Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-21 Thread Andrew David Wong 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi Mike,

Would you please read through our mailing list guidelines?

https://www.qubes-os.org/mailing-lists/

Specifically, please avoid top-posting. Instead, reply interleaved or
bottom-post. This helps keep the mailing lists more organized. Thanks!

On 2016-12-20 15:57, Mike Mez wrote:
> "I understand your position. At this point, I think you should
> read, learn, and try (i.e., download, install, and use) as much as
> you can about your viable options to figure out which solution is
> right for you.
> 
> While there is a fair amount of code and functionality that is
> unique to Qubes, knowledge of Linux and Xen would still be very
> helpful. Really, though, if you just want to try Qubes out, it
> shouldn't be necessary to learn Linux or Xen at all. If you run
> into any problems, some basic familiarity with the command-line
> will help, though."
> 
> So nothing too crazy advanced then? Alright, when the time comes
> I'll give it a shot. As it is right now, it seems on all the
> Distro/VM combinations I've found and looked into I have to figure
> out how to do the GPU pass through so that I can use the CPU/GPU
> intensive programs I wish to use off of the windows kernel. Having
> Xen as a core base just helps me skip a step or two.
> 

I think that, at this point, users with a pure Windows background can
transition fully to Qubes, as long as they possess the qualities I
mentioned to a sufficient degree. :)

> "Fair warning, though: If you do decide to go with Qubes and
> attempt to do DIY GPU passthrough, that's likely to be *much* more
> challenging from a technical perspective (though generous users
> have provided detailed guides on this list already). You should
> also be aware that it inherently comes with significant security
> trade-offs."
> 
> I would say that goes without saying, as such is one of the
> eternal struggles of security. When one fights monsters..., yet
> with out the ability to do my job, hobby, ... I want to say or
> simply pass the time, yet that would be different... so. If I can't
> do what I must, why have it? Yet I like the added security, it's a
> nice feature to have on the side, as security isn't my main deal.
> What I do isn't exactly a threat unless suddenly I work under a
> government that is a fan of 1984 Grey on all the things. Oh my.
> Such a task. I guess once you start doubting you never stop.
> 

Well, it's not necessarily an all-or-nothing matter. For example, I
have a separate (untrusted) machine with baremetal Windows 10
installed just for media and gaming, while I do all of my serious work
on my physically distinct Qubes machines. Granted, this entails a
greater investment in hardware, but it doesn't have to break the bank
if you build your own PCs.

This way, I don't have to worry that Windows 10 infantilizes its users
by removing all choice and control over fundamental things like
whether the operating system uploads data from your local machine to
Microsoft's servers, since I have nothing important on there anyway. I
also enjoy having baremetal performance when it comes to any kind of
competitive gaming (though, admittedly, I haven't analyzed any
benchmarks on the magnitude of the overhead entailed by running games
in Windows on top of Xen).

> Well, I suppose if I do come across an error or an issue about GPU
> pass trough, I'll email "qubes-users" and hopefully be able to come
> up with a solution. It may be technically over my head, way over in
> fact currently. Yet Microsoft's actions with 10, that they have
> also pushed into 8 & 7, just. Ugh.
> 
> Thank you once again,
> 
> - Mike Mez
> 
> On Tue, Dec 20, 2016 at 4:04 AM, Andrew David Wong
>  wrote:
> 
> On 2016-12-19 16:29, Mike Mez wrote:
 Wow! I wasn't actually expecting my "dream" scenario to be
 so possibly ... probably ... maybe in fact viable. I
 understand that since the main focus in Qubes early stages
 (or perhaps it's far more proper to say at whole,) is
 security that this is what your main marketing point would
 be. Yet with the "windows integration", if I understand this
 properly, is a big deal. I mean shoot, the only reason (the
 only reason?) people use windows now a days is its entrenched
 ubiquitous nature. Shoot, as mentioned the only reason I
 use(d) it is because that is what the programs I use... use.
 So the ability to co-op that... am I over thinking this? It 
 just sounds cool to me.
 
 "It depends highly on the individual, but if you're coming
 from a purely Windows background, the biggest thing might be
 adjusting to a Linux environment. In general, the most
 important qualities will be perseverance, a willingness to
 learn, and the ability to solve your own problems. (Of
 course, the mailing lists are here to help, but things
 generally don't work very well if someone makes no effort and
 expects to be spoon-fed

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-20 Thread Chris Laprise 

On 12/20/2016 06:57 PM, Mike Mez wrote:

"Search for "VFIO NVIDIA Error 43" on your favorite search engine.

