users] If I uninstall/reinstall a templatevm, will that mess up the files/filesystem of the appvm?

2016-12-19 Thread taii...@gmx.com
On 12/19/2016 05:28 PM, 'digitaldijjn' via qubes-users wrote: Probably a dumb question but I figured I would clarify before I uninstall/reinstall to free space, since last I checked you can't really delete stuff out of template vms It will not, the files will stay as they are although the

Re: [qubes-users] Re: Razer Looking for Our Input about Linux on Razer Edge

2017-03-15 Thread taii...@gmx.com
On 03/15/2017 12:23 PM, Grzesiek Chodzicki wrote: W dniu wtorek, 14 marca 2017 23:24:37 UTC+1 użytkownik john.m...@gmail.com napisał: This is your chance to tell Razor that we don't want binary blobs or "Intel ME" and that they can sell a lot more if they become "Qubes-certified".

Re: [qubes-users] Re: Razer Looking for Our Input about Linux on Razer Edge

2017-03-15 Thread taii...@gmx.com
On 03/15/2017 01:14 PM, Grzesiek Chodzicki wrote: W dniu środa, 15 marca 2017 17:44:41 UTC+1 użytkownik tai...@gmx.com napisał: On 03/15/2017 12:23 PM, Grzesiek Chodzicki wrote: W dniu wtorek, 14 marca 2017 23:24:37 UTC+1 użytkownik john.m...@gmail.com napisał: This is your chance to tell

Re: [qubes-users] How much important is TPM?

2017-04-04 Thread taii...@gmx.com
On 04/04/2017 12:36 PM, Steve Coleman wrote: On 04/04/2017 10:29 AM, taii...@gmx.com wrote: Opal is proprietary garbage, Actually its an open standard, not controlled by any government or corporation. One link I provided was to the standard which gets down to the data structure byte

Re: [qubes-users] How much important is TPM?

2017-04-04 Thread taii...@gmx.com
On 04/04/2017 10:19 AM, cooloutac wrote: The hacking teams insyde bios exploit could only have been stopped with secure boot. Uhh no that isn't true, and again you're using microsoft's marketing name for something that is a generic technology (signing of kernel and important files)

Re: [qubes-users] How much important is TPM?

2017-04-04 Thread taii...@gmx.com
Opal is proprietary garbage, and proprietary crypto schemes are almost always terrible. (there is also no real way to check that it is actually working and still working). TXT is intel marketing, it isn't anything special just DRTM vs regular TPM SRTM that makes it so something can change

Re: [qubes-users] How much important is TPM?

2017-04-01 Thread taii...@gmx.com
On 03/31/2017 10:45 PM, cooloutac wrote: On Friday, March 31, 2017 at 4:20:09 PM UTC-4, Vít Šesták wrote: Thanks for your responses. p In this thread, I'd like to discuss how much can it help (i.e., how hard is it to bypass). On self-encrypting devices: I generally don't trust those

Re: [qubes-users] Breaking the Security Model of Subgraph OS

2017-04-11 Thread taii...@gmx.com
What exactly makes subgraph special and not just another apparmor/selinux MAC type clone? The firewall is a neat bit of progress however, but again that can also be accomplished with an apparmor MAC default profile however allow app to access site etc is only on an IP basis not a DNS basis

[qubes-users] Focus Stealing, how to stop it?

2017-04-20 Thread taii...@gmx.com
How do I stop focus stealing? I have accidentally entered ssh passwords in to other windows as they keep stealing focus for irrelevant things. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving

Re: [qubes-users] GSoc Student Applying

2017-03-08 Thread taii...@gmx.com
Hello and welcome. You would probably be better off emailing the community liaison. Andrew David Wong -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an

[qubes-users] SystemD sucks - qubes shouldn't use it

2017-03-08 Thread taii...@gmx.com
I realize that it is an integral part of fedora and debian (gross), but it is a serious security hole and qubes should consider migrating away from it by maybe choosing another orgin distro. http://without-systemd.org/wiki/index.php/Arguments_against_systemd

Re: [qubes-users] UEFI secureboot issue

2017-08-14 Thread taii...@gmx.com
Secure boot is a stupid Microsoft controlled project to eventually remove the ability for commercial PC's to run non windows operating systems. SB 1.0 specs mandate owner controlled (an option to shut it off), SB2.0 doesn't and PC's built to that spec such as the Windows 10 ARM PC's and MS's

[qubes-users] Re: [qubes-devel] Announcement: Toward a Reasonably Secure Laptop

2017-07-13 Thread taii...@gmx.com
I don't think purism should ever be considered an approved product. https://www.reddit.com/r/linux/comments/3anjgm/on_the_librem_laptop_purism_doesnt_believe_in/\ Disclaimer or not people will treat an endorsement from the developer team as vouching for the security/privacy of a device.

