Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-20 Thread raahelps
On Thursday, October 20, 2016 at 8:38:38 PM UTC-4, Manuel Amador (Rudd-O) wrote:
> On 10/20/2016 05:12 PM, pleom...@gmail.com wrote:
> > @Jeremy Rand
> >
> > realy sorry about that,i didnt think that someone get some emails.
> 
> THOUSANDS of us get "some emails" from you.
> 
> > But this thing of system security is important.
> >
> 
> The fact that security — which you do not seem to understand how it
> works — is important, does NOT excuse you spamming the entire list with
> many, many poorly-researched allegations that each are one line.
> 
> This is not your personal chat room.
> 
> Next time, compose your ideas in a single e-mail, and then send them as
> a single e-mail.
> 
> PLONK!
> 
> -- 
> Rudd-O
> http://rudd-o.com/

oh come on this is a google.com forum what are you talking about haha. :) At 
least he admitted his mistakes so means he learned something. and for anybody 
else who has the same crazy ideas and reads the thread as well so working as 
planned. no big deal if not attacking users.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/779c3e3d-91be-4c35-9f71-244b026dea87%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-20 Thread Manuel Amador (Rudd-O)
On 10/20/2016 05:12 PM, pleom...@gmail.com wrote:
> @Jeremy Rand
>
> realy sorry about that,i didnt think that someone get some emails.

THOUSANDS of us get "some emails" from you.

> But this thing of system security is important.
>

The fact that security — which you do not seem to understand how it
works — is important, does NOT excuse you spamming the entire list with
many, many poorly-researched allegations that each are one line.

This is not your personal chat room.

Next time, compose your ideas in a single e-mail, and then send them as
a single e-mail.

PLONK!

-- 
Rudd-O
http://rudd-o.com/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/fcbe5432-fc25-9e4c-e1cd-d91d49832459%40rudd-o.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-20 Thread pleomati
@Jeremy Rand

realy sorry about that,i didnt think that someone get some emails.But this 
thing of system security is important.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/abc3d434-5324-46ff-bffa-def4dd1c72cd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-16 Thread raahelps
On Sunday, October 16, 2016 at 12:03:59 AM UTC-4, pleo...@gmail.com wrote:
> I dont know how to install it,im so stupid omg.Maybe like ProxyVM and route 
> trafic by pFsense? but its no option to choice only fedora debian.WTF im so 
> stupid.I dont know how to install it.

Its too complicated for me to try,  but have a look here maybe will point you 
in right direction  https://www.qubes-os.org/doc/building-non-fedora-template/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0353ff8c-c97d-4111-923d-619da24d7c6e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-16 Thread raahelps
On Saturday, October 15, 2016 at 11:38:07 PM UTC-4, pleo...@gmail.com wrote:
> unikernel u mean this?
> http://roscidus.com/blog/blog/2016/01/01/a-unikernel-firewall-for-qubesos/
> i have installed it and work good.

ya thats what i was talking about,  nice I'll have to try it out.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/942378b2-7593-4bee-a229-26ecc2076bea%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
Ok i probobly figure it out how to do this.Install pfsense as HVM configure and 
then in qubes managment change HVM to proxy VM.But i dont know how to do 
this... maybe create proxyVM as name pfsense then delete in directory via 
terminal and copy HVM on the same name so qubes will see it as a proxyVM.I dont 
know but it may work.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/098874ce-eec9-4524-80d8-5f0f239c8489%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
I dont know how to install it,im so stupid omg.Maybe like ProxyVM and route 
trafic by pFsense? but its no option to choice only fedora debian.WTF im so 
stupid.I dont know how to install it.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/69831d86-1f68-4a98-a6c8-850d55e80b07%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
But i prefer to build that kind of sys-firewall on something like pfsense bcs 
its real firewall.