Pretty much it just shuts off 3D mode and gives you Error 43 in device 
manager if it detects some hardware virt features, there is a way 
around it but I wasted hours until I figured out what was going on.


It is a gpu only thing, for now."

Well. Would you look at that. I've been debating Pascal Titan X or 
Radeon™ Pro WX 7100, yet this does change the favor of things.



Let me share something with you about Linux and nVidia

https://www.youtube.com/watch?v=iYWzMvlj2RQ

:-D


Chris

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d0f394a8-c925-8960-3af7-2d5891cb46c9%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-20 Thread Chris Laprise 

On 12/20/2016 06:57 PM, Mike Mez wrote:
This is/immensely/ helpful. To reiterate... to make sure I understand, 
with "windows problems" easy is easy and impossible is basically 
impossible (which I can say with experience is fairly on the money of 
my experience as well). With Linux, the difficultly curve of problems 
are kind of inverted when compared to windows. The easy problems are 
now stubborn, while the really hard programs are now possibly easier 
courtesy of established documentation. While such might not be true 
for all cases, of course, generally this is the jest of what to 
expect, yes?


I would say on Linux/FOSS the easy problems are less stubborn than they 
are "easy to find solutions but require steps that are more annoying or 
tedious". But there will be times when you will think "that was much 
smoother than Windows", no doubt.




Furthermore, unlike windows, the GUI in Linux is less of an operator 
then it is in windows. The way to go about things in Linux is the 
command line interface, which may make problem solving initially a bit 
more... problematic for those who only know how to move around in a 
GUI. So I being a windows user might what to look up on that.


Qubes seems to use GUI examples where possible. It has a stronger notion 
of a "default GUI" than most Linux "distros" do. Linux distros have a 
strong tendency toward showing solutions in the CLI because they assume 
GUIs will vary a lot depending on what the user has chosen.




You also mention "just because PC... doesn't mean it will work", which 
I am already aware of, but thank you all the same. I'll make sure to 
look up the Qubes HCL link.


Finally, I don't have the available cash to buy multiple variants of 
particular models or brands of GPUs nor am I able per say to 
experiment with other models in a process of trial and error, through 
I would certainly like to give it a shot if I could. Fortunately, what 
I do have is knowledge of places to purchase parts which have a 
stellar return policies. So, that may be an option. Honestly the only 
people I know of that have that kind of capital are the ones that do 
it for a living on YouTube like LinusTechTips, Bitwit, and Pauls 
Hardware. Oh so much to do... so little to do it all. :/




I see people now and then on the list who fight with incompatible 
hardware, and keep putting themselves through misery because they think 
its either Qubes' problem or due to something they just missed somehow. 
They assume wrongly that hardware is some kind of smooth, blank slate 
and don't realize that adding Xen to the equation in the particular way 
Qubes does takes the somewhat constrained compatibility of Linux and 
narrows it down much further. Systems that work best use middle- and 
high-end Intel and AMD chips for most functions, like Wifi and graphics 
and audio, and have fewer BIOS bugs; These tend to come from the 
business lines of Lenovo, Dell, and HP.


Chris

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/72870dcd-db45-252a-72ae-1b97a05d3150%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-20 Thread taii...@gmx.com 
I would get the radeon definitely, AMD is more foss/linux friendly than 
NVIDIA as well.


Things to get:
a kgpe-d16, the best available g34 socket 16 core opteron 62xx CPU in 
your price range off ebay (such as 6284SE, 6282SE or 6276) and 32GB DDR3 
ECC RDIMM RAM (I would go with 4, 8gb sticks for future expansion) and 
you're good to go assuming you already know how to assembling a computer.


Whatever you do don't buy a motherboard of ebay or an open box 
motherboard as you won't get a warranty and this is a $400 mobo (but 
balanced out by the cpu which is only $20 if you don't want a max high 
performance special edition "SE" series)


I would get a 4U SSI-EEB supporting case and a tower cooler, you also 
need 4pin PWM fans if you don't want them to run at max all the time 
(use pwmconfig/fancontrol commands)


Any recent amd graphics card will support function level reset 
(important) and if you buy AMD then you're good to go no error 43, no 
need to have to return stuff or what not, it'll work.


