Re: [qubes-users] Me (anon-whonix AppVM) -> Tor -> VPN, settup with Mullvad VPN

[Frank]

> 
> unman:
>>> On Sun, May 03, 2020 at 08:01:59AM +, taran1s wrote:
>>> 
>>> 
> What you have built (in packet terms) is:
> me - Tor - VPN - target.
> 
> What you seem to want is:
> me - VPN - Tor - target
> 
> To do that you need to build the VPN traffic and send it down a Tor
> circuit.
> Your Qubes network configuration should be:
> client - VPN qube - Tor qube - sys-firewall - sys-net
> 
> I have no idea if Whonix  will let you do this.
> 
> unman
> 
 
 Ah, omg I see. I thought about it in regards of seeing other AppVMs like
 sys-whonix -> sys-firewall -> sys-net. I am not experienced in
 networking and so just followed the logic of whats first gets first. But
 now I see that packet wise, it is vice versa. It is a bit confusing for
 me, but if it is working, I will be more than happy :)
 
 So if I understand it properly, I set the networking of the AppVMs
 following way:
 
 anon-whonix -> VPN-AppVM -> sys-whonix -> clearnet. In this case I use
 tor first, exit from tor-exit-node to the VPN and than exit from VPN to
 clearnet. Am I right?
 
>>> 
>>> I tried the setup, but in this case the the VPN proxy doesn't go to Link
>>> UP and TB in anon-whonix isn't connected to the internet. Any ideas?
>>> 
>>> BTW I downloaded the default UDP setting package from mullvadVPN as
>>> Chris mentioned. I know that tor is using TCP only. Could this be an
>>> issue with this setup and I should get the TCP package instead of UDP?
>>> 
>> Yes. Your UDP traffic wont go through Tor.
>> You need a TCP VPN to route through Tor.
>> 
>> unman
>> 
> 
> I downloaded the TCP port 443 (there is also TCP port 80?) file from
> Mullvad and tried to go through, but the VPN Proxy AppVM cycles with
> 'Ready to start link' only and never goes to the 'Link is UP'.
> 
> Maybe there is something in the script from Chris that doesn't cooperate
> with the whonix setup and something needs to be adjusted for this model
> of connecting to VPN after Tor. But no idea what it could be.I am
> unfortunately not able to check the script itself as I am not a programmer..

What exactly are you trying to accomplish with this kind of set-up? If you want 
to stay anonymous, your connection through the VPN should accomplish that 
already (if you make sure your browser doesn’t contain any information that can 
be traced back to you) and if not (because you didn’t pay with Bitcoin or cash 
and there is a possible paper-trail back to your person from your mullvad VPN 
account number) then using it through Tor doesn’t help either.

Maybe I am missing something here and I would love to be enlightened if that is 
the case...

Regards, Frank

> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to qubes-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/qubes-users/450ea647-ba17-d0ec-71e6-d9599654f455%40mailbox.org.
> <0xA664B90BD3BE59B3.asc>

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/23820-1588575107-681381%40sneakemail.com.

[qubes-users] Re: disp-vm whonix torbrowser open tabs file?

[list . wget]

Actually, I guess it would be fine if there would be a procedure with which 
I can close down the disposable browser without the disp-vm automatically 
closing.
Then there will, probably, be a session.json file made which I then can 
copy to another VM.




On Monday, May 4, 2020 at 2:30:31 AM UTC, list...@gmail.com wrote:
>
> Hello qubes users, 
>
> I have a whonix disposable tor browser whonix vm running with a load of 
> tabs open, maybe 30 but I can't check the precise amount because the tabs 
> don't scroll anymore. 
> The browser hangs.
> As soon as I close the browser my tabs will be gone and I don't like to 
> lose them. 
> I think there must be a session.json file but that seems to be created 
> only when the browser closes, and this will close the VM automatically, so 
> even if a restore file with tabs in it is created, it will be gone upon 
> closure of the browser.
> I can access the file system from within dom0 and could copy any file that 
> I need.
>
> Is there any place where whonix tor browser stores its *currently open* 
> *tabs*? 
>
> Thanks ahead.
>

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ed8fafac-e4f5-435d-ad45-54450c7b0b73%40googlegroups.com.

