Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Sun, Feb 4, 2018 at 4:14 PM, 'Tom Zander' via qubes-users < qubes-users@googlegroups.com> wrote: > On Sunday, 4 February 2018 18:10:44 CET Yuraeitha wrote: > > Also it's been explicitly said that no Qubes 4 existing features will be > > added to the new-old Qube Manager. Which might also hint towards no > > changes coming to Qube Manager. If anything, it has to be re-made almost > > entirely to work well with Qubes 4+, and currently no one is doing that. > > The Qubes Manager is written to Qt4, which is equally outdated as the > backends of Qubes it used (3.x). > > I started a project using Qubes4-api and Qt5 APIs, though. See Ps at the > bottom of the mail. > > [start rant] > > The biggest issue i ran into is that Qubes4 is just too immature to > actually > use for more than browsing and email. It was too painful for my desktop > full-time work machine. > I tried for 2 months, my significant other stated that I had been > extraordinary patient with Qubes when I finally stopped using it ;) > > My problems are widespread; > * the admin-api is very immature and poorly implemented. Getting a stack- > trace in the server logs and no answer is just unacceptable. Unit tests, > anyone? > * system-tray is hopelessly broken. Losing apps because they don't show in > the system-tray up when you close them was fun! > * The design of qubes-daemon is too fragile, it starts/stops VMs and > patiently waits and hopes everything will work. I expected a much more > 'hands-on' approach (at least for Linux kernels) with much more reporting. > I > also lost data because apps aren't being quit, they are being killed on VM > shutdown. > * Why do I see 'lock'-icons for most of my windows in the task-bar? > * the documentation is very out-of-date. > * I don't know how, it may be fedora packaging, it may be qubes packaging > or > configs, but the amount of KDE (apps running in dom0) crashes I had in the > 2 > months of using Qubes is greater than the amount i had in the previous 5 > years. This boggles the mind... > * The graphics pipeline is hopelessly outdated. Its about a decade behind > the industry. > * Poor quality of many tools, the icon-copier copying the 22px icon from a > VM instead of the 256 one that was also there is just... sad. > * The amount of services, bash-scripts, config files, duplicated data in > qubes and then again in the system is horrible, under documented mess. > * rexecd validation being implemented using bash is a joke (mostly felt > because its extremely slow) > * total lack of mature end-user-focused tools. Swear to God. There are zero > today. > * Having nothing but python APIs for your operating system is something > that > makes no sense. Python was never meant for servers, or even big > applications. Finding a full-stack python developer is more rare than > finding a Bitcoin C++ developer. > > end-rant. > > Qubes is an amazing idea, has some fantastic and genius concepts in it. > I hope many of those things will get fixed, although the list has grown so > long that I'm not sure it can without being forked. > > @Tom I am here from the first release of Qubes and every new major release it was the same: a major remake breaking almost everything that was working fine. The miracle was that over time devs were able to fix it again. How much time? About one year. So I am still using 3.2 with no plan to upgrade anytime soon. So I understand that if you are using R4 as your daily operative machine it may be too much. Also in your case the situation is even worse because you are dealing with the GUI which will be the last to be fixed. But it will be fixed faster than you think as always happened in the past. Also I have a strong feeling that this will be the last major remake, so there will be plenty of time to polish it. Are you in a hurry? Take your time, open your heart to the community as you have done now. Ask what you need and be faithful, it will be done. You cannot impose your rhythm to a project like Qubes because resources are really very limited, this is why you finished your patience. But just adapt to Qubes own rhythm and you'll enjoy this wonderful community and this awesome project. Your GUI needs will be a strong stimulus to pay more attention to the needs of ends users. Often developers see only their needs. Well it is natural specially in an open source project. But end users are the only ones able to confirm the real success of a project over time. But try also to understand if there are conditions for your Qubes Manager to be incorporated as an official tool. You wrote you accepted my offer to cover some efforts of a rewritten Qubes Manager with $5000. Do not leave me with this money, rather help us promote the idea that end users should pay for what is directly done for them like GUI. Best Fran -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Tuesday, 6 February 2018 23:22:26 UTC, awokd wrote: > On Tue, February 6, 2018 11:09 pm, Alex Dubois wrote: > > > I do not address the main part because I believe there is a bug with > > /rw/config/qubes-firewall-user-script not triggering on network change > > that I want to report and get an understanding on how it will be > > addressed. > > This one? https://github.com/QubesOS/qubes-issues/issues/3260 Yes thanks found it and commented on my needs in this type of context. for example, I spin up a web server, I need the FirewallVM to get a hook to update it's firewall rules accordingly. