On Friday, December 21, 2018 at 3:39:25 PM UTC-8, unman wrote: > On Thu, Dec 20, 2018 at 09:20:11PM -0800, John Smiley wrote: > > On Thursday, December 20, 2018 at 9:11:34 PM UTC-8, John Smiley wrote: > > > I've been having head-banging issues with 4.0 and 4.0.1-rc1 ever since I > > > became a fledgling Qubes user a few weeks ago. I never did get Qubes > > > working well with Whonix 14 on the desktop. > > > > > > When 4.0.1-rc2 came out the other day, I made a new bootable USB stick > > > with it and replaced Ubuntu on my Thinkpad T480 with it. It booted and > > > installed without a hitch. Perfect first use impression (minus a point > > > for nagging about template updates that aren't there). > > > > > > Then I decided to do a reinstall (for the N thousanth time) on my > > > X299-based desktop. 4.0.1-rc2 fired right up. No problems whatsoever. > > > It works like I expected 4.0 and 4.0.1-rc1 to work. > > > > > > Then for the really impressive part. I have a Caldigit TS3 Plus that I > > > like to use to move all of the wire mess to it and have a single > > > Thunderbolt3 wire running from it to the T480. It provides lots of > > > things but I use it for power to my laptop (replacing the brick), > > > Ethernet, Displayport for a second monitor, and USB 3.1. After the > > > 4.0.1-rc2 install went so well, I decided to plug that bad boy in and > > > watch Qubes fall to the ground writhing in agony. > > > > > > My expectations were not met. 4.0.1-rc2 handled it like a champ. I had > > > to do some minor fiddling with the display settings to get the second > > > monitor working via DP and after a bit of hunting around, I discovered > > > that all I had to do to get Ethernet working was to add the new Ethernet > > > controller it saw to sys-net. Shutdown the Whonix GW and sys-firewall, > > > reboot sys-net, restart sys-firewall and the Whonix GW, plug in my > > > Ethernet cable and voila. It works! > > > > > > Now the first question that comes to mind is, how much security did I > > > throw out the window when I plugged that Thunderbolt 3 hub in? > > > > Oh and one more thing. Everything installed with default settings. No > > fiddling with kernelopts to get the Debian-9 template to boot on the X299 > > desktop by setting noxsave. > > > > Very pleased all the testing you did on rc1 paid off. ;-) > Now you need to do the same on rc2. Somewhat disappointed that you > haven't yet found a bug or two.
Haven't had time to do much more than install it yet. At least it's up. The bugs I was hitting before were all related to installing / upgrading. A partial answer to my question about how much security is diminished when using Thunderbolt comes from the Whonix doc on hardware hardening. https://www.whonix.org/wiki/System_Hardening_Checklist#Anonymous_Blogging.2C_Posting.2C_Chat.2C_Email_and_File_Sharing "Disable or remove problematic devices like ExpressCard, PCMCIA, FireWire or Thunderbolt which may allow attackers with physical access to read RAM." -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/df56dbe7-6b7b-483f-9d4d-d1653227d610%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