Re: [qubes-users] Me (anon-whonix AppVM) -> Tor -> VPN, settup with Mullvad VPN

[taran1s]

unman:
> On Sun, May 03, 2020 at 08:01:59AM +, taran1s wrote:
>>
>>
 What you have built (in packet terms) is:
 me - Tor - VPN - target.

 What you seem to want is:
 me - VPN - Tor - target

 To do that you need to build the VPN traffic and send it down a Tor
 circuit.
 Your Qubes network configuration should be:
 client - VPN qube - Tor qube - sys-firewall - sys-net

 I have no idea if Whonix  will let you do this.

 unman

>>>
>>> Ah, omg I see. I thought about it in regards of seeing other AppVMs like
>>> sys-whonix -> sys-firewall -> sys-net. I am not experienced in
>>> networking and so just followed the logic of whats first gets first. But
>>> now I see that packet wise, it is vice versa. It is a bit confusing for
>>> me, but if it is working, I will be more than happy :)
>>>
>>> So if I understand it properly, I set the networking of the AppVMs
>>> following way:
>>>
>>> anon-whonix -> VPN-AppVM -> sys-whonix -> clearnet. In this case I use
>>> tor first, exit from tor-exit-node to the VPN and than exit from VPN to
>>> clearnet. Am I right?
>>>
>>
>> I tried the setup, but in this case the the VPN proxy doesn't go to Link
>> UP and TB in anon-whonix isn't connected to the internet. Any ideas?
>>
>> BTW I downloaded the default UDP setting package from mullvadVPN as
>> Chris mentioned. I know that tor is using TCP only. Could this be an
>> issue with this setup and I should get the TCP package instead of UDP?
>>
> Yes. Your UDP traffic wont go through Tor.
> You need a TCP VPN to route through Tor.
> 
> unman
> 

I downloaded the TCP port 443 (there is also TCP port 80?) file from
Mullvad and tried to go through, but the VPN Proxy AppVM cycles with
'Ready to start link' only and never goes to the 'Link is UP'.

Maybe there is something in the script from Chris that doesn't cooperate
with the whonix setup and something needs to be adjusted for this model
of connecting to VPN after Tor. But no idea what it could be.I am
unfortunately not able to check the script itself as I am not a programmer..

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/450ea647-ba17-d0ec-71e6-d9599654f455%40mailbox.org.


0xA664B90BD3BE59B3.asc
Description: application/pgp-keys

[qubes-users] Re: Shoshana Zuboff and Renata Ávila: “COVID-1984 – Surveillance Capitalism”

[list . wget]

Trust me on this if you have no time to research it for yourself. 

*If* you have *no* hyperinsulinemia--in other words, you're no type 1 or 2 
diabetic, *and* you're not pre-diabetic (that is fasting blood glucose 
5.5-6.9 mmol/l) *and* you're not pre-pre-diabetic (that is Kraft Insulin 
Assay Test: blood insulin above 700 pmol/l)--*and* you are sufficient in 
vitamin D3 (bloodlevel > 100 nmol/l) *then* you are at practically *zero 
risk* for contracting more than *mild* COVID-19 symptoms.

Just saying.



On Friday, April 17, 2020 at 7:18:09 PM UTC, Gianluca Miscione wrote:
>
> Perhaps of interest?
>
>
>
>
>
>
>
>
>
>
>
>
> *Gianluca MiscioneUniversity College Dublin 
>  WEBINAR:Saturday, 18 April 2020 @ 
> 20:00ORGANIZER: Democracy in Europe Movement 2025 
> LINK TO REGISTRATION 
>  THE EVENTSaturday 
> Night Special, April 18, 20:00 CETShoshana Zuboff and Renata Ávila: 
> “COVID-1984 – Surveillance Capitalism”Every evening switch on the 
> television from the future! We call it TV because we like retro-futurism. 
> But it's much more than TV. In times of global pandemics, DiEM25 is 
> launching a special online and completely free program to understand the 
> current crisis and offer tools and hope to get out of it stronger and more 
> united in building the World After Coronavirus.Everyone can join; you don't 
> have to be a DiEM25 member. Please register for the event in order to get a 
> link sent to your email. The registration form also allows you to ask a 
> question to the panelists, suggest next topics and next guests.THE 
> LOCATIONThis discussion will be livestreamed on the DiEM25 Youtube channel 
> . Please ask your 
> questions ahead of the event via the registration form. We will send a link 
> to the livestream to all Registered 
>  participants 
> approximately half an hour before the start. LINK TO REGISTRATION 
> : 
> https://internal.diem25.org/en/events/629 
>  [image: Facebook] 
> [image: Twitter] 
> [image: YouTube] 
> [image: Instagram] 
> [image: LinkedIn] 
> [image: Website] 
> Copenhagen Business 
> SchoolBIS DIGITAL TRANSFORMATIONS PLATFORMDalgas Have 152000 
> Frederiksberg  Share  
>   Tweet  
>   Share  
>   Forward  
> 
>  *
> ᐧ
>