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f1526012-cfa2-44bd-9165-7bdfffdd464f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Tue, February 6, 2018 11:09 pm, Alex Dubois wrote: > I do not address the main part because I believe there is a bug with > /rw/config/qubes-firewall-user-script not triggering on network change > that I want to report and get an understanding on how it will be > addressed. This one? https://github.com/QubesOS/qubes-issues/issues/3260 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/243e6bcc7071c0525b75d8421aee99a7.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Tuesday, 6 February 2018 15:04:52 UTC, Alex Dubois wrote: > On Tuesday, 6 February 2018 10:32:16 UTC, awokd wrote: > > On Mon, February 5, 2018 6:18 pm, 'awokd' via qubes-users wrote: > > > On Mon, February 5, 2018 6:01 pm, 'Tom Zander' via qubes-users wrote: > > > > >> If someone can figure out how to port-forward in 4.0, please do update > > >> the docs. I never managed to get that working. > > > > I see what you mean. If I follow > > https://www.qubes-os.org/doc/firewall/#port-forwarding-to-a-qube-from-the-outside-world > > on R4.0, I'm not getting past the first step of: > > > > Verify you are cutting through the sys-net VM firewall by looking at its > > counters (column 2) > > > > iptables -t nat -L -v -n [counters increasing] > > > > iptables -L -v -n [not] > > > > I wonder if it's an nft vs. iptables thing? Interestingly, this procedure > > works fine: > > https://www.qubes-os.org/doc/firewall/#enabling-networking-between-two-qubes > > . > > I did this doc long long ago. 4.0 has a new networking model. I've just > upodated to v4, I'll review it... sorry... OK, networking is working in R4rc4, I have it working fine with a dozen of VM + my intranet traffic at home routing through QubesOS. I've started to update the doc here: https://github.com/adubois/qubes-doc/blob/master/security/firewall.md I am about to do a pull request for this first update. I do not address the main part because I believe there is a bug with /rw/config/qubes-firewall-user-script not triggering on network change that I want to report and get an understanding on how it will be addressed. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4fd5212e-bf60-4216-b84c-2cf0d00f844c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Tuesday, 6 February 2018 10:32:16 UTC, awokd wrote: > On Mon, February 5, 2018 6:18 pm, 'awokd' via qubes-users wrote: > > On Mon, February 5, 2018 6:01 pm, 'Tom Zander' via qubes-users wrote: > > >> If someone can figure out how to port-forward in 4.0, please do update > >> the docs. I never managed to get that working. > > I see what you mean. If I follow > https://www.qubes-os.org/doc/firewall/#port-forwarding-to-a-qube-from-the-outside-world > on R4.0, I'm not getting past the first step of: > > Verify you are cutting through the sys-net VM firewall by looking at its > counters (column 2) > > iptables -t nat -L -v -n [counters increasing] > > iptables -L -v -n [not] > > I wonder if it's an nft vs. iptables thing? Interestingly, this procedure > works fine: > https://www.qubes-os.org/doc/firewall/#enabling-networking-between-two-qubes > . I did this doc long long ago. 4.0 has a new networking model. I've just upodated to v4, I'll review it... sorry... -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/83343bc4-e65f-42e8-be2b-426bd8f54ace%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Monday, 5 February 2018 00:26:36 UTC, Tom Zander wrote: > On Monday, 5 February 2018 00:55:34 CET Unman wrote: > > On Sun, Feb 04, 2018 at 08:14:57PM +0100, 'Tom Zander' via qubes-users > wrote: > > > * Having nothing but python APIs for your operating system is something > > > that makes no sense. Python was never meant for servers, or even big > > > applications. Finding a full-stack python developer is more rare than > > > finding a Bitcoin C++ developer. > > > > I'm not sure how much of this is just trolling. > > It is not trolling. > > > You obviously dont mean uses like Google, DropBox, YouTube, Reddit etc. > > Perhaps you dont know about Eve Online? Mercurial? Blender? > > Absolutely none of these use python for anywhere near the same percentage of > components as Qubes does. Having developed a Yubikey component for Qubes, I prefer to use Python when possible for transparency. The C bit I've done are opaque to the user (unless he compiled his install of Qubes, and reviewed the code). Not saying it is the default choice but pointing that Python has this benefit. > Google is a good example, for instance they shipped proto-buffers. Which > have bindings in a long list of languages (20 or so). True that API use should be easy at least with Python and C. But C should only be used for core protocols. > > Check wikipedia for those examples, reality is much more sobering that you > think. > > > There are exceptional developers working in many companies -Google, > > NASA, Astra Zeneca, to name a few, all using python. The fact that > > you arent comfortable with it is fine, but not a reason to reject it. > > Thats moving the goalpost. Naturally there are many experienced python > developers. > > Let me re-state the point for your