Re: [qubes-users] Re: disable seamless mode Windows 7
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-30 22:38, Andrew David Wong wrote: > On 2016-06-30 18:12, raahe...@gmail.com wrote: >> you run a windows template? I've only run win 7 in hvm. > > > There's actually a newish category of VMs in Qubes called HVM > Templates, and that's what Windows templates are. So, they're > still HVMs. But instead of being standalone, they're templates. :) > Take a look at the documentation here, if you're interested: https://www.qubes-os.org/doc/windows-appvms/#tocAnchor-1-1-5 - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXdgJOAAoJENtN07w5UDAwau8P/1JM0hTyiuZ35wEH+bAnbDMZ zwGgIi4oDY6T1zCyijKkLbH5emfmL7uis2ZTGfyLUt6LeVCEezD3wmujQtZ/lUDM EdFmoKK8HW8sRgD/zg6XLrpwryeqOxrHg6reCbkmF5HGpwsi1PskhrDcsYpIoPsP P7Stv/800ASpV+DUSslHV8JrIuuLpstezamgYBegaJKH39LFvGVJWyBNOcur7YEd WuFzo1ThjVwKNMfxNVf0osre/xFk/4klQoqFSGorgr19sJ+F8k2hMAAVYJ037n1V EcyjuMsybspMboollMW5cW5D/F+whz6C8QHJvxb65DzGr7UlpZi5sfLF+7Ba+H9+ IszlBq4XReMts8+RV3VKmHCPYyXJrpMeTdkio+28Qo4OTg/v38qhzZjNrOK1isme HQyzszORUSpuJyI1dXSm4BoXs3dodDTxubBv6/KGctt+9k4T1NKjsIW+tan8ATOe yTAygdy2BfjDp0RRU1QMvItqQlOh/TXL+SuPnqXHLIgmm+Zt8jVp9HCws7hCCEhX AuM1hHHEd4sQQpogtHAvZPqV9pTo6yLRNT4KEbDKR6jXjFVCfB0EuB0/4dzef2FO awBJ9EyjOGukQn8ADeoR+eY1tVfVl4S0eKOeEgm9JvSPTYWG96id568pPnPQV/dq 2TDm9LR9W7iXFkJ9Qu+d =iJeB -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/83e87ca9-b2a1-18c2-e024-50686ef81e27%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: disable seamless mode Windows 7
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-30 18:12, raahe...@gmail.com wrote: > you run a windows template? I've only run win 7 in hvm. > There's actually a newish category of VMs in Qubes called HVM Templates, and that's what Windows templates are. So, they're still HVMs. But instead of being standalone, they're templates. :) - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXdgHPAAoJENtN07w5UDAwz/wP/RGdQQMTEfvQtCz/axhKnne3 uhJEFv184HmEzLE2CfN3ijRuHYYwiGWwwx2eoM287/Penspvuc3ceC1NUwc9OfnB uxy2Fthtj/B39zrwKWYJQGoVo1IhwQU4zYQOKzo7FvbH+8vfxMj+v1s3r/vuJL2Z d4o9E29/9GHTmOGTEnfmyUiWz5Tl8OTmNqPaG7gq7+6gKx2dWYMfRvX+E6hfsjey HkBHiczbs3Ug2pLAc8Qfe6NSfA5PTLVyRZOVuVm9H2Byx0AXyLzNV+E+1jbhDIuG R0gK/lg8noFgfIUgBfMB5+Nga8F2ozxRMzRIbLszoc66DAGc9NGm42jQdPIZh52i p+XZgZcPwYyDMcw3zMFYRlocWkFzWLwCkeYccGs+f78vEkaQ/cJjg6fS4AvnuC3d 5nasYD9pJZQjKxgnisu5UluBpb1au1G53ID7+X2f3lJ+k0WKN3EyQXYpEtaLLjcB UmNCM5mqHigl0QAZcji1ZnqRqMOvr1pnel8YpHRUkYBTyukM5jZ7ADZvzNA6xiHr 8hkwUMOZAX6gDu4qR4ZVdpCiNRRN6huD9UT9JV7c9ZilhlMKVVq6tZT8drdvfHP5 +0n5Z6Rn69D5BCiHajpLEEzIMu1YxztFJwhzCCE0g2wMJP/sJsOq2SXYtMctv186 0Wns7JRq3inA2hC5g/+E =k4sA -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/00463be3-a16f-26d2-30cd-f24be3f34e15%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Cryptsetup LUKS Nuke Option
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-30 18:20, Andrew wrote: > Andrew: >> J.M. Porup: >>> On Wed, Jun 29, 2016 at 02:30:34PM -0700, flux wrote: My thoughts were more along the lines of mitigative travel protection crossing borders and such. Like, you can boot to decryption but if the device is seized, no valid decryption can actually be performed. But as you say, depending on your situation that could be disadvantageous. I additionally just enjoy the idea of separating keys from locks regardless of the encrypted state of those keys. >>> >>> FWIW, I support this feature request as well. Search the >>> archives for previous discussion early 2015 (Caspar Bowden >>> indicated his support for the feature, before he passed.) >>> >>> Overreliance on a boot nuke feature would, as pointed out, be >>> unwise. But as a journalist, I can easily imagine a scenario >>> where I am crossing a border, am asked/ordered to decrypt my >>> laptop, and I prefer to nuke the hard drive rather than >>> comply. >>> >>> Sure, border officials might image the disk first, but how >>> many laptop users have such a feature? >>> >>> I think of it like TLS. Arguing that X.509 certificate >>> infrastructure is broken and not (very) trustworthy doesn't >>> mean we should insist Qubes return to a non-HTTPS website. >>> It's a layer of protection, one of many. >>> >>> So I support this feature request, while noting the priority >>> is low. >>> >>> jmp >>> >> >> [bullshit] >> >> Andrew >> > > Actually, I think I get it now. Tell me if I'm wrong. > > You want this to be a readily-accessible feature of Qubes. It's > not that you want to prepare to cross borders: you cross borders > in the course of your work. It's not even that you cross borders: > you're generally mobile, and you're a potential target. It makes > sense to have the ability to provide a quick failsafe if and when > the need strikes. > > Still, I think the better solution is to implement > plausibly-deniable per-VM encryption/hiding, as suggested when > this topic came up back in 2015. Search for the qubes-users thread > "Re: [qubes-users] feature request: luksAddNuke". > > Caspar actually supported this idea: > >> I would really like to see this implemented >> >> -- Caspar Bowden Qubes Policy Adviser" > > Does this, or do these, already have a tracking ticket? > > Andrew > Hi Andrew, Not sure if you received my message (immediately prior to your last one in this thread). We've had a ticket open for the nuke option for quite a while now: https://github.com/QubesOS/qubes-issues/issues/921 As for the per-VM encryption option, see here: https://github.com/QubesOS/qubes-issues/issues/1293#issuecomment- 229028321 - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXdgB0AAoJENtN07w5UDAwT20QANCGKu4rL3BcSkcfn42+5+Ml XHY6GAVRrQ8+RWu3GDdfu0hbCrzKkDXWZFSECM1v5CQm30hOFq1agaY8ANjmwvOP gQ2x24VmtXXqLDIKnnf85h5MPYJgsYYMTESr2hq3h5l/RCgfphJsbhrZblv9YfJs bwG5diwcwCcXFmF25QmgxfHWNmrFH/dVs8d++I9jDg/T0jCHBhzqO9g9SXtNRa2x E6mfKWuzU58xEE0ZoRUu6+PC8fPOyt9L0vUkM+VgZsyYcsLOCzd3qkNNuF02ViaM VsfqzALWhWgbmV3vxy5Lt+YchcO/XGcN010i9DADQEiXBh5GcJtNAazKIX4vCkhp AIfhPGjyDYaGETj351/nAf/vUJRivPR+TJ8cvWKciJSHOjY/UImzF48SnLT3MJYl zEj6qFsjvbmo7kjOsxDZkKcimvNjYjA9OqLEiOh/P8TDtZPqZeJOegeg97MftDml 0tOQXYk6e4CZKW09WJn3h2BMK/hbhFjZXTHXw8CLcdHfOc8cfF2RRbnSylrGJFun WKFVZ7EavlkcapDYLdq2TLiT8g7SmLH9gpe4kYNOaGftQ5lAApGYlsS78EayL9et Wq5c6rd52f0yGwLBu7D6TeRrwXkRjrlJc9bB7Yc3WQdMqa0TqieVoV2qPg8gjhU8 iHpwhjjU633zI6M0k8Lg =xYUA -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/dacf71ca-4352-107c-5886-7a318683ec29%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Suggestion: Allow modification of Firewall Rules of several Vms at once
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-30 14:15, grzegorz.chodzi...@gmail.com wrote: > > Preamble Qubes OS offers an option to restrict network traffic > within a VM to a specific address/domain/website which is a very > useful feature as it allows the user to control networking within > VMs. > > > Issue However if the user wants to be 100% sure only the dedicated > VM can access a specific web resource, they need not only to allow > the dedicated VM access to a said resource, they also need to deny > access to said resource for every other VM they use. As the number > of VMs grow larger this task will get more and more mundane. > Just out of curiosity, would you mind offering an example of a concrete use case? > Suggestion Allow users to apply firewall rules to several VMs at > once. This mechanism could be implemented either in Qubes Manager > GUI or as a separate GUI application. > > Sample options > > Make exclusive - allowing access to a specific resource > automatically denies access to said resource for all other VMs > except for the system VMs > > Apply to all - allowing access to a specific resource grants all > other VMs access to said resource > > Apply to selected - additional checkbox would appear in QM allowing > the user to select VMs to which the rule would apply > > Apply to all from the same TemplateVM - self-explanatory > > I believe such a feature would greatly improve the efficiency as > well as minimize the risk of user error. > Thanks for the suggestion. Tracking it here: https://github.com/QubesOS/qubes-issues/issues/2139 - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXdf3MAAoJENtN07w5UDAwOFkP/2uWAsdLEvILk0C3jK4QRejI KeX7W3s5HXNylwnzkh5KArEF3Khb2MWrHdpXoYmWcCn+86S94twjztv0QnkDpEC9 J94Hfi5QYy3CgDJSjDOGcdHfvpR59nagAhLeAXOdjzM5jO50Y2ct+Wpc2zX8jwRv /ihC6a7+dthnvA6mjNu48bkfYV6DyKGhohlTwqMixzFTBjAfBLRd2+b1z3j6tpts FOygXTPyF0G8Wpx3wLhQAuog1Ij5HE8yBEj1x5I47naNPA4t7Swr6kMptlzzdcN2 uD4lTqFxA1lGXnLdjMOExaxNUkhDISLvNybQiRxFfmRu0R7MOq/S3RRa2bmHwfYB XIeYeIlWYh0kA9IvUHl/hF/fvoTrFXAguTFDw9lZYc0+Jq1yPWcojw0SdPkbVSuQ DjHod/cLTOeqlmYuWWA4WgYtPThsxEEbp6bPcunku++OQkemz+F39nboj2WANVVU GczGe13obGhFKa4++ujKZvnxdKxKBF6pE2VYSrv/+5MIfIhUYMvj/seHXoG3POjV Kj9A9IWuc31erGrF4QyjZzETyRWmWUm2ElqwqidfemZzxXG4BwryHAWtcApR26/i pnHpn3rvxUGt/a/E2Vt7Htm6ckbhtOMisBc0gT3WkSYPvFufqjWdbdcHU46FvXnb ce2eIvJv+/E78QpStSag =fO8g -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ff06fbc2-107f-1b21-9fd3-3b4952d2aabd%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Q wipe files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-30 13:47, 109384'109438'0194328'0914328'098 wrote: > Hello, > > Q security policy don't protect against app-exploits, but give the > tools to protect your data. > > Protect data, but not apps! > > It's very clever! > > If, I move a file from VM1_green to VM2_green, the the filemanger > and the move-to-VM command. > > https://www.qubes-os.org/doc/copying-files/ > > Than later VM1 gets compromised in some way. So I must be sure that > the old file(copy) was wiped. > > How Qubes wipes files, so that the secure copy and paste security > mechanism will work, if the security-sensitive user will take this > manual action, to protect his/her data? > > I assume, if I delete a file, it will work in the same safe way... > > Kind Regards > I'm not sure if I understand your question. Is your question: "How can I securely wipe (delete) a file in a VM?" If this is your question, then the answer is basically the same as on a conventional OS. For example, if it's a Linux VM, then you can use the "shred" command. It's a matter of controversy whether this will make the file forensically unrecoverable, especially if it was written to an SSD that utilizes wear-leveling. However, if you believe that the VM that contains the file is compromised, and you've already qvm-copied out all the data you want to keep, why not simply destroy the whole VM? You can do this with qvm-remove (or the same via Qubes Manager). The same concern about forensic recoverability might arise at the dom0 level. You have a couple different options here: * You can use shred in dom0. The same caveat applies as above. * You can write the data to an encrypted disk/container in the first place, then just wipe the encryption header whenever you want to make the data unrecoverable. (Of course, if you use "shred" to wipe the header, then you're back to the previous issue, but at least anyone who recovers the header will still require the passphrase.) If you don't want to wipe your entire disk, you can store certain VMs in an encrypted disk/container and symlink them from /var/lib/qubes/*/, as described here: https://www.qubes-os.org/doc/secondary-storage/ (Or use some other method of relocating them.) - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXdfxFAAoJENtN07w5UDAwMngP/RSa7rYAn/c6ylnzsZ0S/8+e RoCrXgS8PEwtql6Kt7uTHC7opgfiAljBzLKFKQ8u6l/hFeRWvb/zAxPvCQ14weFN Zktxu4A0yeW1LV+jAR6Z2keFnqqjtddDoWO+frGwpYXhm1BoxwFvHzQDnUQOchR/ Ayzs5X8Qr/F3KXJBAsphLKYKHFdZ6IKEA73SCCor2lzrzft+j4BZKQuIxRqiQRCA 59eB5lcdzdfMS5LbohNGFP8SM+3ApLPqMxxcrRCRvjq3f1+uqmIosGgd3ba4Phhs 97SMJkMeNHeWB1KcPfLcQE7zj17WJzi/Opm/IpN4mO38UlDk8Bt5Smt++tfqLlz3 uYj5/7QwoMGoGbHRFhTmWuM/GcKT2tTHZn6glGRxdyvXTJi/hCo/FMI44oFkh8cl YLJZ70DrTHM/qLB27S+8Q5Zi6Hl8KMEmU+VX08P53cC/UO1beCXrRA2Uu3/dWvrQ oVkVNK+bIyKjyR4HVQo/kHPnERr4jtedaG2By9smUNAq88uouzhMoj1/9RB8DKWu osV96fWj+t9qjSupC+FVENg5GwjR4vTJM5zAnaTHWmKbtLX3u6GDt0vTWju2shVW XukK0hqDtTG0myvTLUCklQj1l/O7hDMnSvD3guiGECfVBL/BOH9rg0i+AlCRBbGI wl3nktfK8BwMT2fh0YKA =3T5X -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f39daf6f-2690-523d-1d21-805a5e97c526%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Networking
Does anyone have a solution to get the NIC running at 1Gbps? I've seen several solutions so far, but they are so far out of date they are currently no longer working. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f0b55fc5-b59b-4ce2-b30e-4cc4e00ca28e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] QM VM Hierachy?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-30 13:17, '091438'0193284'091843'0914328'098 wrote: > Hello, > > how I can build in the Qubes Manager a hierarchy to order the > different VMs? > > This will help to group and subgroup the VMs and shows some order > in the system. > > Kind Regards > Qubes Manager does not currently support this functionality. However, you can create such a hierarchy in the app launcher menu by using submenus. If you're using KDE, right click the app launch icon, then click "Edit Applications..." Once you're in the KDE Menu Editor, you can click the "New Submenu" button on the top bar to create arbitrary groups and/or hierarchies of entries. You can also use separators to help with grouping things. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXdfgQAAoJENtN07w5UDAwz6oQAMCJYkfqgyuDZ3xgegPM7VKb YCxbCkQPaJRQZ/R0q7Vc7fXRTzgIhTSntqO0TxQvVnb0USe05jfZVKH7TCY4lKEU vUyd/oeoYWY5XbbZi4pKzVOLxHYYsnRXk3t59MdN6XsEPFdcss1Za83i3l1S8Cdb /XPyIak3fi0nkVaLJwiPKBbkdYRSwkLNaezm+p3EAdlKGdUEck3Fw9YrIvazRBLk S5yp3gzz65SWQoXHtz+asTi62X+QE/Cq1e8M+vJ+o7xZBlEH9IUGCv5yZ2Leod8j 843ojCUc3t92GQ7qSmT5Cp5tWhTQGXnQe5tjIWj3rKFPLd8M+u7ihq8Gk+XOfD+B I0jCgw2AKHOBmT1D6UdKQFtNeBECu9t2e1wQ2sPZqyPwW7+hH7FIaWwMXc+nR0AN yDNMXfkqW+4kuRA5Zi1gy6GrzOqTkfFziNEmrlQeE32LnEb7W9Vx3KwvIPMqHyea hAqNRWagMgYsk1RzkO/fiyIYUrGHWYirI69ZbtMw+FjXYK2FkAE0OgDmOl30fIP8 d3WIQd6LLinDX0+ai5BgPIn8OxJE6gPngbq7CqAF8FdKlbYXElmbTT5nPeVF6uKc wqnmLTUg+FAqgTS/ududNkGmrCOIaCeXgdF4GqTbtKq8QHvwDKS45IV8OniTwG/5 a1tDjUMfuWlPmrsRGNfF =W8qn -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3ada7970-ca8b-3e51-b63f-39765e7d05ec%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Error starting VM: no such file or directory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-30 09:42, katerim...@sigaint.org wrote: > Hello After creating a proxy VM, I tried to start it but shows up > this message: "Error starting VM:2 no such file or directory" What > is the problem? Thank you > Can you check /var/lib/qubes/servicevms/ to see if the ProxyVM you created has a directory there? - From a dom0 terminal: ls /var/lib/qubes/servicevms/ - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXdfdqAAoJENtN07w5UDAwfUcP/RewcyfxAHHa1lCrsEveGNEg 5JIPdmJZuNHs/hF1LMnRC65BGdpbllAegNWg0edoUQLEiJn9bMNxZN389IzgGi2b 1zj1hIZXRsb9oHMvUkh0b1ADY8OXiRnbjvWS40rnrBi2CuT+u/2Js8ntmNp5nL+x Oy6FxGNue/OrfOgYAH7VY9U/mZkA2KsCAbsouIMMZEYjSQvW23VujWZj2jK6vHCq tzSzHW2Hu2Uvu39CQ9NqYcildRE2+s1Hy0vZgT7GJ+1JLOzfwc8d2D8e/70VESCy BaXgWCZiJ5hEfxFPJ/Erb57MtBkCFD37dfOu77N/ZEmdoGcm6EG1TqPS8JNyiwvC pwvuo3sjJ9CbiXG9wYXLAwPgvBb307h61gew5qpBKkPFz7E+wOdKjkQ7BxAXfwrs NI8Ibk20EAFDlK5WGCUwAwmCx1vZUXI7ImQbb3ww2iIIM057KvYRKvuOTKEmxQBq wUrJpugIS9MxAWc4ByJpzmMetSLUnO5kd/dPQnSnAYaD0nSNcJrUum6UdBOy544W baFwkGi65wbTMlmGB5AfBOwEnmsWCrj25pAcgk0p5aijBTm4OKa1JdPV455esfNe OlaAHO7H92gCuOTNR9wzJ/h0F1vYsk06HLvsDkOlHwMJTQPm8Tjf+5WiVbKqeL73 9YlapzdQLffeqU+zhbxU =d7km -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/487eb20d-2f0f-1df7-63af-adafaa9208d9%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Split GPG and ssh keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-30 01:10, Eva Star wrote: > I do not know what is under the hood at split gpg, but seems it's > simple gpg-agent. If it so, that seems it's very easy to add > support for ssh keys. All what is need is already developed: > http://superuser.com/questions/360507/are-gpg-and-ssh-keys- > interchangable > > Need only do add this to SplitGPG :) > But the answers to that question indicate that GPG and SSH keys are *not* easily interchangeable. Am I missing something? P.S. - Please avoid top posting. > >> No, Split GPG does not support SSH keys. However, we have a >> ticket to track a "Split SSH" feature: >> >> https://github.com/QubesOS/qubes-issues/issues/1962 >> >> We're hoping a developer from the community will pursue this. >> - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXdfXvAAoJENtN07w5UDAw2RkQAJUo/N6cpB/DQ2inLo39zI1b ahxR4+Nt9Vo/KFzw+bdnGfDB0Fj4Rjn5pelBlSH08giH9twYnj6ptPi3WfF8vXut 5t+X4mdml5Z43ymNAUmfmCGn8JfZyKnBpk3iKHGK4SdVl5LBO4ft0Ct2YcoD9hPT ZHHUi2lGg2UP7qe1rwR+c5ZixYs7YS15JooCB6cGHlq19w67Ibc/5tQGLE6x9vIY xrFgZrRbi5x5Gwy+h7CnmQw++OwknjOE3ofSnNuWyC1PyIWcWeV2y05Qr757O1cm H8VnAo29lKKhLc9qmI6BsVSDyX1fXvirQiqHYy5Az4/L0HQVR4NJYiZUfIbIRI0i XiTwE2ORnjO8icWzhBF1ZRiIsckApO9Ula771AZlxqcd0cFOnqFiFBON86kDbBq1 K4cekzfRK2fqT3amEX+IqeYqG6w8Vgxj35q5U19RmyHU75o6tgqSucOf8lg/fKG2 /OcjCYYtWnHz16tkRn9HKE90rVOPik3IWx3UmmRGkFRp+oaBPpCvgQUzz1YyFOFY 6Pu8QYmT9Ni7vguK7kFpKhOh71R+3NAQ8RMDZTS6CJ626cRclJuwIFptStpCPOPf 6Fz50WLB3ljOFN083KI4iPx8JB/9SvKV+WpHjiclEFy6BPje6GPGVCz40sllwpS0 jd2nqxaaS0TlRYvDd8sI =77J9 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7ec7fb9f-10a7-2fc1-2c39-790e196b2106%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes R3.1 hangs during boot