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e45ae4e2-8d93-402f-b140-560018030b11%40googlegroups.com.

[qubes-users] disp-vm whonix torbrowser open tabs file?

[list . wget]

Hello qubes users, 

I have a whonix disposable tor browser whonix vm running with a load of 
tabs open, maybe 30 but I can't check the precise amount because the tabs 
don't scroll anymore. 
The browser hangs.
As soon as I close the browser my tabs will be gone and I don't like to 
lose them. 
I think there must be a session.json file but that seems to be created only 
when the browser closes, and this will close the VM automatically, so even 
if a restore file with tabs in it is created, it will be gone upon closure 
of the browser.
I can access the file system from within dom0 and could copy any file that 
I need.

Is there any place where whonix tor browser stores its *currently open* 
*tabs*? 

Thanks ahead.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/a64110bb-917a-4ce6-82d4-9bde5d2170d5%40googlegroups.com.

Re: [qubes-users] Dividing Qubes Into Separate Networks (FAILED)

['Zsolt Bicskey' via qubes-users]

> > > > Set the VLAN correctly?
> > > > yes, as I said if I connect a Windows latptop it works right away
> > > > Set all parameters necessary to satisfy any port security on the switch?
> > > > Yes, same answer as above
> > 

> > actualy, those are not "answers" at all.
> > there is nothing in this description confirming you know how to
> > configure a network interface under linux.

My apologies unman that I am not a Linux poweruser. I have only been using it 
casually for the past 20 years. I have yet to run into a situation where I was 
not able to configure my network on any SUSE/Slackware, Debian or RHEL based 
systems. The reason I came here is to get help, not to be reminded what I do 
not understand or know about networking. 


> > since you confirmed the second port is working in general, this
> > is unlikely to be a qubes problem.
> > may be a whatever-your-netvm-distro-is problem.
> > or more likely, a configuration problem.
> > try booting whatever the distro in your netvm is off a USB stick
> > or dvd (== without xen involved), and get the right network
> > interface to work on the right port with that.
> > then copy over the interface configuration to your netvm.
> 


So my understanding is that it would not solve the DHCP settings but if I were 
to try manually setting it then Fedora stores the settings in 
/etc/sysconfig/network-scripts/ifcfg-Wired_connection_# which is not a 
permanent location in Qubes so I'd lose it with every reboot. 


And just to be really sure everything is working on the machine I tested all 
interfaces with manual and DHCP settings with the Live boot Fedora and 
everything was working. 


Can someone please try to help me solve this issue? Everything in line after 
Qubes is 100% working as designed. There is someting with the Qubes gateway 
that I am goofing up and I cannot find what is wrong. 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/Uxx1iRJb5r5cl-dNLrPrdr4XQCAtDnjFnMl4ULaMAw1Z4C3qNMKMqzqkouqibfrOYeIM8872gZqeHEDb0UvWxTpEwbNU_7KjtyjzVRUHJRc%3D%40protonmail.com.


publickey - letmereadit@protonmail.com - 0xEE010E73.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature

Re: [qubes-users] Re: Fedora 30 approaching EOL, Fedora 31 TemplateVM available, Fedora 32 TemplateVM in testing

[Marek Marczykowski-Górecki]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Sun, May 03, 2020 at 08:57:52PM +0100, lik...@gmx.de wrote:
> 
> > Fedora 32 TemplateVM in testing
> > ===
> > 
> > For advanced users, a new Fedora 32 TemplateVM is currently available in
> > the `qubes-templates-itl-testing` repository for both Qubes 4.0 and 4.1.
> > We would greatly appreciate testing and feedback [6] from the community
> > regarding this template.
> 
> What's the expectation for Fedora 32 to reside in testing templates before 
> it's moved to official repos?
> I'm asking because it might be worth waiting for Fedora 32 before moving 
> first to Fedora 31. This is of course only reasonable if it will be before 
> EOL of Fedora 30.

