Re: [qubes-users] Re: “Convert to Trusted PDF” protocol, & Backup VMs, which typically?
On 06/23/2017 09:23 AM, Unman wrote: On Fri, Jun 23, 2017 at 08:21:07AM -1000, yreb-qusw wrote: On 06/23/2017 05:43 AM, Unman wrote: On Thu, Jun 22, 2017 at 07:24:56PM -1000, yreb-qusw wrote: On 06/21/2017 04:21 PM, cooloutac wrote: On Saturday, June 17, 2017 at 5:45:45 PM UTC-4, yreb-qusw wrote: Permit me to ask two questions? 1) I was reading this - https://security.stackexchange.com/questions/151300/what-is-the-safest-way-to-deal-with-loads-of-incoming-pdf-files-some-of-which-c (Credits: Micah Lee) What's that “Convert to Trusted PDF” you were talking about? Let's say you found an interesting document, and let's say that you had an offline virtual machine specifically dedicated for storing and opening documents. Of course, you can directly send that document to that VM, but there could still be a chance that this document is malicious and may try for instance to delete all of your files (a behavior that you wouldn't notice in the short-lived DisposableVM). But you can also convert it into what's called a ‘Trusted PDF’. You send the file to a different VM, then you open the file manager, navigate to the directory of the file, right-click and choose “Convert to Trusted PDF”, and then send the file back to the VM where you collect your documents. But what does it exactly do? The “Convert to Trusted PDF” tool creates a new DisposableVM, puts the file there, and then transform it via a parser (that runs in the DisposableVM) that basically takes the RGB value of each pixel and leaves anything else. It's a bit like opening the PDF in an isolated environment and then ‘screenshoting it’ if you will. The file obviously gets much bigger, if I recall it transformed when I tested a 10Mb PDF into a 400Mb one. You can get much more details on that in this blogpost by security researcher and Qubes OS creator Joanna Rutkowska. [https://theinvisiblethings.blogspot.nl/2013/02/converting-untrusted-pdfs-into-trusted.html] -- Upon reading it on the suggested sequence of opening random/all PDFs, maybe , people vary their sequence. It sounds like in say my Whonix Anon-appvm , I d/l a PDF, is it then suggested I copy this PDF to a , what, PDF dedicated AppVM 1st, Before doing a “Convert to Trusted PDF” on the PDF file ? This would add a step to the much faster, just “Convert to Trusted PDF” from the actual Anon-Whonix AppVM 2) Do folks typically backup their Template VMs ? as I noticed they aren't set up by default to backup ? and/or what is the thinking behind backing up various VMs ? I guess the ones that have been the most modified eg the AppVMs ? I have 1 very large 20 gigabyte VM with old videos/pictures on it, do I back that one up ? for example? you just right click on the file and hit convert to trusted pdf. i'm nto sure what you're asking. ...I separated the sentence out , above, it clearly says "you send the file to a different VM" THEN convert to a trusted PDF. What would this 'diferent VM' be? ?a disposable VM ? or ? I think you need to read that post more carefully, although it isn't altogether clear. I think the scenario Micah has in mind is that you have downloaded a PDF in an untrusted network connected qube, and have a trusted isolated qube for storage. Instead of converting the PDF in the untrusted machine (who knows what might have been done to your Qubes tools?), or qvm-copying the untrusted PDF in to the storage qube, he copies it to another, converts there and then moves the trusted PDF in to trusted storage.(I think the "copy back" is just a mistake.) That "other" qube can be anything you choose - a disposableVM, a dedicated converter.. This is one approach to take - I'd suggest using a disposableVM if you want to do it. However, it looks like overkill to me, because there's a suggestion that just having an untrusted PDF in the storage qube increases the risk. I don't believe this need be so. Another approach might be to have a mini template for the storage qube, and open every file in a disposableVM. If you are wedded to GUI file managers, you could still do this by setting default file handlers to use qvm-open-in-dvm for pretty much every filetype. I hope that make things a little clearer unman THIS only works for PDF files, not for other docs? I set up my default disposable VM as anon-whonix , and when I go to open .docx it tries to use Tor Browser . However, PDFs open normally in the PDF application hmmm You need to ensure that the dispVMTemplate is configured to properly deal with docx files. There was quite a long thread earlier in the year on "How to set file association in disposable VMs", which is worth looking at. In general, you should be able to use mimeopen in the dispVMTemplate to set the association, and provided that you then 'touch /home/user/.qubes-dispvm-customized' and regenetae the template, you should be fine. There's more information on customizing disposableVMs here: www.qubes-
Re: [qubes-users] Re: “Convert to Trusted PDF” protocol, & Backup VMs, which typically?