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-06-30 04:10, amad...@riseup.net wrote: > On 2016-06-30 04:46, Andrew David Wong wrote: On 2016-06-29 01:20, > amad...@riseup.net wrote: For months now I've had an intermittent problem where qubes hangs during the boot process which then results in me having to power down. The symptoms are: The system boots normally, I enter the disk password, which is followed shortly afterwards by the username/password dialogue box, after about 30 seconds or so the system hangs and I have to power down and reboot. > > When the "username/password dialogue box" appears, do you enter > your username and password? Does anything happen after that? > (E.g., is there any indication that the password is correct or > incorrect?) > This never happened in qubes R2. I first noticed it during the beta editions of R3. It seems to be getting worse - I've just had to reboot 6 consecutive times before finally getting into the system. Anyone any ideas? > > Thanks for all your replies to this issue. The problem appears to > be related to battery charging - when the battery is being charged > the systems hangs during boot. It never hangs otherwise. In any > case the problem appears to have been resolved in R3.2 which I got > working yesterday. Thanks again > (Looks like you meant to reply-all, so I'm CCing this back to the list.) - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXderVAAoJENtN07w5UDAwAawP/1yQzXU86561FCmynjBt6cGg Q4pKyjHz3Lwe51iW7qoymQA4wQ0XpxxiTs/pTet90Tw5WG8sZ8w0qW32udu8dMJq 5BNIhWADBDIXT0SjSHrWmCZ+c/SO/qbJOYv4s7OxKjIlVekR1mRa+HcEPlTAO8BI cdL9FoCJxXZTTIh4sQo8BcqRZ2YdDgaYzi2B/FTut8Wjzay9ErMq3gnexGFtJafS 0OIS9dzUYQn5PqrfTPBTV4fyzxvOXCF9uCHpsnwBeXCAo+8W85ccVIhWagJTnOgl wzXsvC0XtZf+Pl/aZgCKmRhFgHuvqks7nk5fAMMHkwibZ1mycV2ZsUL6T8L4iP1s zUKglTRk0Qk7rpwvAMmrYr+PgdqqZlWCFv67Va28h0i+fJCjnPmH20kaSNMHGSgb 6kjvK6+XC3tnFgYFfIvufccJc9ufQNtr5w1thppgDxpMI/t9hK+EcPY6Yvh8DNGf 5vU9kXOCEXe+fR/PCo4QLelgOu8OtmadP5mqrS2MJx1+5d4roQ5gYkAEvQ1K0vNU yndke00nCbqv7Jof/DSi7hh5cEoOD9bgAffQDKVWcDjtUAYoQGjrAujVQQbSsgY0 PNa7dw/a3dMBVatuFJ5ACNq0IiVxq/+4UmaBKCivarCdWUFxgUYaFWSDTsWd7lvO E4GanwgClFqxLM5KyD5P =R2kd -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c7c2ec14-95f2-4934-1a62-8fe3b412f445%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: [3.2rc1] Bug: Windows disappear, VMs go from green to yellow
On Friday, 1 July 2016 11:56:48 UTC+10, Marek Marczykowski-Górecki wrote: > > > Already fixed in testing repo. > https://github.com/QubesOS/qubes-issues/issues/2085 > > What in the testing repo cures the issue? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8389841a-38c9-483f-925a-6713b02333af%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: disable seamless mode Windows 7
On Friday, 1 July 2016 11:55:47 UTC+10, raah...@gmail.com wrote: > > didn't even know you could do that with win 7. Once you install the tools, it's got the user directory on the private.img drive. So you have the base system, and then the portable apps on each private.img. If you don't move the profiles, then that's fine too, but it will be a little more difficult with a few issues arising. This is why I recommended a sandboxing thing added into the tools, for installing of new applications to be sandboxed installations into the private.img. Thus no drive C files are changed, everything remains on private.img so it isn't lost on shutdown/reboot. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b160facc-dc0a-43cc-acfa-c3ad91231361%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: [3.2rc1] Bug: Windows disappear, VMs go from green to yellow
On 06/30/2016 09:56 PM, Marek Marczykowski-Górecki wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, Jun 30, 2016 at 09:35:59PM -0400, Chris Laprise wrote: The gui daemon connection for debian 8 VMs is disappearing in two different scenarios: 1. When starting the VM, the status goes from yellow to green then back to yellow within about 3 seconds. 2. When exiting the vlc player, all windows for that vm will disappear. I can recover from this state by using qvm-run or QM to run something in the vm. Then the gui connection is restored and the vm's windows reappear. This guid.log error is found after the state changes to yellow: invalid PMaxSize for 0x54001ce (0/0) invalid PResizeInc for 0x54001ce (0/0) invalid PBaseSize for 0x54001ce (0/0) ErrorHandler: BadWindow (invalid Window parameter) Major opcode: 4 (X_DestroyWindow) ResourceID: 0x54001cf Failed serial number: 105463 Current serial number: 105465 I can always reproduce the error with vlc. When starting vms, the error occurs about 40% of the time. Already fixed in testing repo. https://github.com/QubesOS/qubes-issues/issues/2085 Thank you :)) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f4ac4744-c86f-78ed-c6e1-01c27662bbb0%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Networking
On Friday, 1 July 2016 12:03:24 UTC+10, Chris Laprise wrote: > > HVM drivers do have throughput issues... > https://discussions.citrix.com/topic/266073-virtual-nic-type-in-hvm-vms/ > Do you have anything that is remotely current? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7946652b-5f07-44a9-97ac-498ebee8283f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Networking
On 06/30/2016 09:50 PM, Drew White wrote: On Friday, 1 July 2016 11:42:05 UTC+10, Chris Laprise wrote: That's just a description of the emulated adapter. No, it's the physical speed of throughput of data actually. I'm not talking about a descriptor, I'm talking about the actual speed. HVM drivers do have throughput issues... https://discussions.citrix.com/topic/266073-virtual-nic-type-in-hvm-vms/ Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/dcdc6701-26c1-2393-1e25-138eaa4fe502%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: [3.2rc1] Bug: Windows disappear, VMs go from green to yellow
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, Jun 30, 2016 at 09:35:59PM -0400, Chris Laprise wrote: > The gui daemon connection for debian 8 VMs is disappearing in two different > scenarios: > > 1. When starting the VM, the status goes from yellow to green then back to > yellow within about 3 seconds. > > 2. When exiting the vlc player, all windows for that vm will disappear. > > I can recover from this state by using qvm-run or QM to run something in the > vm. Then the gui connection is restored and the vm's windows reappear. > > This guid.log error is found after the state changes to yellow: > > invalid PMaxSize for 0x54001ce (0/0) > invalid PResizeInc for 0x54001ce (0/0) > invalid PBaseSize for 0x54001ce (0/0) > ErrorHandler: BadWindow (invalid Window parameter) > Major opcode: 4 (X_DestroyWindow) > ResourceID: 0x54001cf > Failed serial number: 105463 > Current serial number: 105465 > > > I can always reproduce the error with vlc. When starting vms, the error > occurs about 40% of the time. Already fixed in testing repo. https://github.com/QubesOS/qubes-issues/issues/2085 - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXdc3YAAoJENuP0xzK19cstmEH/3xvEALxPH5HhJ9G7vYNG/29 Xn724efNyahVjk1UfCnK3uk8Ybm9Nn4LMONjj5s6xmw0C8PK5i+ZhR2lzbNS2ROs pnBw4HRvPkvOgadoGymbSxAU5lM24PzeqJeGrshGud7+xeSXwlpOKZVmmr8ZHIcu kDo/53eeUmVgXcU+n9nTJHBLqMme5p0XcPNQksk1/3zn06GOikcqnobVpvN434hW /QaF+PzHpBuLZOizmVvOJ3OFLV/K3mWXDytq/ZZCQtTNPRdcdFj2OhBIa/v4X3pb a1ZMK09TLXetB76UMiYXeQXW5kezU+fNtpc916L3TRca+L2JWXuQfJbRRAP7L2U= =1Oc+ -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160701015638.GP1323%40mail-itl. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: disable seamless mode Windows 7
On Thursday, June 30, 2016 at 9:27:15 PM UTC-4, Drew White wrote: > On Friday, 1 July 2016 11:12:23 UTC+10, raah...@gmail.com wrote:you run a > windows template? I've only run win 7 in hvm. > > if you read what I said... > > "I have 4 virtuals that run off the 1 Windows template, and all work fine." > > That means I have 4 virtuals, and they alll run using the one parent > template, just like using Fedora or Debian AppVM that is NOT standalone. didn't even know you could do that with win 7. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a595bd09-2d2e-4838-a1db-461c92a64e99%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Disable Acceleration to Fix GPU Issues
On Friday, 26 February 2016 03:56:59 UTC+11, entr0py wrote: > > For 'radeon' driver; in dom0, add this to your xorg.conf: > (or most likely you won't have one, so touch > /etc/X11/xorg.conf.d/50-video.conf) > > Section "Device" > Identifier "card0" > Driver "radeon" > Option "NoAccel" "True" > EndSection > > All my issues are gone! Hope this helps someone. > This resolution did not fix the problem for me. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6260cbe5-ca33-4d26-a2b3-26818dee66de%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Networking
On Friday, 1 July 2016 11:42:05 UTC+10, Chris Laprise wrote: > That's just a description of the emulated adapter. > No, it's the physical speed of throughput of data actually. I'm not talking about a descriptor, I'm talking about the actual speed. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/05b13254-3e8e-4994-b9bd-3a6ff3cd12a2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Networking
On 06/30/2016 09:37 PM, Drew White wrote: Hi folks, Just wondering why my Win7 has only 100 Mbit networking instead of Gigabit? Is there any way to make it gigabit in the vm? When I only have 1 or 2 VMs running, to use only 100 Mbit out of a 1000 Mbit NIC is just wasteful. Please help. Thanks in advance. -- That's just a description of the emulated adapter. Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ed53eee5-8b01-da95-33b5-b71165b7eaa0%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Networking