Like I said any questions feel free to ask me or the list (ADW is a busy 
guy tho :P)



PS: So you know gmail mines your emails to build a marketing and social 
profile (what you like to buy who your friends are etc)


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9f0a6f81-31bf-8e4a-eb58-722003e925e3%40gmx.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-20 Thread Mike Mez 
"Search for "VFIO NVIDIA Error 43" on your favorite search engine.

Pretty much it just shuts off 3D mode and gives you Error 43 in device
manager if it detects some hardware virt features, there is a way around it
but I wasted hours until I figured out what was going on.

It is a gpu only thing, for now."

Well. Would you look at that. I've been debating Pascal Titan X or Radeon™
Pro WX 7100, yet this does change the favor of things.

"The dangers being malicious corruption of the card firmware or option ROM
firmware, or an exploit in the IOMMU GFX related code which is much larger
than IOMMU operations that do not involve graphics devices.

The best way to do GPU passthrough is with a card that is only used for
that VM and use a blob free coreboot platform such as the KGPE-D16 so that
you can disallow option rom execution, have some level of DMA protection
pre-linux initialization and have no ME/PSP or suspicious binary blobs on
your motherboard.

If you want to do this I am happy to provide technical assistance, you can
play the latest games with no cpu bottleneck on a KGPE-D16 with one of the
higher end 16 core opteron 62xx CPU's which you can buy for $20-40 on ebay."

I love how KGPE-D16 simply... ROLLS off the tongue. So sure. If you are
willing to give some technical assistance to this mad task of mine, I'm
certainly willing to give it a look. What ch'a got? Make sure with what
ever you have to say, that it's search engine compatible. ;)

Thank you,

- Mike Mez

On Tue, Dec 20, 2016 at 4:37 AM, taii...@gmx.com  wrote:

> On 12/20/2016 04:04 AM, Andrew David Wong wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA512
>>
>> On 2016-12-19 16:29, Mike Mez wrote:
>>
>>> Wow! I wasn't actually expecting my "dream" scenario to be so
>>> possibly ... probably ... maybe in fact viable. I understand that
>>> since the main focus in Qubes early stages (or perhaps it's far
>>> more proper to say at whole,) is security that this is what your
>>> main marketing point would be. Yet with the "windows integration",
>>> if I understand this properly, is a big deal. I mean shoot, the
>>> only reason (the only reason?) people use windows now a days is
>>> its entrenched ubiquitous nature. Shoot, as mentioned the only
>>> reason I use(d) it is because that is what the programs I use...
>>> use. So the ability to co-op that... am I over thinking this? It
>>> just sounds cool to me.
>>>
>>> "It depends highly on the individual, but if you're coming from a
>>> purely Windows background, the biggest thing might be adjusting to
>>> a Linux environment. In general, the most important qualities will
>>> be perseverance, a willingness to learn, and the ability to solve
>>> your own problems. (Of course, the mailing lists are here to help,
>>> but things generally don't work very well if someone makes no
>>> effort and expects to be spoon-fed solutions.)"
>>>
>>> Alot of this IT stuff is admittedly over my head currently, and
>>> I'm glad the Qubes Team are working towards a better user
>>> experience (as mentioned in the interview). I'm just smart enough
>>> to know how dumb I am, you see, as this sort of thing is not
>>> particularly the world I come from (Design, Print, Games,
>>> Artsy...whatever). Overall, the willingness to learn is a given,
>>> that doesn't help me much - I'm HERE! I'm looking for a direction
>>> for my amateur mind to move on. What I am curious about is what
>>> would be required to problem solve. Since Qubes is based on linux,
>>> does that mean I could experience problems just as in any other
>>> form of linux, and there for I could get a book, and gather
>>> information that way. OR. Qubes is so customized that it has its
>>> own things about it, and therefor Qubes documentation is the go to
>>> to figure out what is going on. I'm trying to figure out my next
>>> move here, as Qubes isn't the only alternative OS I've been looking
>>> in to, and some of the Distros I've looked at have very through and
>>> beginner friendly documentation. The catch being I would have to
>>> set up and figure out how to implement a VM, most likely KVM, and
>>> do all the things I want to do with that. Furthermore I'm basically
>>> dabbling in theory right now, trying to figure out if I should go
>>> all in or if it would just be easier to bite the bullet, Baremetal
>>> Windows 10, and just air gap all the things.
>>>
>>> I know its not going to be easy, I knew that when I decided to
>>> look into feasibility. I know nothing and I'm trying to figure out
>>> what mountain to choose and the equipment I need for the climb as
>>> the way I see it I'm pretty much on my own once I start. The
>>> potential right now looks the best with Qubes. Amazing potential.
>>> I'm very hopeful I can figure this out and make it work, The
>>> OpenGL virtualization thing I'm really going to need to wrap my
>>> head around for example.
>>>
>>> Yet now I'm starting to ramble, so I'll leave it at that for now.
>>>
>>>