On Fri, Jun 23, 2017 at 08:21:07AM -1000, yreb-qusw wrote: > On 06/23/2017 05:43 AM, Unman wrote: > > On Thu, Jun 22, 2017 at 07:24:56PM -1000, yreb-qusw wrote: > > > On 06/21/2017 04:21 PM, cooloutac wrote: > > > > On Saturday, June 17, 2017 at 5:45:45 PM UTC-4, yreb-qusw wrote: > > > > > Permit me to ask two questions? > > > > > > > > > > > > > > > > > > > > 1) I was reading this > > > > > > > > > > - > > > > > https://security.stackexchange.com/questions/151300/what-is-the-safest-way-to-deal-with-loads-of-incoming-pdf-files-some-of-which-c > > > > > > > > > > (Credits: Micah Lee) > > > > > What's that “Convert to Trusted PDF” you were talking about? > > > > > > > > > > Let's say you found an interesting document, and let's say that you > > > > > had > > > > > an offline virtual machine specifically dedicated for storing and > > > > > opening documents. Of course, you can directly send that document to > > > > > that VM, but there could still be a chance that this document is > > > > > malicious and may try for instance to delete all of your files (a > > > > > behavior that you wouldn't notice in the short-lived DisposableVM). > > > > > But > > > > > you can also convert it into what's called a ‘Trusted PDF’. > > > > > > > > > You send the > > > > > file to a different VM, then you open the file manager, navigate to > > > > > the > > > > > directory of the file, right-click and choose “Convert to Trusted > > > > > PDF”, > > > > > and then send the file back to the VM where you collect your > > > > > documents. > > > > > > > > > > > > > > But what does it exactly do? The “Convert to Trusted PDF” tool > > > > > creates a > > > > > new DisposableVM, puts the file there, and then transform it via a > > > > > parser (that runs in the DisposableVM) that basically takes the RGB > > > > > value of each pixel and leaves anything else. It's a bit like opening > > > > > the PDF in an isolated environment and then ‘screenshoting it’ if you > > > > > will. The file obviously gets much bigger, if I recall it transformed > > > > > when I tested a 10Mb PDF into a 400Mb one. You can get much more > > > > > details > > > > > on that in this blogpost by security researcher and Qubes OS creator > > > > > Joanna Rutkowska. > > > > > > > > > > [https://theinvisiblethings.blogspot.nl/2013/02/converting-untrusted-pdfs-into-trusted.html] > > > > > > > > > > -- > > > > > Upon reading it on the suggested sequence of opening random/all PDFs, > > > > > maybe , people vary their sequence. > > > > > > > > > > It sounds like in say my Whonix Anon-appvm , I d/l a PDF, is it then > > > > > suggested I copy this PDF to a , what, PDF dedicated AppVM 1st, > > > > > Before doing a “Convert to Trusted PDF” on the PDF file ? > > > > > > > > > > This would add a step to the much faster, just “Convert to Trusted > > > > > PDF” from the actual Anon-Whonix AppVM > > > > > > > > > > > > > > > 2) > > > > > Do folks typically backup their Template VMs ? as I noticed they > > > > > aren't set up by default to backup ? > > > > > > > > > > and/or what is the thinking behind backing up various VMs ? I guess > > > > > the > > > > > ones that have been the most modified eg the AppVMs ? I have 1 very > > > > > large 20 gigabyte VM with old videos/pictures on it, do I back that > > > > > one up ? for example? > > > > > > > > you just right click on the file and hit convert to trusted pdf. i'm > > > > nto sure what you're asking. > > > > > > ...I separated the sentence out , above, it clearly says "you send > > > the > > > file to a different VM" THEN convert to a trusted PDF. What would this > > > 'diferent VM' be? ?a disposable VM ? or ? > > > > > > > I think you need to read that post more carefully, although it isn't > > altogether clear. > > I think the scenario Micah has in mind is that you have downloaded a PDF > > in an untrusted network connected qube, and have a trusted isolated qube > > for storage. > > Instead of converting the PDF in the untrusted machine (who knows what > > might have been done to your Qubes tools?), or qvm-copying the untrusted > > PDF in to the storage qube, he copies it to another, converts there and > > then moves the trusted PDF in to trusted storage.(I think the "copy back" > > is just a mistake.) That "other" qube can be anything you choose - a > > disposableVM, a dedicated converter.. > > This is one approach to take - I'd suggest using a disposableVM if you > > want to do it. However, it looks like overkill to me, because there's a > > suggestion that just having an untrusted PDF in the storage qube > > increases the risk. I don't believe this need be so. > > Another approach might be to have a mini template for the storage qube, > > and open every file in a disposableVM. If you are wedded to GUI file > > managers, you could still do this by setting default file handlers to use > > qvm-open-in-dvm for pretty much every filetype. > > > > I hope
Re: [qubes-users] Re: “Convert to Trusted PDF” protocol, & Backup VMs, which typically?