Hi folks, Just wondering why my Win7 has only 100 Mbit networking instead of Gigabit? Is there any way to make it gigabit in the vm? When I only have 1 or 2 VMs running, to use only 100 Mbit out of a 1000 Mbit NIC is just wasteful. Please help. Thanks in advance. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f4af8845-37ed-48f1-bbcc-a809588e747c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] [3.2rc1] Bug: Windows disappear, VMs go from green to yellow
The gui daemon connection for debian 8 VMs is disappearing in two different scenarios: 1. When starting the VM, the status goes from yellow to green then back to yellow within about 3 seconds. 2. When exiting the vlc player, all windows for that vm will disappear. I can recover from this state by using qvm-run or QM to run something in the vm. Then the gui connection is restored and the vm's windows reappear. This guid.log error is found after the state changes to yellow: invalid PMaxSize for 0x54001ce (0/0) invalid PResizeInc for 0x54001ce (0/0) invalid PBaseSize for 0x54001ce (0/0) ErrorHandler: BadWindow (invalid Window parameter) Major opcode: 4 (X_DestroyWindow) ResourceID: 0x54001cf Failed serial number: 105463 Current serial number: 105465 I can always reproduce the error with vlc. When starting vms, the error occurs about 40% of the time. Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d82c223b-bcd7-b1a7-adcb-8448377f089f%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: disable seamless mode Windows 7
On Friday, 1 July 2016 11:12:23 UTC+10, raah...@gmail.com wrote: > > you run a windows template? I've only run win 7 in hvm. if you read what I said... "I have 4 virtuals that run off the 1 Windows template, and all work fine." That means I have 4 virtuals, and they alll run using the one parent template, just like using Fedora or Debian AppVM that is NOT standalone. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9e5c7c90-f4ba-4fab-8e34-e88c54e82d28%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] feature request: luksAddNuke
Caspar Bowden: > On 02/17/15 12:51, Zrubi wrote: >> On 02/17/15 11:28, J.M. Porup wrote: >> >>> Journalist crossing a border with sensitive documents. Government thugs >>> demand decryption. >> >> http://xkcd.com/538/ > > So this is an oldie and a goodie, but actually many there are many > borders Qubes users might have to cross where governments will not use a > rubber hose > > The UK has some of the most sophisticated (and oldest) coerced > decryption laws in the world - here's how they work, and how they (can) > fail > > www.fipr.org/sfs8/bowden.pdf > As relevant as ever. Thanks for everything, Caspar. Andrew -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2e783661-2e2a-93e6-0ff9-c45af9326490%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Cryptsetup LUKS Nuke Option
Andrew: > J.M. Porup: >> On Wed, Jun 29, 2016 at 02:30:34PM -0700, flux wrote: >>> My thoughts were more along the lines of mitigative travel protection >>> crossing borders and such. Like, you can boot to decryption but if the >>> device is seized, no valid decryption can actually be performed. But as you >>> say, depending on your situation that could be disadvantageous. I >>> additionally just enjoy the idea of separating keys from locks regardless >>> of the encrypted state of those keys. >> >> FWIW, I support this feature request as well. Search the archives for >> previous discussion early 2015 (Caspar Bowden indicated his support for >> the feature, before he passed.) >> >> Overreliance on a boot nuke feature would, as pointed out, be unwise. >> But as a journalist, I can easily imagine a scenario where I am crossing >> a border, am asked/ordered to decrypt my laptop, and I prefer to nuke >> the hard drive rather than comply. >> >> Sure, border officials might image the disk first, but how many laptop >> users have such a feature? >> >> I think of it like TLS. Arguing that X.509 certificate infrastructure is >> broken and not (very) trustworthy doesn't mean we should insist Qubes >> return to a non-HTTPS website. It's a layer of protection, one of many. >> >> So I support this feature request, while noting the priority is low. >> >> jmp >> > > [bullshit] > > Andrew > Actually, I think I get it now. Tell me if I'm wrong. You want this to be a readily-accessible feature of Qubes. It's not that you want to prepare to cross borders: you cross borders in the course of your work. It's not even that you cross borders: you're generally mobile, and you're a potential target. It makes sense to have the ability to provide a quick failsafe if and when the need strikes. Still, I think the better solution is to implement plausibly-deniable per-VM encryption/hiding, as suggested when this topic came up back in 2015. Search for the qubes-users thread "Re: [qubes-users] feature request: luksAddNuke". Caspar actually supported this idea: > I would really like to see this implemented > > -- > Caspar Bowden > Qubes Policy Adviser" Does this, or do these, already have a tracking ticket? Andrew -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2e021a2e-7bec-623d-bf02-35481ca817a3%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] p70 rebrand $2k+ cheeper
for those holding out for a p70 the ws72 is well worth a long look https://www.msi.com/Workstation/WS72-6QJ.html i think its the same laptop ecept max 32gb ram, has tpm vt-x, vt-d (hard to find but aparently yes), im not sure what to google for further to find out for qubes comatability -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e9217d13-8be3-48f3-9cc8-289557b10cb5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: disable seamless mode Windows 7
On Wednesday, June 29, 2016 at 3:36:28 AM UTC-4, Drew White wrote: > On Wednesday, 29 June 2016 12:39:20 UTC+10, Eva Star wrote: > Yesterday I unchecked "Seamless mode" on already running copy of the Windows > and it's do the magic on the fly... > Yes, that is how it's meant to work, and EXACTLy how it works in Qubes 2, and > worked in every way possible back then. But the tools got broken in Qubes > 3.0, and have not been fixed since. > > > > I'm disappointed with the freezes if Windows time to time. Looks like it does > not receive some information from mouse. But this feature works well. > > > That is NOT an issue with Windows. > I have the same thing with Debian 8 recently. > > > I recommend fixing the template, and then that should fix the issue. > > > I have 4 virtuals that run off the 1 Windows template, and all work fine. > > > I have Debian, and 1 virtual that is the NetVM running from it, and Debian > always causes the entire system to freeze. I can't even get enough power to > be able to get the details up to find out what is causing the issue. THAT is > how bad it is. you run a windows template? I've only run win 7 in hvm. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/338aaf1d-09cf-4212-a7a0-dd2d086e57eb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Question about Xen sandbox escape from Oct 2015
On Thursday, June 30, 2016 at 5:48:17 PM UTC-4, danmich...@gmail.com wrote: > Wow... so the ISO doesn't get patched...? Wow... > > Surely there should be a BIG warning on the Qubes downloads page... saying, > WARNING! Xen in QUBES 3.0 allows full sandbox escape..! Update your software > IMMEDIATELY after downloading, before doing anything else...!! > > It really surprises me that there isn't such a big warning, given the > severity of this Xen bug... Wow... I think people concerned about their security know to update before doing anything else. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/78f0edee-4d90-4f43-a897-c0ca1a1d37ea%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Linux-libre in dom0
Btw, I also love trisquel for the same reasons :) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/22896ebe-fc4c-4cad-8326-7b85c251cc0b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Linux-libre in dom0