You can track template testing here:
https://github.com/QubesOS/qubes-issues/issues/5761
(especially see issues linked there)
Sadly, Python 3.8 in there breaks few things (including updates via
salt), so it may not be ready before Fedora 30 EOL.

- -- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl6va54ACgkQ24/THMrX
1yxPSQf/aI95paVe0x++hEsYicKLduDxbcr4BaFlWOtyhKEPjoiU/OJwTevKIafe
jjHms5DOfRwRzasbgDm5fUV4JJad4V5L+B5I9PdB/9a6qL3nalIxOAgOD//OwHNQ
ZG1IytW1aGh+u5zmqGhEMysWep0mfnbf5g8NIZogaGo0HOpBy71tjBfu8FT0nvb+
3s9Nq1yyZdwdQgkU/xOZJ558OmrjPSsgpVYQzpf55JfJt3x1EYjC918CZC7HqCeC
VfhUAAiwS4FsTITxx/RESdp8Ax4JIke5/vs/7JjaVe0BH70MYi96/iIDbSltSUzS
KHAJAl/vbHA9R7xSIiE+qxtP+8v++Q==
=4Rct
-END PGP SIGNATURE-

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20200504011053.GA41017%40mail-itl.

[qubes-users] Re: Fedora 30 approaching EOL, Fedora 31 TemplateVM available, Fedora 32 TemplateVM in testing

[Catacombs]

I used Iphone as a hot spot.  After I had WiFi working I started Whonix.   Went 
to System/terminal used the update command with —clean in the middle of it.  At 
some point it switched to a second server or repository.  

I have now used up 4.4 GB of my ten GB HotSpot with thirty days left.  I also 
did an update of dom0 and Whonix.  

I thought I should come back and explain one way the update works. After I got 
several error messages.  

And again.  Thanks to our developers who keep this OS working.  

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/27dd716d-c5a7-42ff-8478-9595d8f42603%40googlegroups.com.

[qubes-users] Re: connecting an iPhone to a AppVM - 4 non-working attempts

[liked2]

Start failed: internal error: Unable to reset PCI device :00:15.0: no FLR, 
PM reset or bus reset available, see /var/log/libvirt/libxl/libxl-driver.log 
for details:
2020-04-29 21:03:20.397+: libxl: libxl_pci.c:1202:libxl__device_pci_reset: 
The kernel doesn't support reset from sysfs for PCI device :00:14.0

How have you've chosen the correct USB controller?


I only got one. ;-) But it has the same issue yours has ... most of them
do. Try this:

qvm-pci attach win --persistent --option no-strict-reset=True dom0:00_15.0

Assuming your controller is dom0:00_15.0 and your qube is called 'win'.



Sven thank you so much getting closer to the goal which I've been already 
investigating for weeks. For now I managed to attach my
Signal processing controller: Intel Corporation Sunrise Point-LP Serial IO I2C 
Controller #0

to my windows 7 box. After running "qvm-pci attach win --option no-strict-reset=True 
dom0:00_15.0" I get a message in windows that a new device is found. Unfortunately, 
windows cannot find drivers for it. In your previous message you warned already to 
install USB 3.0 drivers. I installed the USB drivers from Lenovo as I'm assuming that 
there will be a pass trough. Unfortunately, this doesn't work. Windows still is looking 
for drivers and doesn't find them.

Any ideas to resolve that?

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b69e2b54-7fe4-f7a0-040b-0b279d6ad6e5%40gmx.de.