Tell me how to build pFsense (or something familiar) firewall on Qubes and set 
to default.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/380b5454-b260-4a44-bb22-39fd1977bc71%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
maybe this mirage-kernel should be add to standard repo config in Qubes.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/fafff3ff-c789-479a-b5b7-32ab5772ac2d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
unikernel u mean this?
http://roscidus.com/blog/blog/2016/01/01/a-unikernel-firewall-for-qubesos/
i have installed it and work good.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b912cff3-7ca0-4504-97b1-1e3d4ef7cd41%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread raahelps
I would love to see an openbsd,  or some more hardened sys-firewall.  There 
have been some community efforts maybe you can create one.  we have minimal 
templates available now.  I read about a unikernel someone made for qubes that 
looked interesting.  Maybe you can create something.  Qubes team is not very 
large and this is still way more secure imo then a traditional linux or windows 
os man. 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d88f7035-7834-421e-9341-ccd85cc676e5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread raahelps
On Saturday, October 15, 2016 at 10:02:32 PM UTC-4, pleo...@gmail.com wrote:
> for an example it was much better for security if that no build on the same 
> but somethin like this
> 
> ubuntu (sys-net)-pfsense(sys-firewall)- appVM (debian or fedora)

again probably only making a real difference against a random or automatic 
qubes designed attack I guess?   You can still do what you want yourself man.  
You don't have to use the default setup.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/a2ebb8d7-eb4e-458a-bcb1-6070a674b590%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
for an example it was much better for security if that no build on the same but 
somethin like this

ubuntu (sys-net)-pfsense(sys-firewall)- appVM (debian or fedora)

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/281c5e58-160b-4ad7-8a05-697fe9bd7e1a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
look at qubes how is it build? 
vitrualisation of the same environment 

1-2-3 is separated but its still the same so somoene exploit 1 then exploit 2-3 
on recursive.

i mean by this vitrualisation same topology.

So what i mean is better way to multiple topology than avoid recursive exploits.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1aa5eed5-7fd7-4790-87da-c3ce11818f9d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread Andrew
pleom...@gmail.com:
> or the worst thing if hacker cant do this he can try to compromize 
> sys-firewall in the same way as sysnet bcs its the same topology.And after 
> compromizing sys-firewall then can do whatever he like.
> 

I'm not sure what you're trying to say here.  Anyway it should be
difficult to compromise sys-firewall, as the attack surface just isn't
that big.  But still possible, most likely.

Anyway after compromising sys-firewall, the attacker is still confined
to sys-firewall.  This just allows the attacker to observe and modify
network traffic, which is already a part of your threat model.  Right?

The attacker would need to break out to dom0 to "do whatever (s)he wants".