On Thursday, June 30, 2016 at 8:49:16 PM UTC-4, Duncan Guthrie wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On 01/07/16 00:03, Marek Marczykowski-Górecki wrote: > > On Thu, Jun 30, 2016 at 10:57:42PM +0100, Duncan Guthrie wrote: > >> Dear Qubes Users, I have been using Qubes OS for a couple of days > >> now. I own a Lenovo Thinkpad X200 and everything works fine, > >> including WiFi. However, I am concerned about this, because my > >> X200 has an Intel WiFi chipset, which I know uses proprietary > >> firmware. I am concerned about this because the firmware could be > >> malicious, so I think this is quite bad from a security > >> perspective. The more proprietary software, the worse security > >> you have, as has been shown many times. Since the hardware is > >> secret, it is possible that the WiFi chipset could be used to do > >> malicious actions without any way to tell. I am especially > >> concerned about the firmware being in dom0, which has access to > >> the hardware. > > > > WiFi card is assigned to NetVM and have no access to dom0. So even > > if its firmware is malicious, it shouldn't be a big problem. It may > > at most mess with your network traffic - which should be encrypted > > anyway for anything sensitive. > > > > In practice the only firmware still needed in dom0, is the one for > > GPU (if applicable). > > > I think this is a good idea in general, whether the firmware is free > software or proprietary software. However, there are certain wireless > chipsets (made by Atheros corporation) which work without a > proprietary firmware blob for WiFi, but don't for Bluetooth, so even > if they largely work without the proprietary program, the operating > system still loads some proprietary program not needed (most people > don't use Bluetooth at any rate). I own such a chipset on my desktop > computer; Debian works without any proprietary software at all, while > Tails loads firmware for the Bluetooth. What is the answer to this, do > you make exceptions for firmware only for wireless cards and GPUs? Or > do you just allow them all through. > > Another thing I have read is that Linux-libre's deblob scripts don't > just get rid of firmware that is proprietary, it removes all binary > files disguised as source files (e.g. some binary file named > "something.h") and "obfuscated" driver sources (I believe that the 2D > nv driver has been accused of this). Would you consider at least > adapting the deblob scripts from Linux-libre to work for your kernel > to only allow select firmware through, for the most common computers? > Another option, like Debian (and, if I recall, Ubuntu to some extent, > although I have never installed Ubuntu), which I think would be even > better is to have a completely free kernel by default, then a separate > repository for firmware, which can be enabled in the installation > process. It would probably be considerably simpler than adapting the > deblob scripts to be quite selective, too. It wouldn't make Qubes > compliant with the Free Software Foundation's "Free Software > Distribution Guidelines", but I think that from a security perspective > it is better than including the proprietary 'blobs' by default, and is > a balance between usability of obscure hardware and security of dom0 > (it never hurts). What do you think of this proposal? > > - > Thanks for your reply, it was really helpful for allowing me to > understand more about your security policies. > > D. > > > -BEGIN PGP SIGNATURE- > Version: GnuPG v2 > > iQIcBAEBCAAGBQJXdb3qAAoJEPs8tiiQ8FTAf4wQALdWB123VGv9OdisLfI2OQda > 6r6IyVWPny+shAuoxfiui+0HmkHZB8CMaAleLGmyOo+iWT8jBiTbqV8qMTfWO9kL > My1TUuvEB12s7RGecqKxRlz5ij1cmnpbCg2yXM1qfEpFLYtw9d9agw4fEiSOCokY > aF7nuPeLXZjp91mSaTRRV/U4JXd09XFU1/dULNUv+0Pmr7uT+8ZhlLdGHaRoN2SV > +AmgVQdtnRoIsJWRrEeT9CG6KS5Z7+JmGNcOfVIW9CSa2WFG+JFbiJEyfo26IciP > ofAMzqapBWZwzlxJ6pNriGgacYeyHKMJwBK34RCebuyrpreLU5QutxZ3avO9yoHh > JUqNdffcwlL43noZ89i9SIV+wYcB9Nj9PvUjPzCuxXMfFHkaNJ4cI17N/mLZzKXc > 0SCKn5DAFjOz2wBQ/M4KTYoBfPbj0HWkBlbNdHNYzIutfMWG5NbMkIbph46tjWkF > yThTSZZoCLChhZ0OAnEc7vNLCcwCVArXo6P0L+FDdAMDTVLxk8CaFOuhIWFQXnG1 > Q20K3sTlTh2pPjf2bvEXNlFOBQ2H7tHV4YVyyoqsEsFyr3aq4KiEUcffhWma6Y8H > 5XT405xg80/17L2sHYJciE+k6U9C1tpJe2BYYnOWrId3E72gL+AGpnB3h9J/6s/g > tvxD9xDk5VSpnb13dnJb > =WZ6b > -END PGP SIGNATURE- I think what Marek is saying is that from a security standpoint it doesn't really matter because the netcard is isolated even at the hardware level with iommu supported system. And if it messes with your network traffic you should be using encryption, https or tor etc.. I think the reason they are not adopting such kernel is cause qubes is trying to get more users and hardware compatibility is the biggest hurdle and turn off to people. Its still new type of os and people are hesitant. Also most people use laptops and wouldn't be as willing to buy an external usb network card for qubes.Which might also be troublesome in
Re: [qubes-users] Linux-libre in dom0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 01/07/16 00:03, Marek Marczykowski-Górecki wrote: > On Thu, Jun 30, 2016 at 10:57:42PM +0100, Duncan Guthrie wrote: >> Dear Qubes Users, I have been using Qubes OS for a couple of days >> now. I own a Lenovo Thinkpad X200 and everything works fine, >> including WiFi. However, I am concerned about this, because my >> X200 has an Intel WiFi chipset, which I know uses proprietary >> firmware. I am concerned about this because the firmware could be >> malicious, so I think this is quite bad from a security >> perspective. The more proprietary software, the worse security >> you have, as has been shown many times. Since the hardware is >> secret, it is possible that the WiFi chipset could be used to do >> malicious actions without any way to tell. I am especially >> concerned about the firmware being in dom0, which has access to >> the hardware. > > WiFi card is assigned to NetVM and have no access to dom0. So even > if its firmware is malicious, it shouldn't be a big problem. It may > at most mess with your network traffic - which should be encrypted > anyway for anything sensitive. > > In practice the only firmware still needed in dom0, is the one for > GPU (if applicable). > I think this is a good idea in general, whether the firmware is free software or proprietary software. However, there are certain wireless chipsets (made by Atheros corporation) which work without a proprietary firmware blob for WiFi, but don't for Bluetooth, so even if they largely work without the proprietary program, the operating system still loads some proprietary program not needed (most people don't use Bluetooth at any rate). I own such a chipset on my desktop computer; Debian works without any proprietary software at all, while Tails loads firmware for the Bluetooth. What is the answer to this, do you make exceptions for firmware only for wireless cards and GPUs? Or do you just allow them all through. Another thing I have read is that Linux-libre's deblob scripts don't just get rid of firmware that is proprietary, it removes all binary files disguised as source files (e.g. some binary file named "something.h") and "obfuscated" driver sources (I believe that the 2D nv driver has been accused of this). Would you consider at least adapting the deblob scripts from Linux-libre to work for your kernel to only allow select firmware through, for the most common computers? Another option, like Debian (and, if I recall, Ubuntu to some extent, although I have never installed Ubuntu), which I think would be even better is to have a completely free kernel by default, then a separate repository for firmware, which can be enabled in the installation process. It would probably be considerably simpler than adapting the deblob scripts to be quite selective, too. It wouldn't make Qubes compliant with the Free Software Foundation's "Free Software Distribution Guidelines", but I think that from a security perspective it is better than including the proprietary 'blobs' by default, and is a balance between usability of obscure hardware and security of dom0 (it never hurts). What do you think of this proposal? - Thanks for your reply, it was really helpful for allowing me to understand more about your security policies. D. -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJXdb3qAAoJEPs8tiiQ8FTAf4wQALdWB123VGv9OdisLfI2OQda 6r6IyVWPny+shAuoxfiui+0HmkHZB8CMaAleLGmyOo+iWT8jBiTbqV8qMTfWO9kL My1TUuvEB12s7RGecqKxRlz5ij1cmnpbCg2yXM1qfEpFLYtw9d9agw4fEiSOCokY aF7nuPeLXZjp91mSaTRRV/U4JXd09XFU1/dULNUv+0Pmr7uT+8ZhlLdGHaRoN2SV +AmgVQdtnRoIsJWRrEeT9CG6KS5Z7+JmGNcOfVIW9CSa2WFG+JFbiJEyfo26IciP ofAMzqapBWZwzlxJ6pNriGgacYeyHKMJwBK34RCebuyrpreLU5QutxZ3avO9yoHh JUqNdffcwlL43noZ89i9SIV+wYcB9Nj9PvUjPzCuxXMfFHkaNJ4cI17N/mLZzKXc 0SCKn5DAFjOz2wBQ/M4KTYoBfPbj0HWkBlbNdHNYzIutfMWG5NbMkIbph46tjWkF yThTSZZoCLChhZ0OAnEc7vNLCcwCVArXo6P0L+FDdAMDTVLxk8CaFOuhIWFQXnG1 Q20K3sTlTh2pPjf2bvEXNlFOBQ2H7tHV4YVyyoqsEsFyr3aq4KiEUcffhWma6Y8H 5XT405xg80/17L2sHYJciE+k6U9C1tpJe2BYYnOWrId3E72gL+AGpnB3h9J/6s/g tvxD9xDk5VSpnb13dnJb =WZ6b -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/60a2c0c9-8eed-62c0-c6fd-9cd22d46a88d%40posteo.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: HCL Report: HP ProBook 6550b + issues with ProBook