[qubes-users] Re: Fedora 30 approaching EOL, Fedora 31 TemplateVM available, Fedora 32 TemplateVM in testing

[liked2]

Fedora 32 TemplateVM in testing
===

For advanced users, a new Fedora 32 TemplateVM is currently available in
the `qubes-templates-itl-testing` repository for both Qubes 4.0 and 4.1.
We would greatly appreciate testing and feedback [6] from the community
regarding this template.


What's the expectation for Fedora 32 to reside in testing templates before it's 
moved to official repos?
I'm asking because it might be worth waiting for Fedora 32 before moving first 
to Fedora 31. This is of course only reasonable if it will be before EOL of 
Fedora 30.

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ac118387-994c-8607-d637-a5c88ca57378%40gmx.de.

Re: [qubes-users] Fedora 31 ?

[Catacombs]

I get the same error message.  
After I typed sudo and so on.  It never asked for a password. 
I set when I first installed Qubes onto this to do updates through Whonix.  
I am also guessing the repo servers might be busy right now.  

I am using a public WiFi (McDs).  Which tries to block any Linux. Freeware 
downloads by IP address, which is why I set it to download by whonix.  

Sitting outside McDs today I have exceeded my daily limit of frustration.  

As I tried to say when I asked.  Will the need to upgrade to the next level of 
Fedora trigger a new release of QUBEs.  As installing Qubes from scratch is 
easier than my computer trying to negotiate a tricky connection with update 
repos.  

Still thanks to the developers.  What I experienced in trying to download 
software is nothing compared to what you fellows slog through.  

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8a962f8d-cbb3-46e3-bf0e-20e39c754718%40googlegroups.com.

Re: [qubes-users] Me (anon-whonix AppVM) -> Tor -> VPN, settup with Mullvad VPN

[unman]

On Sun, May 03, 2020 at 08:01:59AM +, taran1s wrote:
> 
> 
> >> What you have built (in packet terms) is:
> >> me - Tor - VPN - target.
> >>
> >> What you seem to want is:
> >> me - VPN - Tor - target
> >>
> >> To do that you need to build the VPN traffic and send it down a Tor
> >> circuit.
> >> Your Qubes network configuration should be:
> >> client - VPN qube - Tor qube - sys-firewall - sys-net
> >>
> >> I have no idea if Whonix  will let you do this.
> >>
> >> unman
> >>
> > 
> > Ah, omg I see. I thought about it in regards of seeing other AppVMs like
> > sys-whonix -> sys-firewall -> sys-net. I am not experienced in
> > networking and so just followed the logic of whats first gets first. But
> > now I see that packet wise, it is vice versa. It is a bit confusing for
> > me, but if it is working, I will be more than happy :)
> > 
> > So if I understand it properly, I set the networking of the AppVMs
> > following way:
> > 
> > anon-whonix -> VPN-AppVM -> sys-whonix -> clearnet. In this case I use
> > tor first, exit from tor-exit-node to the VPN and than exit from VPN to
> > clearnet. Am I right?
> > 
> 
> I tried the setup, but in this case the the VPN proxy doesn't go to Link
> UP and TB in anon-whonix isn't connected to the internet. Any ideas?
> 
> BTW I downloaded the default UDP setting package from mullvadVPN as
> Chris mentioned. I know that tor is using TCP only. Could this be an
> issue with this setup and I should get the TCP package instead of UDP?
> 
Yes. Your UDP traffic wont go through Tor.
You need a TCP VPN to route through Tor.

unman

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20200503155612.GA25870%40thirdeyesecurity.org.

Re: [qubes-users] Me (anon-whonix AppVM) -> Tor -> VPN, settup with Mullvad VPN

[taran1s]

taran1s:
> 
> 
> unman:
>> On Sat, May 02, 2020 at 08:22:57AM +, taran1s wrote:
>>>
>>>
>>> unman:
 On Fri, May 01, 2020 at 11:54:27AM +, taran1s wrote:
>
>
> taran1s:
>>
>>
> Chris, I tried now to connect to the kraken.com, which seems to be tor
> unfriendly through me->tor->VPN->kraken.com but it returns error on the
> site "Disabled".
>
> I learned now that despite I use the above connection model, using VPN
> as an exit, I still exit from the tor exit not and not from the VPN. I
> am not sure what broke.
>

 If I understand your model: me->tor->VPN->kraken.com 
 you are running Tor *through* your VPN - this means that your service
 provider sees your connection to the VPN, and your VPN provider sees
 your connection to the first Tor hop.
 Naturally, when you exit the VPN and set up the TOR circuit, it's a Tor
 exit node that connects to kraken.
 The VPN is NOT an exit in this model. Nothing has broken.