On 06/23/2017 05:43 AM, Unman wrote: On Thu, Jun 22, 2017 at 07:24:56PM -1000, yreb-qusw wrote: On 06/21/2017 04:21 PM, cooloutac wrote: On Saturday, June 17, 2017 at 5:45:45 PM UTC-4, yreb-qusw wrote: Permit me to ask two questions? 1) I was reading this - https://security.stackexchange.com/questions/151300/what-is-the-safest-way-to-deal-with-loads-of-incoming-pdf-files-some-of-which-c (Credits: Micah Lee) What's that “Convert to Trusted PDF” you were talking about? Let's say you found an interesting document, and let's say that you had an offline virtual machine specifically dedicated for storing and opening documents. Of course, you can directly send that document to that VM, but there could still be a chance that this document is malicious and may try for instance to delete all of your files (a behavior that you wouldn't notice in the short-lived DisposableVM). But you can also convert it into what's called a ‘Trusted PDF’. You send the file to a different VM, then you open the file manager, navigate to the directory of the file, right-click and choose “Convert to Trusted PDF”, and then send the file back to the VM where you collect your documents. But what does it exactly do? The “Convert to Trusted PDF” tool creates a new DisposableVM, puts the file there, and then transform it via a parser (that runs in the DisposableVM) that basically takes the RGB value of each pixel and leaves anything else. It's a bit like opening the PDF in an isolated environment and then ‘screenshoting it’ if you will. The file obviously gets much bigger, if I recall it transformed when I tested a 10Mb PDF into a 400Mb one. You can get much more details on that in this blogpost by security researcher and Qubes OS creator Joanna Rutkowska. [https://theinvisiblethings.blogspot.nl/2013/02/converting-untrusted-pdfs-into-trusted.html] -- Upon reading it on the suggested sequence of opening random/all PDFs, maybe , people vary their sequence. It sounds like in say my Whonix Anon-appvm , I d/l a PDF, is it then suggested I copy this PDF to a , what, PDF dedicated AppVM 1st, Before doing a “Convert to Trusted PDF” on the PDF file ? This would add a step to the much faster, just “Convert to Trusted PDF” from the actual Anon-Whonix AppVM 2) Do folks typically backup their Template VMs ? as I noticed they aren't set up by default to backup ? and/or what is the thinking behind backing up various VMs ? I guess the ones that have been the most modified eg the AppVMs ? I have 1 very large 20 gigabyte VM with old videos/pictures on it, do I back that one up ? for example? you just right click on the file and hit convert to trusted pdf. i'm nto sure what you're asking. ...I separated the sentence out , above, it clearly says "you send the file to a different VM" THEN convert to a trusted PDF. What would this 'diferent VM' be? ?a disposable VM ? or ? I think you need to read that post more carefully, although it isn't altogether clear. I think the scenario Micah has in mind is that you have downloaded a PDF in an untrusted network connected qube, and have a trusted isolated qube for storage. Instead of converting the PDF in the untrusted machine (who knows what might have been done to your Qubes tools?), or qvm-copying the untrusted PDF in to the storage qube, he copies it to another, converts there and then moves the trusted PDF in to trusted storage.(I think the "copy back" is just a mistake.) That "other" qube can be anything you choose - a disposableVM, a dedicated converter.. This is one approach to take - I'd suggest using a disposableVM if you want to do it. However, it looks like overkill to me, because there's a suggestion that just having an untrusted PDF in the storage qube increases the risk. I don't believe this need be so. Another approach might be to have a mini template for the storage qube, and open every file in a disposableVM. If you are wedded to GUI file managers, you could still do this by setting default file handlers to use qvm-open-in-dvm for pretty much every filetype. I hope that make things a little clearer unman THIS only works for PDF files, not for other docs? I set up my default disposable VM as anon-whonix , and when I go to open .docx it tries to use Tor Browser . However, PDFs open normally in the PDF application hmmm -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/83abb5b0-c544-7e68-bb62-5a4cb4c15227%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: “Convert to Trusted PDF” protocol, & Backup VMs, which typically?