benefit; > > Having nothing but python bindings and having practically all your > components written in python is without a doubt very realistically limiting > the amount of people you can get hacking on Qubes. Add on top of that the > content matter, which is highly complex and in many cases includes > networking or cross-VM communication or hard-core linux components and you > limit the amount of people even more, to the extend I mentioned above. > > -- > Tom Zander > Blog: https://zander.github.io > Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8ae3abf0-1e0a-42ac-9891-babd9d3042b3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Tuesday, 6 February 2018 11:32:07 CET 'awokd' via qubes-users wrote: > I'm not getting past the first step of: > > Verify you are cutting through the sys-net VM firewall by looking at its > counters (column 2) Yes, that sounds familiar. The problem isn't limited to sys-net either, using netcat to listen on any port on any (fedora based) appvm I could not get anything to connect to those ports. So, for instance, starting netcat on sys-firewall I could not connect to it from sys-net. Similarly, listening on a random VM and connecting to it from sys-firewall failed too. And I tried a lot of ways to convince the iptables to accept it... I mostly used archlinux templates for appvms, which do not have the qubes networking packages and thus the iptables list is empty. [1] Listening there and connecting from it worked fine. Hope that helps. 1) Personally I would say that simpler is better, or least surprises is better. The current design where any appvm gets those complex firewall rules is a bug. Only VMs that expose their network (providing) should run it. -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2307203.OnATnpnmTp%40strawberry. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Mon, February 5, 2018 6:18 pm, 'awokd' via qubes-users wrote: > On Mon, February 5, 2018 6:01 pm, 'Tom Zander' via qubes-users wrote: >> If someone can figure out how to port-forward in 4.0, please do update >> the docs. I never managed to get that working. I see what you mean. If I follow https://www.qubes-os.org/doc/firewall/#port-forwarding-to-a-qube-from-the-outside-world on R4.0, I'm not getting past the first step of: Verify you are cutting through the sys-net VM firewall by looking at its counters (column 2) iptables -t nat -L -v -n [counters increasing] iptables -L -v -n [not] I wonder if it's an nft vs. iptables thing? Interestingly, this procedure works fine: https://www.qubes-os.org/doc/firewall/#enabling-networking-between-two-qubes . -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4532ba5292b7dff28452fe49ae0d30ad.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Mon, February 5, 2018 6:01 pm, 'Tom Zander' via qubes-users wrote: > On Monday, 5 February 2018 04:34:35 CET Tim W wrote: > >> People complain about doc being outdated..then fix them. >> > > If someone can figure out how to port-forward in 4.0, please do update > the docs. I never managed to get that working. > > The firewall page can also be a bit more detailed as-is, it assumes > people already know the actual setup of the qubes firewall ruleset. I > don't, thats why I went to that page. Thank you, noted. I have an in progress PR on that exact doc; I'll try to figure it out but tips/pointers are always welcomed! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/693a86627dddc70369635553b06f3150.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Mon, February 5, 2018 5:57 pm, 'Tom Zander' via qubes-users wrote: > On Monday, 5 February 2018 08:00:35 CET 'awokd' via qubes-users wrote: > > Release candidates are, like the word describes, not made unless the > developers are thinking that its ready to release but needs more > real-world testing to make sure. That's fine, but it doesn't negate my main point of if your main goal is stability, you should be running R3.2. That's what it's there for. If you want to help out the project and don't mind a few rough edges, by all means try out R4.0 and contribute bug reports and/or code fixes if possible. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/012dc00cbcdbc1ee86182622317ae4bb.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Monday, 5 February 2018 04:34:35 CET Tim W wrote: > People complain about doc being outdated..then fix them. If someone can figure out how to port-forward in 4.0, please do update the docs. I never managed to get that working. The firewall page can also be a bit more detailed as-is, it assumes people already know the actual setup of the qubes firewall ruleset. I don't, thats why I went to that page. > Tom has built a Qubes Controller (manager) based on the 4.0 code and went > so far as to add in library package so other coding can be used to build. > He has been super open to adding functions based on comments. If > another person or two could help him with coding now that its not needed > to just be python it could become the defacto Qubes GUI to manage the > qubes system. That would take it off the plate of the core system devs. > i plan to use his controller and if the QM does not work well I will stay > with his controller. Thanks for the kind words, I too would like to see it become the default. -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2100635.UGIMOZXGtA%40strawberry. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Monday, 5 February 2018 08:00:35 CET 'awokd' via qubes-users wrote: > Why are you complaining about bugs when running a ".0rc" version? They're > to be expected; if not the point of release candidates. Actually... https://en.wikipedia.org/wiki/Software_release_life_cycle#Release_candidate Release candidates are, like the word describes, not made unless the developers are thinking that its ready to release but needs more real-world testing to make sure. -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1850398.zmgnZS8haS%40strawberry. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Sunday, 4 February 2018 21:00:55 CET 'awokd' via qubes-users wrote: > Working on it (where other contributors haven't already)! Am about halfway > through now. Sweet! -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/12985717.lppHrPCCKh%40strawberry. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Monday, 5 February 2018 02:33:02 CET Unman wrote: > You are, of > course, free to rewrite Qubes and its components in a language you're > comfortable with. Don't be so dramatic, I m not suggesting any such thing. -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2625249.9gTKQABKm0%40strawberry. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
Why are you complaining about bugs when running a ".0rc" version? They're to be expected; if not the point of release candidates. If you want stable, run R3.2. I'm still using that as my daily driver, but from what I see of R4.0rc4 it's to the point where I'm comfortable switching as soon as I can fit it into my work stream. Others already have and are (happily) running it daily. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/47530f9e6a56871059db71d9c1e21bb6.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Mon, Feb 05, 2018 at 01:26:28AM +0100, Tom Zander wrote: > On Monday, 5 February 2018 00:55:34 CET Unman wrote: > > On Sun, Feb 04, 2018 at 08:14:57PM +0100, 'Tom Zander' via qubes-users > wrote: > > > * Having nothing but python APIs for your operating system is something > > > that makes no sense. Python was never meant for servers, or even big > > > applications. Finding a full-stack python developer is more rare than > > > finding a Bitcoin C++ developer. > > > > I'm not sure how much of this is just trolling. > > It is not trolling. > > > You obviously dont mean uses like Google, DropBox, YouTube, Reddit etc. > > Perhaps you dont know about Eve Online? Mercurial? Blender? > > Absolutely none of these use python for anywhere near the same percentage of > components as Qubes does. NONE of these? Afaik Eve and Mercurial are all Python. The rest have been almost all Python at various points. > Google is a good example, for instance they shipped proto-buffers. Which > have bindings in a long list of languages (20 or so). > > Check wikipedia for those examples, reality is much more sobering that you > think. > > > There are exceptional developers working in many companies -Google, > > NASA, Astra Zeneca, to name a few, all using python. The fact that > > you arent comfortable with it is fine, but not a reason to reject it. > > Thats moving the goalpost. Naturally there are many experienced python > developers. > > Let me re-state the point for your benefit; > > Having nothing but python bindings and having practically all your > components written in python is without a doubt very realistically limiting > the amount of people you can get hacking on Qubes. Add on top of that the > content matter, which is highly complex and in many cases includes > networking or cross-VM communication or hard-core linux components and you > limit the amount of people even more, to the extend I mentioned above. > You may be right, but I'm simply not convinced. That, of course, is irrelevant. It's a choice for Joanna and Marek to make. You are, of course, free to rewrite Qubes and its components in a language you're comfortable with. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180205013302.mgps5nqmrfdlzpj7%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Monday, 5 February 2018 00:55:34 CET Unman wrote: > On Sun, Feb 04, 2018 at 08:14:57PM +0100, 'Tom Zander' via qubes-users wrote: > > * Having nothing but python APIs for your operating system is something > > that makes no sense. Python was never meant for servers, or even big > > applications. Finding a full-stack python developer is more rare than > > finding a Bitcoin C++ developer. > > I'm not sure how much of this is just trolling. It is not trolling. > You obviously dont mean uses like Google, DropBox, YouTube, Reddit etc. > Perhaps you dont know about Eve Online? Mercurial? Blender? Absolutely none of these use python for anywhere near the same percentage of components as Qubes does. Google is a good example, for instance they shipped proto-buffers. Which have bindings in a long list of languages (20 or so). Check wikipedia for those examples, reality is much more sobering that you think. > There are exceptional developers working in many companies -Google, > NASA, Astra Zeneca, to name a few, all using python. The fact that > you arent comfortable with it is fine, but not a reason to reject it. Thats moving the goalpost. Naturally there are many experienced python developers. Let me re-state the point for your benefit; Having nothing but python bindings and having practically all your components written in python is without a doubt very realistically limiting the amount of people you can get hacking on Qubes. Add on top of that the content matter, which is highly complex and in many cases includes networking or cross-VM communication or hard-core linux components and you limit the amount of people even more, to the extend I mentioned above. -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1610076.pebm5Wnf9q%40strawberry. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Sun, Feb 04, 2018 at 08:14:57PM +0100, 'Tom Zander' via qubes-users wrote: > * Having nothing but python APIs for your operating system is something that > makes no sense. Python was never meant for servers, or even big > applications. Finding a full-stack python developer is more rare than > finding a Bitcoin C++ developer. I'm not sure how much of this is just trolling. This is a joke though, no? You obviously dont mean uses like Google, DropBox, YouTube, Reddit etc. Perhaps you dont know about Eve Online? Mercurial? Blender? There are exceptional developers working in many companies -Google, NASA, Astra Zeneca, to name a few, all using python. The fact that you arent comfortable with it is fine, but not a reason to reject it. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180204235534.qc4nu7mjyjgb2jg6%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
@Tom Zander On Sunday, February 4, 2018 at 8:15:05 PM UTC+1, Tom Zander wrote: > On Sunday, 4 February 2018 18:10:44 CET Yuraeitha wrote: > > Also it's been explicitly said that no Qubes 4 existing features will be > > added to the new-old Qube Manager. Which might also hint towards no > > changes coming to Qube Manager. If anything, it has to be re-made almost > > entirely to work well with Qubes 4+, and currently no one is doing that. > > The Qubes Manager is written to Qt4, which is equally outdated as the > backends of Qubes it used (3.x). > > I started a project using Qubes4-api and Qt5 APIs, though. See Ps at the > bottom of the mail. > > [start rant] > > The biggest issue i ran into is that Qubes4 is just too immature to actually > use for more than browsing and email. It was too painful for my desktop > full-time work machine. > I tried for 2 months, my significant other stated that I had been > extraordinary patient with Qubes when I finally stopped using it ;) > > My problems are widespread; > * the admin-api is very immature and poorly implemented. Getting a stack- > trace in the server logs and no answer is just unacceptable. Unit tests, > anyone? > * system-tray is hopelessly broken. Losing apps because they don't show in > the system-tray up when you close them was fun! > * The design of qubes-daemon is too fragile, it starts/stops VMs and > patiently waits and hopes everything will work. I expected a much more > 'hands-on' approach (at least for Linux kernels) with much more reporting. I > also lost data because apps aren't being quit, they are being killed on VM > shutdown. > * Why do I see 'lock'-icons for most of my windows in the task-bar? > * the documentation is very out-of-date. > * I don't know how, it may be fedora packaging, it may be qubes packaging or > configs, but the amount of KDE (apps running in dom0) crashes I had in the 2 > months of using Qubes is greater than the amount i had in the previous 5 > years. This boggles the mind... > * The graphics pipeline is hopelessly outdated. Its about a decade behind > the industry. > * Poor quality of many tools, the icon-copier copying the 22px icon from a > VM instead of the 256 one that was also there is just... sad. > * The amount of services, bash-scripts, config files, duplicated data in > qubes and then again in the system is horrible, under documented mess. > * rexecd validation being implemented using bash is a joke (mostly felt > because its extremely slow) > * total lack of mature end-user-focused tools. Swear to God. There are zero > today. > * Having nothing but python APIs for your operating system is something that > makes no sense. Python was never meant for servers, or even big > applications. Finding a full-stack python developer is more rare than > finding a Bitcoin C++ developer. > > end-rant. > > Qubes is an amazing idea, has some fantastic and genius concepts in it. > I hope many of those things will get fixed, although the list has grown so > long that I'm not sure it can without being forked. > > ps. https://github.com/QubesController is the place where I wrote an already > pretty decent "Qubes Controller" using the new APis. > I'm open to adding anyone to the approved committers list that wants to work > on it. > > -- > Tom Zander > Blog: https://zander.github.io > Vlog: https://vimeo.com/channels/tomscryptochannel I think discussion is good and healthy, though I don't feel it's entirely fair to paint it black and white like this. I can agree on many problems, but I think they look very different in different light and perspectives, so lets try shake it up a bit. I'm not claiming to be right, this is just my perspective of things. The ancient city Rom wasn't build in one day, it took many decades and even centuries. And as awokd said, the security in Qubes is rapidly evolving in short time, which is hard to deny. Qubes is heavily disrupting the security