Further information... Qubes 3.0 works fine. Qubes 2.0 works fine. What has happenned to 3.1 to get that error? Does it use the GPU in a different way in Laptops to cause the issue? [drm] radeon: 512M of VRAM memory ready > [drm] radeon: 1024M of GTT memory ready. > [drm] Loading RV710 Microcode > --- system locked --- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/43154e09-eb34-4f07-966b-92f1dfe2ea8e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] KSnapshot picutres are dead?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, Jun 30, 2016 at 02:01:21PM -0700, 91834'0913824'09182'4309182'03498 wrote: > Hello, > > if I use KSnapShot, I assume that the resulting pictures are absolutely > harmless, regardless how malicious the original picture was, I'm correct? Yes. (assuming you're talking about ksnapshot in dom0). - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXdaWKAAoJENuP0xzK19csfBEH/ipASZ5MkM4HjRZeqzPBjoni sodCkIBtKCIZpZVEdvzaCz0y8gOsgpywdULZMZqGVbxxPEdtmDWkizRaSaI+G4KK S+SQQ+M+YKFrBHPJj1ZBskKfoaa5/gJ+/QVeqRtI/MEezWYe8O0KCwH6G3D7fCdP jp2NstV3tFvcOhaKkgTEEBKvr1oAk/UJgAjOXsSoUxvo7NrzVddW1Jv+A+ltH8ua F2g1wv7TincHqUHum09RXRRptUbLK+MnVg7iKI+67y9+gMmp8KQpdrjmU4cQVGfs bqk3omRxPQ+t87j+Tq7ljqrW+ikJHh31p7oA/g5npX6kQWBS5VwG9YOmEFwCyes= =s0Jn -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160630230440.GO1323%40mail-itl. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Linux-libre in dom0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, Jun 30, 2016 at 10:57:42PM +0100, Duncan Guthrie wrote: > Dear Qubes Users, > I have been using Qubes OS for a couple of days now. I own a Lenovo > Thinkpad X200 and everything works fine, including WiFi. > However, I am concerned about this, because my X200 has an Intel WiFi > chipset, which I know uses proprietary firmware. I am concerned about > this because the firmware could be malicious, so I think this is quite > bad from a security perspective. The more proprietary software, the > worse security you have, as has been shown many times. Since the > hardware is secret, it is possible that the WiFi chipset could be used > to do malicious actions without any way to tell. I am especially > concerned about the firmware being in dom0, which has access to the > hardware. WiFi card is assigned to NetVM and have no access to dom0. So even if its firmware is malicious, it shouldn't be a big problem. It may at most mess with your network traffic - which should be encrypted anyway for anything sensitive. In practice the only firmware still needed in dom0, is the one for GPU (if applicable). > For many months I used Trisquel GNU/Linux, which 'deblobs' the kernel > with the scripts from the Linux-libre project, endorsed by the Free > Software Foundation. WiFi does not work but I have an external dongle > and at any rate ethernet is often faster. Other than that, everything > else works flawlessly. > Therefore my question is, for a security-orientated OS, what is the > position on the proprietary firmware software? > At the very least, I would like to install Linux-libre in Qubes dom0. > The Free Software Foundation of Latin America (FSFLA) offer the > freed-ora repositories for Fedora, which removes proprietary firmware > packages and installs the upstream kernel (as far as I can tell; I used > it in normal Fedora and it works fine) and free firmware programs. > As a more permanent workaround, will Qubes offer Linux-libre by default? > I think it is best not to include the firmwares at all but maybe that > will be for further in the future. Generally your are right. But in practice it would mean even more constrained hardware requirements for running Qubes OS. So, until we implement GUI domain (which will remove the last firmware-needing devices from dom0), moving to proprietary firmware-free linux distro in dom0 isn't an option. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXdaVZAAoJENuP0xzK19cs8sYH/i0iSLXPCVWWu9pVOmh/CMwe YT60yKKQ6mBEl1ENT+5iP52XTgHlSYJd4ocAnMpYnT4+n1bNS+lhM0upg6chgc8M QWsVHC3E/V41banBIwn0JBUriKLT6LgnYqCXaAT8LNF+bPWlk7lsRkOxpH3UzQWH ofY8HoWv6MDoNfvEjrge9j0d5nKxRwkF7g0EpHu46czAg72M1jTDMU1jdrtztJGo cxplHCn9ZunO6I5jgArsdWvsQA0/1ilzZRkIyjXODvSmRhTv1GjcQVnXmZLt11a9 knCI6PXU5WVYcIRtVruHchrr7Z0/DovgcpHZK4FG7yzX8jAThw/8U6wo8vxqo6o= =3jtI -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160630230351.GN1323%40mail-itl. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Linux-libre in dom0
Dear Qubes Users, I have been using Qubes OS for a couple of days now. I own a Lenovo Thinkpad X200 and everything works fine, including WiFi. However, I am concerned about this, because my X200 has an Intel WiFi chipset, which I know uses proprietary firmware. I am concerned about this because the firmware could be malicious, so I think this is quite bad from a security perspective. The more proprietary software, the worse security you have, as has been shown many times. Since the hardware is secret, it is possible that the WiFi chipset could be used to do malicious actions without any way to tell. I am especially concerned about the firmware being in dom0, which has access to the hardware. For many months I used Trisquel GNU/Linux, which 'deblobs' the kernel with the scripts from the Linux-libre project, endorsed by the Free Software Foundation. WiFi does not work but I have an external dongle and at any rate ethernet is often faster. Other than that, everything else works flawlessly. Therefore my question is, for a security-orientated OS, what is the position on the proprietary firmware software? At the very least, I would like to install Linux-libre in Qubes dom0. The Free Software Foundation of Latin America (FSFLA) offer the freed-ora repositories for Fedora, which removes proprietary firmware packages and installs the upstream kernel (as far as I can tell; I used it in normal Fedora and it works fine) and free firmware programs. As a more permanent workaround, will Qubes offer Linux-libre by default? I think it is best not to include the firmwares at all but maybe that will be for further in the future. Thanks, D. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f8496515-e58f-4219-b42e-b4ef9ea4e43a%40posteo.net. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Question about Xen sandbox escape from Oct 2015
Wow... so the ISO doesn't get patched...? Wow... Surely there should be a BIG warning on the Qubes downloads page... saying, WARNING! Xen in QUBES 3.0 allows full sandbox escape..! Update your software IMMEDIATELY after downloading, before doing anything else...!! It really surprises me that there isn't such a big warning, given the severity of this Xen bug... Wow... -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20dff0cd-5fb5-44c4-9c60-2621b81ca405%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Suggestion: Allow modification of Firewall Rules of several Vms at once
Preamble Qubes OS offers an option to restrict network traffic within a VM to a specific address/domain/website which is a very useful feature as it allows the user to control networking within VMs. Issue However if the user wants to be 100% sure only the dedicated VM can access a specific web resource, they need not only to allow the dedicated VM access to a said resource, they also need to deny access to said resource for every other VM they use. As the number of VMs grow larger this task will get more and more mundane. Suggestion Allow users to apply firewall rules to several VMs at once. This mechanism could be implemented either in Qubes Manager GUI or as a separate GUI application. Sample options Make exclusive - allowing access to a specific resource automatically denies access to said resource for all other VMs except for the system VMs Apply to all - allowing access to a specific resource grants all other VMs access to said resource Apply to selected - additional checkbox would appear in QM allowing the user to select VMs to which the rule would apply Apply to all from the same TemplateVM - self-explanatory I believe such a feature would greatly improve the efficiency as well as minimize the risk of user error. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/82e6a0cd-598a-40b2-9120-134dc680564d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] KSnapshot picutres are dead?
Hello, if I use KSnapShot, I assume that the resulting pictures are absolutely harmless, regardless how malicious the original picture was, I'm correct? Kind Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6cb3b849-0ac8-47d1-b477-a0d1695d9990%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Q wipe files
Hello, Q security policy don't protect against app-exploits, but give the tools to protect your data. Protect data, but not apps! It's very clever! If, I move a file from VM1_green to VM2_green, the the filemanger and the move-to-VM command. https://www.qubes-os.org/doc/copying-files/ Than later VM1 gets compromised in some way. So I must be sure that the old file(copy) was wiped. How Qubes wipes files, so that the secure copy and paste security mechanism will work, if the security-sensitive user will take this manual action, to protect his/her data? I assume, if I delete a file, it will work in the same safe way... Kind Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/34fe1ac8-17a6-41c8-bcca-d8719d0c808b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] QM VM Hierachy?