Re: [qubes-users] Re: Qubes 4 Fails to Boot With Coreboot

2017-07-13 Thread taii...@gmx.com
You would be better off posting this on the coreboot mailing list with serial console logs from both coreboot and the kernel (you will need a null modem cable) along with the coreboot .config file and build log, irregardless I use coreboot 4.6 and it works fine. We need more information to be

[qubes-users] "No Applications Found" on dom0 start menu

2017-07-08 Thread taii...@gmx.com
For some reason I am getting "No applications found" on dom0's start menu (ie: no "vm manager" and preferences shortcuts) Does anyone know how to fix it? Thanks -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and

Re: [qubes-users] Re: certified laptop delivery to Russia

2017-07-08 Thread taii...@gmx.com
On 06/26/2017 10:41 AM, cooloutac wrote: On Saturday, June 24, 2017 at 12:30:48 AM UTC-4,tai...@gmx.com wrote: Ah the smell of disinformation. On 06/23/2017 10:28 AM, cooloutac wrote: On Thursday, June 22, 2017 at 6:51:27 PM UTC-4,tai...@gmx.com wrote: On 06/21/2017 10:57 PM, cooloutac

Re: [qubes-users] Re: Working with a BTC hardware wallet on Qubes

2017-07-15 Thread taii...@gmx.com
On 07/15/2017 05:51 AM, Mr. DONG wrote: Thank you for the effort in replying to me, I really appreciate :) So the only viable option left in order for me to use my HW wallet in Qubes is to create a sys-usb from scratch, and create it as a AppVM instead of NetVM as the default? Wouldn't this

Re: [qubes-users] Re: Suggestions for video card

2017-07-21 Thread taii...@gmx.com
You really don't want an nvidia card, they have a terrible attitude about open source and intentionally make it hard for their cards to work with IOMMU-GFX (see the code 43 "bug") -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe

Re: [qubes-users] Re: Best Laptop For Qubes

2017-06-28 Thread taii...@gmx.com
On 06/27/2017 10:20 PM, cooloutac wrote: its common sense to me man. Server boards are designed for servers. I gave some tips on how to get something compatible which I think is priority. Another one is to research the board on linux forums and see if its used alot or not or if it has

Re: [qubes-users] Best Laptop For Qubes

2017-06-28 Thread taii...@gmx.com
On 06/27/2017 12:03 PM, Peter Thurner wrote: I'm running qubes on a Thinkpad T520 - the Laptop is way to big in my opinion. I build 16 GB RAM into it with a 500GB SSD and it runs qubes quite smoothly. What do you guys think about this Laptop? https://puri.sm/products/librem-13/ With the i7

Re: [qubes-users] Re: Best Laptop For Qubes

2017-06-30 Thread taii...@gmx.com
On 06/28/2017 09:57 PM, cooloutac wrote: On Wednesday, June 28, 2017 at 2:39:19 PM UTC-4, tai...@gmx.com wrote: On 06/27/2017 10:20 PM, cooloutac wrote: its common sense to me man. Server boards are designed for servers. I gave some tips on how to get something compatible which I think is

Re: [qubes-users] Best Desktop for Qubes

2017-07-02 Thread taii...@gmx.com
On 07/02/2017 01:28 PM, Zbigniew Łukasiak wrote: A companion to the Best Laptop for Qubes thread :) Most of the HCL is filled with laptops - very few desktops are there, especially on the high end. Currently I have a Dell Inspiron - works but 16GB RAM is max there (and it is a non-ECC so most

Re: [qubes-users] Best Desktop for Qubes

2017-07-03 Thread taii...@gmx.com
On 07/02/2017 09:18 PM, Chris Laprise wrote: On 07/02/2017 02:51 PM, taii...@gmx.com wrote: On 07/02/2017 01:28 PM, Zbigniew Łukasiak wrote: A companion to the Best Laptop for Qubes thread :) Most of the HCL is filled with laptops - very few desktops are there, especially on the high end