Andrew

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8858692c-819a-09ad-6cb3-aa881475d8c2%40riseup.net.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread raahelps
On Saturday, October 15, 2016 at 9:17:14 PM UTC-4, johny...@sigaint.org wrote:
> > Andrew:
> > This kind of security-first posture is what has made Qubes famous.
> 
> I agree that Qubes separation is probably the most secure basis for a
> reasonably usable PC-based platform today.  It's all I'll use.  (I worry
> about 4.0 not working on my hardware, tho.  And upgrading hardware brings
> its own security risks.)
> 
> That being said, there are a few things that stuck out like sore thumbs as
> being terribly insecure in the default install, which surprised me:
> 
> - (There are some outstanding tickets on this one): All the daemons
> started by systemd, some of which phone home (at the very least, leaking
> your IP address) to Microsoft (resolving SMB names, even when you don't
> use SMB) or RedHat (default network connectivity check for NetworkManger).
> 
> exim4, cupsd, ntpd (on by default in debian-8) don't need to be running,
> and can potentially leak information (and increase the attack surface). 
> pulseaudio and the speaker daemon can potentially leak information from a
> VM through audio channels, and aren't needed in most cases.
> 
> The default templates should be very much stripped of having any software
> run by default, or unexpectedly.  The package (such exim, cups) can be
> included in the template, sure, but not on by default.
> 
> - Fairly loose default iptables/firewall setup (particularly for outbound
> connections).  No inherent DNS leakage protection.  (whonix or a VPN can
> solve this.)  Fairly limited firewall configuration.
> 
> - No apparmor by default.  When I tried to install it in a VM, I got
> errors about a missing kernel module, and haven't explored it further.
> 
> Yes, VM separation keeps rogue processes at bay, but it'd still be nice if
> a compromised Firefox just didn't have the option of going through
> ~/Documents and uploading the contents to some .ru site.  :)
> 
> Apparmor and its profiles would add this extra layer of protection.  Wow,
> being able to run *two* or more apps in a VM without worry of them spying
> on each other's data or connect to the net in ways they shouldn't!  :)
> 
> Keeping every useful work file on separate or non-networked machines to
> avoid rogue applications is too much of a PITA for most people.  Or at
> least for me.
> 
> - Unencrypted /boot partition.  This one is a huge hole and could be
> fixed.  I've converted my /boot to luks filesystem successfully, grub
> supports it.  Adding a Grub password doesn't hurt, either.   (As well as a
> BIOS password, but I'm digressing.)
> 
> - Some of the things trumpeted in the earlier design documents and press
> coverage just aren't there.  Sound cards, video cards, storage devices,
> USB, all (by default) live in dom0, not safely tucked in VMs.
> 
> (Not sure why my network card's Linux module seems to load in dom0 as well
> as sys-net, but I'm assuming that's not an issue, and the network card is
> fully in sys-net.)
> 
> Individual VM's disks aren't encrypted with their own luks filesystem and
> keys, which is mentioned in a few articles or papers I read.  Not sure how
> important this one is, but where it is listed as a feature in some
> reviews, I thought I'd mention it for clarity.  It might be useful if
> someone compromised root, that they wouldn't necessarily have access to
> the data on your VM's.  But that's a lot more password juggling and
> layered encryption with associated CPU cost, so I dunno.  (Qubes VM
> Manager would end up being a bit of a password vault in itself, ugh.)
> 
> I'm only pointing these out in a constructive way, I still love the
> system, and just want to suggest ways to make it even better for those who
> don't spend the time or have the knowledge to tweak up these security
> risks.
> 
> Cheers.
> 
> JJ

Microsoft phoning home? what?

debian is not default for qubes vms.  Its a community package,   But you can 
customize it how ever you want just like a bare metal debian.

whonix has instructions for how to install apparmor,  which will also apply to 
a debian template. https://www.whonix.org/wiki/Qubes/Install I use it for 
chromium and hexchat.

VM separation means you don't go to a website that will upload your documents 
to a .ru site, in a vm that has documents you don't want there.  Thats the 
whole point I think maybe your missing, and understandably what turns alot of 
people off.   

You have to be able to strictly use different vms for diff tasks.  Which also 
means you want alot of memory and hdd space.  Its perceived overwhelming to 
those not used to it.  but no different then having lots of file folders on a 
machine imo.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 

Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread Manuel Amador (Rudd-O)
On 10/16/2016 12:16 AM, pleom...@gmail.com wrote:
> look guys if someone compromize sys-net then go route trafic by fake dns and 
> sites.You paste your credit card or something and all data goes to the hacker.

If someone compromises the network card of your AppArmor-enabled Ubuntu
instance, the same thing happens.  Except in that case the malware can
access way more than just DNS spoofing.

Advantage: Qubes OS.


-- 
Rudd-O
http://rudd-o.com/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d06829fc-0a08-d543-2598-352ebc4c05b8%40rudd-o.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread johnyjukya
> Andrew:
> This kind of security-first posture is what has made Qubes famous.

I agree that Qubes separation is probably the most secure basis for a
reasonably usable PC-based platform today.  It's all I'll use.  (I worry
about 4.0 not working on my hardware, tho.  And upgrading hardware brings
its own security risks.)

That being said, there are a few things that stuck out like sore thumbs as
being terribly insecure in the default install, which surprised me:

- (There are some outstanding tickets on this one): All the daemons
started by systemd, some of which phone home (at the very least, leaking
your IP address) to Microsoft (resolving SMB names, even when you don't
use SMB) or RedHat (default network connectivity check for NetworkManger).

exim4, cupsd, ntpd (on by default in debian-8) don't need to be running,
and can potentially leak information (and increase the attack surface). 
pulseaudio and the speaker daemon can potentially leak information from a
VM through audio channels, and aren't needed in most cases.