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-20 Thread Mike Mez 
This is* immensely* helpful. To reiterate... to make sure I understand,
with "windows problems" easy is easy and impossible is basically impossible
(which I can say with experience is fairly on the money of my experience as
well). With Linux, the difficultly curve of problems are kind of inverted
when compared to windows. The easy problems are now stubborn, while the
really hard programs are now possibly easier courtesy of established
documentation. While such might not be true for all cases, of course,
generally this is the jest of what to expect, yes?

Furthermore, unlike windows, the GUI in Linux is less of an operator then
it is in windows. The way to go about things in Linux is the command line
interface, which may make problem solving initially a bit more...
problematic for those who only know how to move around in a GUI. So I being
a windows user might what to look up on that.

You also mention "just because PC... doesn't mean it will work", which I am
already aware of, but thank you all the same. I'll make sure to look up the
Qubes HCL link.

Finally, I don't have the available cash to buy multiple variants of
particular models or brands of GPUs nor am I able per say to experiment
with other models in a process of trial and error, through I would
certainly like to give it a shot if I could. Fortunately, what I do have is
knowledge of places to purchase parts which have a stellar return policies.
So, that may be an option. Honestly the only people I know of that have
that kind of capital are the ones that do it for a living on YouTube like
LinusTechTips, Bitwit, and Pauls Hardware. Oh so much to do... so little to
do it all. :/

Thank you,

- Mike Mez

On Mon, Dec 19, 2016 at 11:58 PM, Chris Laprise 
wrote:

> On 12/18/2016 11:49 PM, Andrew David Wong wrote:
>
>>
>> *2.   *You mentioned  during the interview that you came to Qubes
>>> as a lifelong widows user. I am in the situation when it comes to
>>> this as a lifelong windows user. What would you say is the learning
>>> curve for using Qubes is? How easy would it be for someone who is
>>> slightly technical, yet not IT, to problem solve a problem in Qubes?
>>> In windows I Ctrl+Alt+Del and go through that rigmarole.
>>>
>>> It depends highly on the individual, but if you're coming from a purely
>> Windows background, the biggest thing might be adjusting to a Linux
>> environment. In general, the most important qualities will be
>> perseverance, a willingness to learn, and the ability to solve your own
>> problems. (Of course, the mailing lists are here to help, but things
>> generally don't work very well if someone makes no effort and expects to
>> be spoon-fed solutions.)
>>
>
> I find most problems on Windows are either moderately easy, or impossible.
> Digging for answers to difficult issues results in few results and they are
> usually dead-ends.
>
> Since Qubes uses Linux, it tends to follow that culture. Easy problems can
> be annoyingly fussy to resolve, but really difficult problems usually have
> a deep profile of related documentation and discussion spread around
> various websites. Its more probable you will make progress on difficult
> issues with continued perseverance and curiosity.
>
> The biggest obstacle over time is probably the over-reliance on the
> command-line interface. Relatively little of the configuration matrix is
> expressed in the GUI, so the GUI feels more superficial and less able to
> control the system at deeper levels than it does on Windows. This makes
> users who expect streamlining and integration weary.
>
> Also, do not expect the rule of "This is a PC, so it'll run this
> PC-compatible OS" to hold water. Most PCs are "Windows PCs" and many of the
> quirks that certain models have may be OK with Microsoft but untenable with
> Linux or Qubes. Business-class computers from top-tier brands are your best
> bet. Check out the Qubes HCL link on the download page.
>
>
>> *3.   *I understand your OS is security based, and that is super
>>> cool. Yet security is useless if there is nothing to protect. "Out of
>>> the box" what can Qubes run?
>>>
>>> It's better to turn this question around: What *can't* Qubes run? It
>> sounds like the main problem in your case may be the lack of 3-D support:
>>
>> https://www.qubes-os.org/doc/user-faq/#can-i-run-application
>> s-like-games-which-require-3d-support
>>
>> To get around this problem, you would have to attempt GPU passthrough,
>> which is not supported (but which some users have managed to achieve on
>> their own).
>>
>
> I will venture to make a suggestion on this gnarly subject: A desktop or
> tower PC will fit this scenario much better than a laptop will. You will
> need the freedom to buy particular models of GPU and/or experiment with
> other models in a process of trial and error.
>
> Chris
>

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-19 Thread Chris Laprise 

On 12/18/2016 11:49 PM, Andrew David Wong wrote:



*2.   *You mentioned  during the interview that you came to Qubes
as a lifelong widows user. I am in the situation when it comes to
this as a lifelong windows user. What would you say is the learning
curve for using Qubes is? How easy would it be for someone who is
slightly technical, yet not IT, to problem solve a problem in Qubes?
In windows I Ctrl+Alt+Del and go through that rigmarole.