Re: [qubes-users] Best Desktop for Qubes

2017-07-03 Thread taii...@gmx.com
On 07/03/2017 04:44 AM, Chris Laprise wrote: On 07/03/2017 02:09 AM, taii...@gmx.com wrote: On 07/02/2017 09:18 PM, Chris Laprise wrote: It may have an IOMMU, but does Xen 4.6 work properly with it? Someone had reported that a different AMD desktop configuration appeared on the surface

Re: [qubes-users] Re: GPU passthrough: 2000 USD bounty

2017-04-25 Thread taii...@gmx.com
On 04/25/2017 11:29 AM, cooloutac wrote: You have a ps4 and you want to game on the pc? why? Pc gaming died a decade ago cause piraters, cheaters, and ddos. What? there are still many decent new games being released. I play BF4 and only encounter obvious cheaters once in a blue moon and

Re: [qubes-users] Special (Secure) Browser Frontend for Qubes?!

2017-08-08 Thread taii...@gmx.com
FYI: Having different VM's using the same template doesn't really matter as they all have the same browser fingerprint. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an

Re: [qubes-users] libre motherboards

2017-08-18 Thread taii...@gmx.com
On 08/16/2017 03:39 PM, Sven Semmler wrote: On Monday, August 14, 2017 at 8:50:20 PM UTC-4, tai...@gmx.com wrote: As always I offer free tech support for libre motherboards if you wish to buy one. For the next several months I am planing to use Qubes 3.2 with a DELL Latitude E6410 basically

Re: [qubes-users] Build a power efficent and silent desktopsystem for Qubes-OS

2017-08-18 Thread taii...@gmx.com
On 08/16/2017 06:30 AM, 'bored lord' via qubes-users wrote: Hello Guys, i sitting here next to a Desktop PC which is almost as loud as a freaking datacenter. Due to my old gaming habbits its not supposed to be silent, nor energyefficent. I am in love with qubes-os for my daily struggles and

Re: [qubes-users] Re: Laptop with discrete graphics card, any chance it'll work?

2017-05-14 Thread taii...@gmx.com
On 05/13/2017 01:07 PM, loke...@gmail.com wrote: I'm aware of this, which is why I said that I'm ok with installing Nvidias drivers. If I understand you correctly, you're suggesting that this is not an option? Assuming that Noveau will eventually support it, will it be possible to to

Re: [qubes-users] Unable to install Qubes OS 3.2 on Dell Latitude E4310

2017-05-13 Thread taii...@gmx.com
On 02/11/2017 07:58 AM, kevin.allem...@gmail.com wrote: Hi ! I have some problem to install Qubes OS with USB. When I boot on USB key with UEFI mode, Qubes OS install freeze after initrd.img. I have message like this : Xen 4.6.1 (c/s) EFI loader Using configuration file 'Xen.cfg' vmlinuz :

Re: [qubes-users] Re: certified laptop delivery to Russia

2017-06-19 Thread taii...@gmx.com
On 06/19/2017 03:32 AM, Reg Tiangha wrote: On 2017-06-19 12:56 AM, taii...@gmx.com wrote: I don't care how much cash they give to the devs purism is a scam plain and simple, don't buy from them. https://www.reddit.com/r/linux/comments/3anjgm/on_the_librem_laptop_purism_doesnt_believe_in

[qubes-users] Does "open in disposable VM" from modifying the original file?

2017-06-19 Thread taii...@gmx.com
Assuming you don't make any changes yourself, it would also be nice to have a "yes/no" popup so you can choose as to if you wish to have a truly disposable version. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group

Re: [qubes-users] MakeMKV on blu-ray drive?