The default templates should be very much stripped of having any software
run by default, or unexpectedly.  The package (such exim, cups) can be
included in the template, sure, but not on by default.

- Fairly loose default iptables/firewall setup (particularly for outbound
connections).  No inherent DNS leakage protection.  (whonix or a VPN can
solve this.)  Fairly limited firewall configuration.

- No apparmor by default.  When I tried to install it in a VM, I got
errors about a missing kernel module, and haven't explored it further.

Yes, VM separation keeps rogue processes at bay, but it'd still be nice if
a compromised Firefox just didn't have the option of going through
~/Documents and uploading the contents to some .ru site.  :)

Apparmor and its profiles would add this extra layer of protection.  Wow,
being able to run *two* or more apps in a VM without worry of them spying
on each other's data or connect to the net in ways they shouldn't!  :)

Keeping every useful work file on separate or non-networked machines to
avoid rogue applications is too much of a PITA for most people.  Or at
least for me.

- Unencrypted /boot partition.  This one is a huge hole and could be
fixed.  I've converted my /boot to luks filesystem successfully, grub
supports it.  Adding a Grub password doesn't hurt, either.   (As well as a
BIOS password, but I'm digressing.)

- Some of the things trumpeted in the earlier design documents and press
coverage just aren't there.  Sound cards, video cards, storage devices,
USB, all (by default) live in dom0, not safely tucked in VMs.

(Not sure why my network card's Linux module seems to load in dom0 as well
as sys-net, but I'm assuming that's not an issue, and the network card is
fully in sys-net.)

Individual VM's disks aren't encrypted with their own luks filesystem and
keys, which is mentioned in a few articles or papers I read.  Not sure how
important this one is, but where it is listed as a feature in some
reviews, I thought I'd mention it for clarity.  It might be useful if
someone compromised root, that they wouldn't necessarily have access to
the data on your VM's.  But that's a lot more password juggling and
layered encryption with associated CPU cost, so I dunno.  (Qubes VM
Manager would end up being a bit of a password vault in itself, ugh.)

I'm only pointing these out in a constructive way, I still love the
system, and just want to suggest ways to make it even better for those who
don't spend the time or have the knowledge to tweak up these security
risks.

Cheers.

JJ

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/658ef4d3ad89a3b9db896d1ff6fa27a0.webmail%40localhost.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
or the worst thing if hacker cant do this he can try to compromize sys-firewall 
in the same way as sysnet bcs its the same topology.And after compromizing 
sys-firewall then can do whatever he like.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6ef5b283-78d2-4c2e-a4cc-c9f2f2a1171e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
look guys if someone compromize sys-net then go route trafic by fake dns and 
sites.You paste your credit card or something and all data goes to the hacker.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e10e42a9-17a2-4d6a-b2ff-7733f8fc4708%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread Andrew
pleom...@gmail.com:
> But look every vms in qubes base on the same,so if someone compromize sys-net 
> VM then it should not be so hard to compromize other VMs.
> 

It would compromise sys-net.  Any writes to the template-based volume
(with /bin, /usr, /var, etc.) are discarded upon VM reboot.  They are
not written to the base template--only the template itself can do that.

It's possible malware could persist in sys-net, though, by compromising
its /rw partition, which *does* persist across reboots (but is only used
by that specific VM).  But even then: it only compromizes sys-net.