industry, which has been too stagnant and slowly reactive developing over many years, rather than a proactive forward looking perspective, which Qubes has. - The priority is first and foremost security, right? Everything else besides that is pretty much secondary or lower. Ease of use and emotional related things, such as good looking and appeal, will come even lower than secondary (don't get me wrong though, I do love good looking systems too my self). While the Qubes OS team could need more funding and donations, I don't think they are feeling ready yet to go and market themselves before the security is on an even higher level. And this I think is very justified in a logical sense seen from an understanding of market perspective, once you start market it, if the security isn't good enough, then Qubes will just become a short-lived fire-fly that only lives 24 hours, before everyone forgets about it again. For proper marketing, you need to be ready before spreading the hype. This is why many open
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Sun, February 4, 2018 7:14 pm, 'Tom Zander' via qubes-users wrote: > The biggest issue i ran into is that Qubes4 is just too immature to > actually use for more than browsing and email. It was too painful for my > desktop full-time work machine. I tried for 2 months, my significant other > stated that I had been extraordinary patient with Qubes when I finally > stopped using it ;) > > My problems are widespread; > * the documentation is very out-of-date. Working on it (where other contributors haven't already)! Am about halfway through now. > * The graphics pipeline is hopelessly > outdated. Its about a decade behind the industry. It's also been more secure than most of the industry for those 10 years. ;) But no point rehashing the related GSoC threads. Your suggestion there seemed valid. I hope you continue to run the released version of 4.0 on a secondary machine at least. I think you provide a valuable viewpoint. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cd459af052eaeba5682ae14f5376a99b.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes Manager / Qubes 4.0 R3 ?
On Sunday, 4 February 2018 18:10:44 CET Yuraeitha wrote: > Also it's been explicitly said that no Qubes 4 existing features will be > added to the new-old Qube Manager. Which might also hint towards no > changes coming to Qube Manager. If anything, it has to be re-made almost > entirely to work well with Qubes 4+, and currently no one is doing that. The Qubes Manager is written to Qt4, which is equally outdated as the backends of Qubes it used (3.x). I started a project using Qubes4-api and Qt5 APIs, though. See Ps at the bottom of the mail. [start rant] The biggest issue i ran into is that Qubes4 is just too immature to actually use for more than browsing and email. It was too painful for my desktop full-time work machine. I tried for 2 months, my significant other stated that I had been extraordinary patient with Qubes when I finally stopped using it ;) My problems are widespread; * the admin-api is very immature and poorly implemented. Getting a stack- trace in the server logs and no answer is just unacceptable. Unit tests, anyone? * system-tray is hopelessly broken. Losing apps because they don't show in the system-tray up when you close them was fun! * The design of qubes-daemon is too fragile, it starts/stops VMs and patiently waits and hopes everything will work. I expected a much more 'hands-on' approach (at least for Linux kernels) with much more reporting. I also lost data because apps aren't being quit, they are being killed on VM shutdown. * Why do I see 'lock'-icons for most of my windows in the task-bar? * the documentation is very out-of-date. * I don't know how, it may be fedora packaging, it may be qubes packaging or configs, but the amount of KDE (apps running in dom0) crashes I had in the 2 months of using Qubes is greater than the amount i had in the previous 5 years. This boggles the mind... * The graphics pipeline is hopelessly outdated. Its about a decade behind the industry. * Poor quality of many tools, the icon-copier copying the 22px icon from a VM instead of the 256 one that was also there is just... sad. * The amount of services, bash-scripts, config files, duplicated data in qubes and then again in the system is horrible, under documented mess. * rexecd validation being implemented using bash is a joke (mostly felt because its extremely slow) * total lack of mature end-user-focused tools. Swear to God. There are zero today. * Having nothing but python APIs for your operating system is something that makes no sense. Python was never meant for servers, or even big applications. Finding a full-stack python developer is more rare than finding a Bitcoin C++ developer. end-rant. Qubes is an amazing idea, has some fantastic and genius concepts in it. I hope many of those things will get fixed, although the list has grown so long that I'm not sure it can without being forked. ps. https://github.com/QubesController is the place where I wrote an already pretty decent "Qubes Controller" using the new APis. I'm open to adding anyone to the approved committers list that wants to work on it. -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9861258.aloPWp28RD%40cherry. For more options, visit https://groups.google.com/d/optout.