2017-06-19 Thread taii...@gmx.com
On 02/09/2017 08:16 PM, JW wrote: I'm new to Qubes, so apologies for the basic questions :) Can I rip a blu-ray from an internal SATA drive by attaching it as a block device? Or would I need to put the reader on it's own SATA controller and attach that? Also, does it matter if the OS is a

Re: [qubes-users] Re: certified laptop delivery to Russia

2017-06-22 Thread taii...@gmx.com
On 06/21/2017 10:57 PM, cooloutac wrote: I agree they are super overpriced But i'm not sure we can have 100% libre hardware, at least not for desktops. I heard the guy Chris from thinkpenguin talk about on a radio show once, how there is really only a couple manufactures that dominate

Re: [qubes-users] Re: FYI: AMD Epyc (server CPUs) comes with low-level per-VM DRAM Encryption / isolation support

2017-06-22 Thread taii...@gmx.com
On 06/21/2017 12:47 PM, Foppe de Haan wrote: seems it's also available for Ryzen CPUs: https://www.phoronix.com/scan.php?page=news_item=AMD-Secure-Memory-Encryption (I haven't time at the moment to look whether it requires you to use the PSP/TPM or not.) It is a PSP feature and designed for

Re: [qubes-users] power9 and qubes os

2017-06-23 Thread taii...@gmx.com
On 06/23/2017 08:24 PM, 'Johnysecured88' via qubes-users wrote: Seriously, is power9 support at least a possibility for qubes os? It seems absurd that we should only focus on x86 given how locked down and backdoored it is. Sent with [ProtonMail](https://protonmail.com) Secure Email. If you

Re: [qubes-users] Re: Setting up regular bitcoin donation / buying support case?

2017-06-23 Thread taii...@gmx.com
I agree - setting up a team of non-developers that are linux support specialists for the business users of qubes would be a great way to drum up cash. This should be made to happen, maybe cc ADW? FYI There are an incredibly large amount of detailed bitcoin howto guides on the internet,

Re: [qubes-users] Re: certified laptop delivery to Russia

2017-06-23 Thread taii...@gmx.com
Ah the smell of disinformation. On 06/23/2017 10:28 AM, cooloutac wrote: On Thursday, June 22, 2017 at 6:51:27 PM UTC-4, tai...@gmx.com wrote: On 06/21/2017 10:57 PM, cooloutac wrote: I agree they are super overpriced But i'm not sure we can have 100% libre hardware, at least not for

Re: [qubes-users] power9 and qubes os

2017-06-24 Thread taii...@gmx.com
://protonmail.com) Secure Email. Original Message Subject: Re: [qubes-users] power9 and qubes os Local Time: June 23, 2017 11:10 PM UTC Time: June 24, 2017 4:10 AM From: taii...@gmx.com To: Johnysecured88 <johnysecure...@protonmail.com>, qubes-users@googlegroups.com <qu

Re: [qubes-users] Booting with dom0 exposed to usb controllers.

2017-06-26 Thread taii...@gmx.com
The issue is with foreign USB devices such as flash drives not your own keyboard although some keyboards feature re-programmable firmware (ex: crapple) which is pretty dangerous, it has never been done AFAIK but theoretically a virus could re install itself via this method to survive an OS

Re: [qubes-users] Re: Best Laptop For Qubes

2017-06-26 Thread taii...@gmx.com
On 06/26/2017 10:57 PM, cooloutac wrote: On Monday, June 26, 2017 at 10:43:26 PM UTC-4, tai...@gmx.com wrote: On 06/26/2017 10:30 PM, cooloutac wrote: On Monday, June 26, 2017 at 10:27:32 PM UTC-4, cooloutac wrote: On Monday, June 26, 2017 at 3:50:14 PM UTC-4, qubes...@gmail.com wrote: I

Re: [qubes-users] Booting with dom0 exposed to usb controllers.

2017-06-26 Thread taii...@gmx.com
On 06/26/2017 11:06 PM, cooloutac wrote: On Monday, June 26, 2017 at 10:54:50 PM UTC-4, tai...@gmx.com wrote: The issue is with foreign USB devices such as flash drives not your own keyboard although some keyboards feature re-programmable firmware (ex: crapple) which is pretty dangerous, it

Re: [qubes-users] Re: Best Laptop For Qubes

2017-06-26 Thread taii...@gmx.com
On 06/26/2017 11:41 PM, cooloutac wrote: On Monday, June 26, 2017 at 11:14:32 PM UTC-4, tai...@gmx.com wrote: On 06/26/2017 10:57 PM, cooloutac wrote: On Monday, June 26, 2017 at 10:43:26 PM UTC-4, tai...@gmx.com wrote: On 06/26/2017 10:30 PM, cooloutac wrote: An intel gpu on an opteron

  1   2   3   4   5   >