Andrew

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/cef64a3a-176c-0081-2b0e-fb67f7e30837%40riseup.net.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread Andrew
Andrew:
> pleom...@gmail.com:
>> If there is no user acces control like a real root real user then its no 
>> sense to use it.
>>
> 
> I think you've missed something pretty fundamental.
> 
> Throw out everything you know about the Linux kernel and how it enforces
> security (including MAC).  Qubes takes the position that the Linux
> kernel code base is simply too large and complex to meaningfully trust,
> and that any security policies must be enforced by a smaller, more
> trustable hypervisor.
> 
> The security problem is then less about user accounts, process
> separation, etc. and more about ensuring guest VMs only modify their own
> state, and interact with other VMs only through simple, easier-to-audit
> and easier-to-securely-implement channels.
> 
> IMO all the Qubes magic is about these over-the-top channels.  You can
> use bare Xen (or ESXi, or HyperV or whatever) to get similar VM
> isolation, but it will be cumbersome to orchestrate typical user actions
> (inter-VM file copying, PDF conversion, networking/firewalling,
> trustable DWM, ...).  Qubes makes it easy.
> 
> Andrew
> 
> PS: Let me give an example.  Suppose your typical Linux desktop has a
> 'user1' account and a 'tor' account.  Suppose the latter is used for
> running a Tor relay.  Normally you would expect the Linux kernel to
> enforce access control, to ensure any code running with the 'tor' uid
> will not be able to access 'user1''s files.  In Qubes, you just install
> Tor into a separate VM from the VM you use for the 'user1' persona.
> Thus the barrier for Tor to access 'user1''s data is the hypervisor, not
> the Linux kernel.
> 

Sorry for adding to the spam, but I feel obliged to add two important
points:

1) It's not just the kernel.  Practical user security depends on a lot
of userland system components, too.  That's why it really is appropriate
for Qubes to abstract security domains as independent VMs.

2) While I wrote 'similar VM isolation', I still believe Qubes is the
most secure practical virtualization platform.  For example, the VENOM
(CVE-2015-3456) vulnerability affected nearly every other Xen
vendor--but not Qubes.  To quote Marek:

"[The solution] is already there - there is no other option in Qubes.
We've never considered running such a bloatware as qemu directly in dom0
;) "

This kind of security-first posture is what has made Qubes famous.
Trust it or not, but I hope the architecture now makes sense!

Andrew

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/70244db2-44a2-e5f7-c09c-1c320307fdac%40riseup.net.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread Andrew
pleom...@gmail.com:
> If there is no user acces control like a real root real user then its no 
> sense to use it.
> 

I think you've missed something pretty fundamental.

Throw out everything you know about the Linux kernel and how it enforces
security (including MAC).  Qubes takes the position that the Linux
kernel code base is simply too large and complex to meaningfully trust,
and that any security policies must be enforced by a smaller, more
trustable hypervisor.

The security problem is then less about user accounts, process
separation, etc. and more about ensuring guest VMs only modify their own
state, and interact with other VMs only through simple, easier-to-audit
and easier-to-securely-implement channels.

IMO all the Qubes magic is about these over-the-top channels.  You can
use bare Xen (or ESXi, or HyperV or whatever) to get similar VM
isolation, but it will be cumbersome to orchestrate typical user actions
(inter-VM file copying, PDF conversion, networking/firewalling,
trustable DWM, ...).  Qubes makes it easy.

Andrew

PS: Let me give an example.  Suppose your typical Linux desktop has a
'user1' account and a 'tor' account.  Suppose the latter is used for
running a Tor relay.  Normally you would expect the Linux kernel to
enforce access control, to ensure any code running with the 'tor' uid
will not be able to access 'user1''s files.  In Qubes, you just install
Tor into a separate VM from the VM you use for the 'user1' persona.
Thus the barrier for Tor to access 'user1''s data is the hypervisor, not
the Linux kernel.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1af259c8-f9ea-a631-3204-836d435f344f%40riseup.net.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
If there is no user acces control like a real root real user then its no sense 
to use it.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d6c6a3e7-4119-4f76-94db-75e5e825aa11%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
the idea of apparmor is to resist to app to resources they need to run and 
nothing more.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9aecf737-f844-4688-8a70-bb7061780636%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread raahelps
On Saturday, October 15, 2016 at 7:09:00 PM UTC-4, raah...@gmail.com wrote:
> On Saturday, October 15, 2016 at 7:08:24 PM UTC-4, raah...@gmail.com wrote:
> > On Saturday, October 15, 2016 at 5:48:16 PM UTC-4, pleo...@gmail.com wrote:
> > > @ raa...@gmail.com
> > > 
> > > dont know if this have any sense bcs everything in qubes in default 
> > > configuration is user accesible.Firstly to use this it should be 
> > > configured  user acces control wich qubes dont provide in default 
> > > configuration.
> > 
> > I think you can make a root user during install i could be wrong.  But it 
> > wouldn't make much of a difference anyways man.
> 
> but also apparmor works on root too.