Hello, how I can build in the Qubes Manager a hierarchy to order the different VMs? This will help to group and subgroup the VMs and shows some order in the system. Kind Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/66eb2830-2434-43b1-b139-c72800c52e17%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] BUG. Qubes Windows Tool Win7 under XFCE and Seamless mode window freeze
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, Jun 30, 2016 at 01:42:31AM -0700, Eva Star wrote: > I found the situation when "window" of WIn7 freeze. "Window" become > unresponsive for all mouse events. But Windows7 still working and I can use > "Win" key to open Start Menu after I switched to "non seamless mode". > I can unfreeze the VM by some keyboard events. > > The situation can be reproduced with with the mouse that have "BACK" > button. > > So, it's occur when I click "back" button on the mouse. And all opened > windows on this WinVM freeze :) Thanks for detailed bug report! Saved it here: https://github.com/QubesOS/qubes-issues/issues/2138 - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXdXJYAAoJENuP0xzK19csx7wH/R5TlZpN5y2e++FATpsZ4R/M vBu55qEbiudSAT2jM61aaK98bFzALWKE1blRMAP9rDs5+XxCOFHOZ5s7tMBBwe7x wFU0RRRK/KrKqbHm999ma2dCfvy7djk8+lnc41cXahawwUzgwIi7oE5DqJbTEnZP m536PAIF52tqJGGGPXZI8b2dkboEucsBzQIWDg9ClZfCZyaXaDGzFKcteWNnW/mb 8twirCWL+Xqt6vsaX2E+aLZ+qd+d7TUKu/7vp3obXN4SL2xZzMB/i5k6iq3KoEMW cwEFAgCTdgDIddAa707BolxPA9A7iGtmwsuLTXzfsuO2iAWbjDg+uV++pYI/OPk= =3Cn5 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160630192612.GI1323%40mail-itl. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Error starting VM: no such file or directory
This appears after that I have change firewall settings -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8d7efc042533f945487c43dc763a0c51.webmail%40localhost. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Error starting VM: no such file or directory
Hello After creating a proxy VM, I tried to start it but shows up this message: "Error starting VM:2 no such file or directory" What is the problem? Thank you -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7021540f2470b6a8f8caf7c8f25e9f8f.webmail%40localhost. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: HCL Report: HP ProBook 6550b + issues with ProBook
photo 1. installer issue photo 2. on boot crash. photo 3. lspci in terminal on dom0 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3cda4475-d819-42c9-ae9d-42c0d9ffde7d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] HCL Report: HP ProBook 6550b + issues with ProBook
After issues with Installation, an issue I believe still persists after install, it does work when that issue does not arise. More imfortmastion to come regarding the issue, including pics. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7f3996a2-ab40-41a5-870a-eeadbf7ddc0f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. Qubes-HCL-Hewlett-Packard-HP_ProBook_6550b-20160630-234916.yml Description: Binary data
Re: [qubes-users] Qubes Manager issues
> On June 30, 2016 at 2:45 PM Drew White wrote: > > > > > > > I have the problem that the Manager "vanishes" when I switch > > sessions (i.e. from KDE to i3) and I cannot start it or recently I tried to > > close and reopen it and it wouldn't reopen. > > > > A ps aux in dom0 showed that the process was still running, so > > killing it let me restart the Manager. > > > > > > > > Yes, I know you said that the "ps aux" said it was running, I'm just > asking in the way I asked to find out if it was doable in your position when > it is actually running but changing WM to see if it can be brought to the > current screen or not, and thus used because it's running. > > Because mine, when I kill it, I then can't start it unless I run it from > command line. > I start all my programs via krunner or dmenu, so it is probably the same as when starting them via the command line. Niels -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/846985678.7287.1467292371754%40office.mailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes Manager issues
> > I have the problem that the Manager "vanishes" when I switch sessions > (i.e. from KDE to i3) and I cannot start it or recently I tried to close > and reopen it and it wouldn't reopen. > > A ps aux in dom0 showed that the process was still running, so killing it > let me restart the Manager. > > > Yes, I know you said that the "ps aux" said it was running, I'm just asking in the way I asked to find out if it was doable in your position when it is actually running but changing WM to see if it can be brought to the current screen or not, and thus used because it's running. Because mine, when I kill it, I then can't start it unless I run it from command line. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/266caef9-e9ab-4db8-aade-f17b80869497%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes Manager issues
On Thursday, 30 June 2016 20:57:22 UTC+10, Chris Laprise wrote: > > About how long had it been running when you saw it at 597 MB? > Hi chris, Well, not very long at all. Maybe 48 hours. Normally I don't turn my machine off ever, and I never normally have to reboot it unless I'm making a huge change, that's the power of linux. I know I'll have my manager finished shortly, since I saw what was happening and was told about the memory leak, I figured I'd make a replacement tonight, just a temporary one until the current manager is fixed. At the moment, my temporary one does only 70% of the things. But sits at 7 MB RAM and 21 MB shared RAM. and I've had it running on the laptop here, normally after running a backup OR restore of a guest, the qubes-manager is at 59 MB RAM and 29+ Shared RAM. So there is definitely a leak somewhere in the coding, and I believe it's in the scripting. There are still all the image errors too. every time a form loads or displays or the image is loaded or displayed, it has the error. In Fedora I'm getting Gs-WARNING **: ... errors, so I need to go investigate that now. Guess I won't have the temporary replacement finished tonight after all.. What a shame... Anywho... Niels, You switch sessions, do you stop the manager and exit it before you switch? Or do you log out and then back in to a different WM? When you are in i3 WM can you do CTRL+ESC / System Activity, and see if it's running? If it is, right click and "Show Application Window". See if it appears. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2bd54a34-8df2-49f2-9277-dfa83ce185a6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Swiching Japanese input
Thank you very much. Now I can type Japanese^^ i appreciate. 2016年6月30日木曜日 17時36分06秒 UTC+9 yoo inn: > > hello. > > I have question about using Japanese input. > I'm beginner and my English is poor. I'm sorry about this. > Could somebody help me out please. > > I'm Japanese I would like to use Japanese input such as > personal , work, and when I'm connecting tor network. I mean everywhere. > > I installed "ibus" which is Japanese input at fedora 23 template and > devian8 template. > I read YouTube tutorial so I understand. to install "personal" or "work" > that next time it gone. > so I installed fedora 23 template and devian8 template. > after that I start "personal" and "work". but I couldn't switch Japanese > input. > > I can Japanese input and switch English to Japanese in fedora23 terminal > window. > > Will you please teach me how to manage this. > Thank you. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ab0e474d-bda2-4bff-8148-75eac118f5c9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes Manager issues
> > On June 30, 2016 at 6:50 AM Andrew David Wong wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 2016-06-29 19:12, Drew White wrote: > > > > > > Hi folks, > > > > I've just had Qubes Manager go haywire on me. Freezes up because > > it's using 597 MB RAM with 38 MB shared. That's just rhediculous. > > > > I had to kill the process to get out of it. And as usual, it won't > > start again and I have to reboot the system. > > > > I don't see how it could be nearly 600 MB RAM just for one > > application like that. > > > > Just thought I should let you know the issue. If it used less RAM, > > then Dom0 would not require more than 1 GB RAM. But one would give > > it 2GB just to be on the safe side. > > > > If anyone else is having this issue, or knows how to resolve this > > bug, please let me know. I've complained about Qubes Manager not > > starting before, but got no resolution then, so now I'm putting it > > here where it's the issue, not something else that caused it, > > because it's not something else that caused it to be almost 600 MB > > in RAM. > > > > > > Qubes Manager leaks memory, which is a known issue: > > https://github.com/QubesOS/qubes-issues/issues/860 > > The current workaround is to restart it occasionally. > > Now, if you cannot restart Qubes Manager, then that workaround > obviously will not work for you. However, in order to create an issue > for Qubes Manager not restarting, we need more information. > I have the problem that the Manager "vanishes" when I switch sessions (i.e. from KDE to i3) and I cannot start it or recently I tried to close and reopen it and it wouldn't reopen. A ps aux in dom0 showed that the process was still running, so killing it let me restart the Manager. Niels -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/891482407.6680.1467285327416%40office.mailbox.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: BUG. Qubes Windows Tool Win7 under XFCE and Seamless mode window freeze
It's Windows7 that installeted as TemplateHVM -> HWM that share template. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/85a62895-2fb0-4226-b0c4-088904bdf4c0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: BUG. Qubes Windows Tool Win7 under XFCE and Seamless mode window freeze
I can not test it on Qubes 2 or 3.0, because my hardware does not support it, because of old kernel at 3.1 dom0. It's on latest 3.2rc1 Win7 x64 with all latest updates (only without updates that force to move to Win10) New info: Seems I can unfreeze it by right click (maybe not always, but right now its works) ps. Is it possible to remove "Welcome to..." fullscreen window that show for 1-3 secs before windows go to seamless mode? Thanks > Does it work in Qubes 2 and NOT freeze? > What about 3.0 and 3.1? > > Just asking, because I noticed issues in certain versions with certain > things. > things that I know are bugs with the mouse and actions. > there are so many, it's easier if you just let me know those details and I > can reply with resolution if there is one that I already found. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/623798cb-351e-47b9-bcb6-bf029163e700%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes Manager issues
