I am perplexed by the challenge of containing Twitter use in Qubes. With Twitter, you must be logged in to effectively read or write.
On the read side, it is a wildly promiscuous experience exposing the user to various untrusted sites. Indeed a key goal of using Twitter is to discover new sites and media. On the write side, it is very sensitive, containing private messages, the ability to post public messages with significant personal reputational risks, and even to do lightweight out-of-band authentication for other channels. If I had to pick from the default VMs, I would probably put Twitter in “untrusted” due to the risks on the read side, even though the account itself is sensitive and ideally you would not put such write capabilities in a "wild west” environment like “untrusted." Perhaps better is to just make a “twitter” vm to keep the damage of any compromise contained to the Twitter account itself. Most ideal, in the future, would be to combine this last approach with a Qubes browser add-on and force each non-twitter link to open in another VM, either disposable or the “untrusted”. (Has anyone figured out a better approach?) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2ADC32CB-6F66-4E2A-8C8F-684F0B356814%40ryantate.com. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: Message signed with OpenPGP using GPGMail