ya but again, its more about what user wants to do on his computer that makes 
them vulnerable,  and I'm sure there is 0 days out there for everyone, so big 
money gov'ts pwn us all,  i mean if they that bored but at least we can stop 
the robots hopefully.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/2aec57dd-1258-4866-add4-52946244ea9f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread raahelps
On Saturday, October 15, 2016 at 7:08:24 PM UTC-4, raah...@gmail.com wrote:
> On Saturday, October 15, 2016 at 5:48:16 PM UTC-4, pleo...@gmail.com wrote:
> > @ raa...@gmail.com
> > 
> > dont know if this have any sense bcs everything in qubes in default 
> > configuration is user accesible.Firstly to use this it should be configured 
> >  user acces control wich qubes dont provide in default configuration.
> 
> I think you can make a root user during install i could be wrong.  But it 
> wouldn't make much of a difference anyways man.

but also apparmor works on root too.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d0109409-e6dd-46c3-b28a-df03d1d06f24%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread raahelps
On Saturday, October 15, 2016 at 5:48:16 PM UTC-4, pleo...@gmail.com wrote:
> @ raa...@gmail.com
> 
> dont know if this have any sense bcs everything in qubes in default 
> configuration is user accesible.Firstly to use this it should be configured  
> user acces control wich qubes dont provide in default configuration.

I think you can make a root user during install i could be wrong.  But it 
wouldn't make much of a difference anyways man.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3faa6ce9-8967-4dec-87d1-7672e50f1257%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread Manuel Amador (Rudd-O)
On 10/15/2016 01:04 PM, pleom...@gmail.com wrote:
> you never break armored ubuntu,this is fact... dont try be einstein to know 
> some way to do this.No way.
>

This e-mail in particular has caused me to burst into uncontrollable
laughter.


-- 
Rudd-O
http://rudd-o.com/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/2e526571-45c3-08fb-867a-f8fd5c42ac6e%40rudd-o.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread raahelps
On Saturday, October 15, 2016 at 7:35:47 AM UTC-4, pleo...@gmail.com wrote:
> i realy think that is more safer Ubuntu apparmored than this qubes OS.

u can use apparmor with debian in qubes.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ac8eb69f-572d-4ec3-af74-495fd99610dd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
you never break armored ubuntu,this is fact... dont try be einstein to know 
some way to do this.No way.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/cdb1dc56-30fe-4723-ba50-4e9c21d4c577%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread pleomati
in AppVM is the same topology sys  so its posible chain logic atack.1 break 
exploit get down and other vms have the same system so its like domino.Multiple 
topology can solve this.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/10e0ec4b-399d-403f-a71a-7cd9aa3f4901%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-15 Thread raahelps
On Saturday, October 15, 2016 at 12:14:44 AM UTC-4, pleo...@gmail.com wrote:
> philosofy of qubes is that you are safe when your app is isolatet.This is 
> wrong just keep app in sandboxes or jails  and what wrong can be happen?

I think its more like you can never be 100% safe lol.  sanboxes are jails is a 
form of isolation no?  Qubes just takes it to the extreme level.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/442c-3572-49e5-b7b0-698be3eed8dd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-14 Thread pleomati
And if there is some kind of exploaitaion so the secure system should not been 
build on the same topology as its qubes bcs of chain exploits.So this system 
under security measures dont have any value ... bcs its build on the same linux 
topology ... someone brake 1 pcs brake on chain logic whole environment.

better way for secure environment is mix topology than duplicate or clone them.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/a2b46023-ee37-4792-aa19-8721ae1c84f5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


[qubes-users] Re: philosofy on qubes and other environment

2016-10-14 Thread pleomati
yep i know  someone exploit ur app and take control on ur environment.. but ... 
if app is in sandbox then he cant take any control on system bcs its a jail or 
sanbox.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/a6a31f82-4e04-449d-a82a-55a7dff5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.