On 5/9/20 5:02 PM, Steve Coleman wrote:
On Fri, May 8, 2020 at 7:13 PM Catacombs <ggg...@gmail.com
<mailto:ggg...@gmail.com>> wrote:
A Journalist or a Human Rights investigator, I think are more
comfortable with ease of use, not secure.
There is always a trade-off between security and usability for sure. One
trade-off for the non geek users is to enable networking in the software
template so that you can run the "Software" application to pick and
choose your required desktop applications. The journalist may not know
how to use DNF at the command line but the Software installer will
clearly let them pick and choose from several decent word processors. If
only the Software application used the same proxy method to search the
repository for packages then turning on the networking would not be
necessary. The average desktop user would have a much easier time
installing what they need.
The main thing for them to *not do* is to run any applications in the
template VM itself. Never test things in the template unless you
absolutely need to pre-configure something, and if so, do it with
networking turned off if you have that choice. Clearly this is not easy
for a non-geek, but it can be made a little easier.
So, I bet this has been talked about before. As I was doing the
upgrade to Fedora 31, I realized a Journalist is not likely to be
very happy doing that. After that, I had to search to find a Text
Editor, (Gedit is what I used) A Journalist would expect that the
things
LibreOffice is what you want for journalists.
Then I tried to watch a Video. Gee guys, a Journalist just expects
this stuff to work. I , on the other hand, am concerned our
mythical investigator not realizing the possible security
implications of opening what kind of app, when.
If you enable rpmfusion repos you will be able to access more video
codecs, but again that is a security trade-off.
Since protecting otherwise naive users is the topic, I would suggest
making a much simpler choice which is to use Debian. That will get you
codec support without messing with repo configs, and the user will have
an OS that is thoroughly tested and stabilized (i.e. meant for
production environments) and properly protected against MITM during
updates the way Fedora is not.
What you can do is have one template with all the DRMed codecs providing
for one or two AppVMs or DVMs that can run the videos, while keeping the
remaining AppVMs for investigations more secure without all the extra
risky additions. You just have to train them how to open the video URLs
in one of the special VMs.
Tech people do not think like Journalists of Human Rights Workers,
nor vice versa.
Perhaps not, but very likely we are trainable.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/8b4136bf-760b-d2dd-7663-c48d436997c4%40posteo.net.