On 06/29/2016 10:12 PM, Drew White wrote: Hi folks, I've just had Qubes Manager go haywire on me. Freezes up because it's using 597 MB RAM with 38 MB shared. That's just rhediculous. I had to kill the process to get out of it. And as usual, it won't start again and I have to reboot the system. I don't see how it could be nearly 600 MB RAM just for one application like that. Just thought I should let you know the issue. If it used less RAM, then Dom0 would not require more than 1 GB RAM. But one would give it 2GB just to be on the safe side. If anyone else is having this issue, or knows how to resolve this bug, please let me know. I've complained about Qubes Manager not starting before, but got no resolution then, so now I'm putting it here where it's the issue, not something else that caused it, because it's not something else that caused it to be almost 600 MB in RAM. -- Drew, About how long had it been running when you saw it at 597 MB? Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b5f19b28-7218-00a5-da08-6b262fe9d1d4%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: BUG. Qubes Windows Tool Win7 under XFCE and Seamless mode window freeze
On Thursday, 30 June 2016 18:48:12 UTC+10, Eva Star wrote: > > Mouse "back" button 100% freeze open window of Window Explorer (file > explorer). Does not tested on other apps. > Does it work in Qubes 2 and NOT freeze? What about 3.0 and 3.1? Just asking, because I noticed issues in certain versions with certain things. things that I know are bugs with the mouse and actions. there are so many, it's easier if you just let me know those details and I can reply with resolution if there is one that I already found. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ee23b719-cb7c-4fc9-a9c0-622bbcee5d31%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes R3.2 Rc1 feedback
On 06/30/2016 11:18 AM, Marek Marczykowski-Górecki wrote: > On Thu, Jun 30, 2016 at 08:51:09AM +0200, Alex wrote: >> The suggestions on the page you kindly link are related to the >> bootloader (I understand it's xen.efi) is already installed, and >> not when it's being installed... > > Not necessary. That options (/mapbs /noexitboot) are applicable for > both installed and just installed system. And on Lenovo systems it is > to workaround a BIOS bug in functions accessing EFI variables. Those > variables are read during system startup (this is where original bug > manifests itself on Lenovo), but are written exactly where you > experience the freeze. So it may be applicable. Thank you, I will try to set these options as additional parameters in the EFI boot menu before starting installation. >> Which software does the actual EFI boot component installation? Is >> it a script of yours or some off-the-shelf program? > > It is efibootmgr tool. Thank you, I will look for more information with this software. -- Alex -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8264c917-4e79-7964-6113-54eadc8293f8%40gmx.com. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Swiching Japanese input
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, Jun 30, 2016 at 01:36:06AM -0700, yoo inn wrote: > hello. > > I have question about using Japanese input. > I'm beginner and my English is poor. I'm sorry about this. > Could somebody help me out please. > > I'm Japanese I would like to use Japanese input such as > personal , work, and when I'm connecting tor network. I mean everywhere. > > I installed "ibus" which is Japanese input at fedora 23 template and > devian8 template. > I read YouTube tutorial so I understand. to install "personal" or "work" > that next time it gone. > so I installed fedora 23 template and devian8 template. > after that I start "personal" and "work". but I couldn't switch Japanese > input. > > I can Japanese input and switch English to Japanese in fedora23 terminal > window. Take a look here: https://www.qubes-os.org/doc/language-localization/ - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXdOT9AAoJENuP0xzK19cspeQH/3JyiaiV53bClsIwWn5J57e9 9NaOx22IDniqRGpkspXjiqljrm+AsXfCeu2JtdtCu+y/ONTFRweLlsiaVvBW02sO 2/tSlMHBnyTylXPezEe5zm6HZJ9wO5auY4v8TYoLBKlyBki+t76TVbs0QODIYkVf QIeqzBSjdlNKv9PV1SG7tTNOihY9VScxyqjgfyXNGSwIcwojEQqMDRy4741QVArg UIrO/3McJx1Dgf42Eicax6FScIy5D60oAwucU4aVHapFdYM6GHYD9LylaQ4CYrwM ep4kypQ0XRk+VqMAbt3vl7wEh7KIDruhJo/FwUAD4tPESPHYgOf4z77zwJxKf6I= =YH44 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160630092309.GH1323%40mail-itl. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes R3.2 Rc1 feedback
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Thu, Jun 30, 2016 at 08:51:09AM +0200, Alex wrote: > On 06/30/2016 01:28 AM, Marek Marczykowski-Górecki wrote: > > On Thu, Jun 23, 2016 at 01:45:57PM +0200, Alex wrote: > >> On 06/23/2016 09:38 AM, Andrew David Wong wrote: > >>> On 2016-06-22 01:32, Alex wrote: > >>> > Had a working Qubes 3.1 installation, and the only problem was that > it could NOT be used with UEFI (even if the motherboard supports > it, and the Qubes installer does boot and starts in EFI mode), > [...] > >>> > >>> I think this is to be expected. R3.1 does not support EFI. > >>> > > > > We don't use grub2-efi on installed system at all - Qubes (xen.efi to be > > precise) is started directly from EFI. And in theory, in EFI > > installation, Qubes doesn't need to have separate /boot (only > > /boot/efi). > > > > But as for debugging the freeze - have you tried options mentioned here: > > https://www.qubes-os.org/doc/uefi-troubleshooting/ > > ? > > Symptoms are not exactly the same, but maybe it will help too... > I'm afraid that those suggestion do not apply to my case - the problem > is that when the installer has successfully installed all the packages > then proceeds with "post installation tasks", one of these tasks is > "Installing bootloader", and that's when it freezes completely if booted > in EFI mode. > > The suggestions on the page you kindly link are related to the > bootloader (I understand it's xen.efi) is already installed, and not > when it's being installed... Not necessary. That options (/mapbs /noexitboot) are applicable for both installed and just installed system. And on Lenovo systems it is to workaround a BIOS bug in functions accessing EFI variables. Those variables are read during system startup (this is where original bug manifests itself on Lenovo), but are written exactly where you experience the freeze. So it may be applicable. > Which software does the actual EFI boot component installation? Is it a > script of yours or some off-the-shelf program? It is efibootmgr tool. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXdOP4AAoJENuP0xzK19cszngH/0wvdt/FV5ETY4f966UNjD2f MN0ZJu1LmRnns5UZWpZBG6esQ9SI3yGgGVjn5nOZ3KzkHILDfnpU10xupIQp812Z JGnpKYLa7Ge9xrVqoP/2vx7R/ehduixiXaNGsZELh3JD1MgxJRgV7xMXaU26aglD NRnBj2C9DJi2GwsyV4ufNVRZXxwcbzZyp8ZunYr4zctwESEsk6o6MyeuKTDcvYDe SQBM6lAapUrtNMsA6dN4xarN3oG1RHF6CXlq2qV2I5yaNjW+Lr+VqNL/XDBNt9/A xydanj8vnNkSAvFKJXRKcd/57bKMzQBNlOP365jumI7YHQHf21dbL2CLi/dSMAc= =6QTT -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160630091848.GG1323%40mail-itl. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Question about Xen sandbox escape from Oct 2015
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, Jun 29, 2016 at 10:29:31PM -0700, danmichaels8...@gmail.com wrote: > OK > > Version: 4.4.3 > Release: 11.fc20 > > So I am OK. > > Does QUBES 3.0 come with the patched version though... Have the devs updated > the ISO so that it comes patched..? No, the ISO stays as is from the time of the release. It is always a good idea to install updates just after installation. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXdOKqAAoJENuP0xzK19csKxsH/1m9I5wfs3AcpynrzY7Mlez0 XtOw833+wqeYnXIDOq0B/7cwlyq6CpLYTGmfSq5xF1H+p5PctwuKL7tlBY/Bskga Zt98EuWF58+TnWJg6POJZQBQ/SlnWf98xB4PPz9XQ9tGvom7SFxlO5jKJkDQwzgT Cn/ipnl0yv9u39/CCZKmzCAq4wlNnebbX3tDMoL4ZorKmkUUKIWFtFBuTqwjhGl/ FXE6U+jOxj7QpFXIePlMo6TuRaWaadbSTJt1r2MXZsRkm0GcqARWUygRay0YIJWf nMIFBhXRh2T4InPUZr9dg4q74xlzeHVQ2U/3BRJPz+APW++5PuNkg2WOEHWlsQw= =heue -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160630091314.GF1323%40mail-itl. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: BUG. Qubes Windows Tool Win7 under XFCE and Seamless mode window freeze
Mouse "back" button 100% freeze open window of Window Explorer (file explorer). Does not tested on other apps. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/07e03d1e-373a-4a42-bc54-4c3408913603%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] BUG. Qubes Windows Tool Win7 under XFCE and Seamless mode window freeze
I found the situation when "window" of WIn7 freeze. "Window" become unresponsive for all mouse events. But Windows7 still working and I can use "Win" key to open Start Menu after I switched to "non seamless mode". I can unfreeze the VM by some keyboard events. The situation can be reproduced with with the mouse that have "BACK" button. So, it's occur when I click "back" button on the mouse. And all opened windows on this WinVM freeze :) Thanks -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a725a627-df4c-48a5-bab7-28f47e43b6d6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Swiching Japanese input
hello. I have question about using Japanese input. I'm beginner and my English is poor. I'm sorry about this. Could somebody help me out please. I'm Japanese I would like to use Japanese input such as personal , work, and when I'm connecting tor network. I mean everywhere. I installed "ibus" which is Japanese input at fedora 23 template and devian8 template. I read YouTube tutorial so I understand. to install "personal" or "work" that next time it gone. so I installed fedora 23 template and devian8 template. after that I start "personal" and "work". but I couldn't switch Japanese input. I can Japanese input and switch English to Japanese in fedora23 terminal window. Will you please teach me how to manage this. Thank you. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d0030a6b-9153-4e3b-af06-014bd27ba01f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Split GPG and ssh keys
I do not know what is under the hood at split gpg, but seems it's simple gpg-agent. If it so, that seems it's very easy to add support for ssh keys. All what is need is already developed: http://superuser.com/questions/360507/are-gpg-and-ssh-keys-interchangable Need only do add this to SplitGPG :) > No, Split GPG does not support SSH keys. However, we have a ticket to > track a "Split SSH" feature: > > https://github.com/QubesOS/qubes-issues/issues/1962 > > We're hoping a developer from the community will pursue this. > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/119fc17c-5a39-42cf-9ec5-67ffc90718fa%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