>>>
>>> I am actually using mullvad VPN. The idea is to have the possibility to
>>> access websites or services (like kraken.com) that are not tor-friendly.
>>> I would like to connect first to Tor through sys-whonix than connect to
>>> the VPN through VPN AppVM and from that VPN to connect to the clearnet.
>>>
>>> I set the AppVMs networking following way: anon-whonix networking  set
>>> to -> sys-whonix networking set to -> VPN-AppVM proxy that connects to
>>> the clearnet. Is that right for my model?
>>>
>> No.
>> Think about it.
>> anon-whonix creates a request.
>> sys-whonix takes that request, and builds a circuit.
>> VPN-AppVM sees the traffic to the first hop, and sends it down the VPN.
>> The VPN provider gets the Tor traffic, and sends it on to the first
>> hop.
>> Then it goes via Tor to the exit node and then to the target.
>> Your ISP sees traffic to the VPN; the VPN provider sees traffic from you
>> going to Tor; the target sees traffic coming from Tor network.
>>
>> *Always* use check.torproject.org to confirm your exit IP in this sort of
>> case (always) so that actual matches expectations.
>>
>> What you have built (in packet terms) is:
>> me - Tor - VPN - target.
>>
>> What you seem to want is:
>> me - VPN - Tor - target
>>
>> To do that you need to build the VPN traffic and send it down a Tor
>> circuit.
>> Your Qubes network configuration should be:
>> client - VPN qube - Tor qube - sys-firewall - sys-net
>>
>> I have no idea if Whonix  will let you do this.
>>
>> unman
>>
> 
> Ah, omg I see. I thought about it in regards of seeing other AppVMs like
> sys-whonix -> sys-firewall -> sys-net. I am not experienced in
> networking and so just followed the logic of whats first gets first. But
> now I see that packet wise, it is vice versa. It is a bit confusing for
> me, but if it is working, I will be more than happy :)
> 
> So if I understand it properly, I set the networking of the AppVMs
> following way:
> 
> anon-whonix -> VPN-AppVM -> sys-whonix -> clearnet. In this case I use
> tor first, exit from tor-exit-node to the VPN and than exit from VPN to
> clearnet. Am I right?
> 

I tried the setup, but in this case the the VPN proxy doesn't go to Link
UP and TB in anon-whonix isn't connected to the internet. Any ideas?

BTW I downloaded the default UDP setting package from mullvadVPN as
Chris mentioned. I know that tor is using TCP only. Could this be an
issue with this setup and I should get the TCP package instead of UDP?

Just to sum it up: I would like to first connect to the Tor, than exit
from Tor to the VPN and from VPN to the clearnet target.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3c8a884a-6a3e-499e-6355-88b85da8f550%40mailbox.org.


0xA664B90BD3BE59B3.asc
Description: application/pgp-keys

Re: [qubes-users] To the Qubes developers (German translation) - An die Qubes Entwickler (Übersetzung auf Deutsch)

[dhorf-hfref . 4a288f10]

On Sat, May 02, 2020 at 11:11:34PM -0700, Caroline Villinger wrote:

> Would you be willing to give us all the files we need for the translation?

https://github.com/QubesOS/


> If you agree, it would be very nice if you could give us an answer.

the qubes-translation mailinglist might be a better place
for this kind of topic.



-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20200503073626.GD987%40priv-mua.

Re: [qubes-users] Fedora 31 ?

[dhorf-hfref . 4a288f10]

On Sat, May 02, 2020 at 01:00:55PM -1000, anon wrote:

> Last metadata expiration check: 1 day, 9:07:55 ago on .

the easiest way to "encourage" it to fetch a fresh repo index
is the --clean parameter.

as in: sudo qubes-dom0-update --clean qubes-template-fedora-31



-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20200503073242.GC987%40priv-mua.