It depends highly on the individual, but if you're coming from a purely
Windows background, the biggest thing might be adjusting to a Linux
environment. In general, the most important qualities will be
perseverance, a willingness to learn, and the ability to solve your own
problems. (Of course, the mailing lists are here to help, but things
generally don't work very well if someone makes no effort and expects to
be spoon-fed solutions.)


I find most problems on Windows are either moderately easy, or 
impossible. Digging for answers to difficult issues results in few 
results and they are usually dead-ends.


Since Qubes uses Linux, it tends to follow that culture. Easy problems 
can be annoyingly fussy to resolve, but really difficult problems 
usually have a deep profile of related documentation and discussion 
spread around various websites. Its more probable you will make progress 
on difficult issues with continued perseverance and curiosity.


The biggest obstacle over time is probably the over-reliance on the 
command-line interface. Relatively little of the configuration matrix is 
expressed in the GUI, so the GUI feels more superficial and less able to 
control the system at deeper levels than it does on Windows. This makes 
users who expect streamlining and integration weary.


Also, do not expect the rule of "This is a PC, so it'll run this 
PC-compatible OS" to hold water. Most PCs are "Windows PCs" and many of 
the quirks that certain models have may be OK with Microsoft but 
untenable with Linux or Qubes. Business-class computers from top-tier 
brands are your best bet. Check out the Qubes HCL link on the download page.





*3.   *I understand your OS is security based, and that is super
cool. Yet security is useless if there is nothing to protect. "Out of
the box" what can Qubes run?


It's better to turn this question around: What *can't* Qubes run? It
sounds like the main problem in your case may be the lack of 3-D support:

https://www.qubes-os.org/doc/user-faq/#can-i-run-applications-like-games-which-require-3d-support

To get around this problem, you would have to attempt GPU passthrough,
which is not supported (but which some users have managed to achieve on
their own).


I will venture to make a suggestion on this gnarly subject: A desktop or 
tower PC will fit this scenario much better than a laptop will. You will 
need the freedom to buy particular models of GPU and/or experiment with 
other models in a process of trial and error.


Chris

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/dbc9e97b-0d3b-9a7b-49a7-199bb04ca0a6%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-19 Thread taii...@gmx.com 

On 12/19/2016 07:31 PM, Mike Mez wrote:


"As a tip if you desire to attempt gpu passthrough do not buy an NVIDIA
card as they like to introduce driver "bugs" that make it difficult to try
and entice you to buy a quadro."

Thank you for the tip. Where could I see an example of this? To my current
amateur mind, you make it sound as if a pop up error code comes up and
declares "but it works on a Quadro", which sounds abit more blunt that I
would expect. Even then, they can try to coerce all they like. I don't have
that kind of money to burn.

Furthermore, is this a GPU only thing, or have there been cases of "bugs"
on other forms of hardware as well, such as a CPU?

Thank you,

- Mike Mez

On Mon, Dec 19, 2016 at 12:17 AM, taii...@gmx.com  wrote:


As a tip if you desire to attempt gpu passthrough do not buy an NVIDIA
card as they like to introduce driver "bugs" that make it difficult to try
and entice you to buy a quadro.


Search for "VFIO NVIDIA Error 43" on your favorite search engine.

Pretty much it just shuts off 3D mode and gives you Error 43 in device 
manager if it detects some hardware virt features, there is a way around 
it but I wasted hours until I figured out what was going on.


It is a gpu only thing, for now.

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/544d3997-139a-572f-8230-6806b5a18311%40gmx.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Screensavers : Qubes Questions!

2016-12-18 Thread taii...@gmx.com 
As a tip if you desire to attempt gpu passthrough do not buy an NVIDIA 
card as they like to introduce driver "bugs" that make it difficult to 
try and entice you to buy a quadro.


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/706309c5-3b81-ac38-fd3f-217f2cdaae4e%40gmx.com.
For more options, visit https://groups.google.com/d/optout.