On 1/24/20 7:54 AM, fiftyfourthparal...@gmail.com wrote: >> CLIP OS > I just checked out CLIP OS: If Qubes is like Inception*, wouldn't using > CLIP OS in it be like going down a level deeper? I'm not a techie, but it > feels like it'd be really unstable because of technological challenges. > Really cool if implemented though, even if its government links make it > *feel* sketchy.
Yeah I also thought about the government link. When it was initially released to public I read about it on a news site and setup an old laptop to give it a shot. I stumbled a bit and opened a few github issues which were answered within hours, so the support seems to be great, but in the end didn't get it running correctly. But that was about a year ago or so. Maybe it works better now - we should try out. I think the question here is what you want to defend against. If you run a IT company or if you are a freelancer and care about keeping your customers reasonably secure and you want to protect from 3v1l h4x0rs trying to get bitcoin from or blackmail you or similar, I think ClipOS is a good choice. If you try to defend against governments I think this is tough in general, as governments (especially the one in the country you reside) usually can get easy access to your hardware by just breaking into your apartment. There is little to no real defense against physical access to your hardware. They can also just install a camera somewhere in your office to look at your screen, getting completely around all the neat paranoia you setup on your workstation (PS: there are these "sheets" or something you can put on your screen to prevent shoulder surfing (somebody looking into your screen), where you can only see the screen at more or less exactly the right angle - they are rather cheap: "laptop screen privacy filter" on amazon.com or similar sites Also the government can intercept your workstation being shipped to you by the postal service and install all kinds of nonsense. Maybe the government should work on giving security to us instead of developing super hardcore exploits, which then get leaked, which then cause billions in losses to their own industries xD Anyhow.. I think security in IT is about making yourself a very complicated target - there is no such thing as absolute security. Hence, I think ClipOS is a good thing to take a look at and if we can get it running in a Qube, as the French gov seems to have put lots of resources into it. Also it is open source so we can review the code. We can not know if there is an intentional way to 0wn clip OS that its developrs (the French gov) build into it, just as we can't know if some gov approached a Qubes or a Debian or Linux Kernel developer and said "here is 100.000 USD, please put a bug into that piece of software". Hence I think we should just do the best we can - run Qubes and keep enhancing it. Is anyone interested in co-working on getting ClipOS running under Debian in Qubes? I'd be happy to work together with anyone interested in this! :) I'm very motivated to get this running to establish a hardened setup for the actual qubes VMs based on Debian. The end result should be an automated way to install ClipOS in a qube (like a community provided template) and then run, say, thunderbird and similar in it, so lots of less experienced Qubes users can make use of it. Whos in? :) > > *Title of a movie where people have dreams within dreams. I want to make a > post about how Qubes is exactly like a certain theory of Inception where > the whole movie is basically Dom's dream (yes--Dom is dom0) but I'm not > sure if qubes-users is the place to post it. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/eb5f56f8-5836-0bd3-1b4c-a83701d3042a%40blunix.org.
signature.asc
Description: OpenPGP digital signature