On 06/23/2017 05:43 AM, Unman wrote: On Thu, Jun 22, 2017 at 07:24:56PM -1000, yreb-qusw wrote: On 06/21/2017 04:21 PM, cooloutac wrote: On Saturday, June 17, 2017 at 5:45:45 PM UTC-4, yreb-qusw wrote: Permit me to ask two questions? 1) I was reading this - https://security.stackexchange.com/questions/151300/what-is-the-safest-way-to-deal-with-loads-of-incoming-pdf-files-some-of-which-c (Credits: Micah Lee) What's that “Convert to Trusted PDF” you were talking about? Let's say you found an interesting document, and let's say that you had an offline virtual machine specifically dedicated for storing and opening documents. Of course, you can directly send that document to that VM, but there could still be a chance that this document is malicious and may try for instance to delete all of your files (a behavior that you wouldn't notice in the short-lived DisposableVM). But you can also convert it into what's called a ‘Trusted PDF’. You send the file to a different VM, then you open the file manager, navigate to the directory of the file, right-click and choose “Convert to Trusted PDF”, and then send the file back to the VM where you collect your documents. But what does it exactly do? The “Convert to Trusted PDF” tool creates a new DisposableVM, puts the file there, and then transform it via a parser (that runs in the DisposableVM) that basically takes the RGB value of each pixel and leaves anything else. It's a bit like opening the PDF in an isolated environment and then ‘screenshoting it’ if you will. The file obviously gets much bigger, if I recall it transformed when I tested a 10Mb PDF into a 400Mb one. You can get much more details on that in this blogpost by security researcher and Qubes OS creator Joanna Rutkowska. [https://theinvisiblethings.blogspot.nl/2013/02/converting-untrusted-pdfs-into-trusted.html] -- Upon reading it on the suggested sequence of opening random/all PDFs, maybe , people vary their sequence. It sounds like in say my Whonix Anon-appvm , I d/l a PDF, is it then suggested I copy this PDF to a , what, PDF dedicated AppVM 1st, Before doing a “Convert to Trusted PDF” on the PDF file ? This would add a step to the much faster, just “Convert to Trusted PDF” from the actual Anon-Whonix AppVM 2) Do folks typically backup their Template VMs ? as I noticed they aren't set up by default to backup ? and/or what is the thinking behind backing up various VMs ? I guess the ones that have been the most modified eg the AppVMs ? I have 1 very large 20 gigabyte VM with old videos/pictures on it, do I back that one up ? for example? you just right click on the file and hit convert to trusted pdf. i'm nto sure what you're asking. ...I separated the sentence out , above, it clearly says "you send the file to a different VM" THEN convert to a trusted PDF. What would this 'diferent VM' be? ?a disposable VM ? or ? I think you need to read that post more carefully, although it isn't altogether clear. I think the scenario Micah has in mind is that you have downloaded a PDF in an untrusted network connected qube, and have a trusted isolated qube for storage. Instead of converting the PDF in the untrusted machine (who knows what might have been done to your Qubes tools?), or qvm-copying the untrusted PDF in to the storage qube, he copies it to another, converts there and then moves the trusted PDF in to trusted storage.(I think the "copy back" is just a mistake.) That "other" qube can be anything you choose - a disposableVM, a dedicated converter.. This is one approach to take - I'd suggest using a disposableVM if you want to do it. However, it looks like overkill to me, because there's a suggestion that just having an untrusted PDF in the storage qube increases the risk. I don't believe this need be so. Another approach might be to have a mini template for the storage qube, and open every file in a disposableVM. If you are wedded to GUI file managers, you could still do this by setting default file handlers to use qvm-open-in-dvm for pretty much every filetype. I hope that make things a little clearer unman Yes, sir, Unman, that is closer to what I was asking. Sorry, for any confusion. If you look at the original URL, I'm just quoting from Micah's article, as you said, so Unman, you are saying it probably is fine to NOT copy the pdf to a disposable qube before doing the "converted to trusted PDF?" I guess if one doesn't want to keep the PDF file, there is no reason to "convert" it, one would just 'open in a disposable VM' anyway, but good opsec would be to make sure to go back and del the PDF that was downloaded and opened in the disposable VM, ? I wish they could automate this as well, that after opening it in the disposable VM the original in the AppVM qube would get auto deleted or so :) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To
Re: [qubes-users] Re: “Convert to Trusted PDF” protocol, & Backup VMs, which typically?
On Thu, Jun 22, 2017 at 07:24:56PM -1000, yreb-qusw wrote: > On 06/21/2017 04:21 PM, cooloutac wrote: > > On Saturday, June 17, 2017 at 5:45:45 PM UTC-4, yreb-qusw wrote: > > > Permit me to ask two questions? > > > > > > > > > > > > 1) I was reading this > > > > > > - > > > https://security.stackexchange.com/questions/151300/what-is-the-safest-way-to-deal-with-loads-of-incoming-pdf-files-some-of-which-c > > > > > > (Credits: Micah Lee) > > > What's that “Convert to Trusted PDF” you were talking about? > > > > > > Let's say you found an interesting document, and let's say that you had > > > an offline virtual machine specifically dedicated for storing and > > > opening documents. Of course, you can directly send that document to > > > that VM, but there could still be a chance that this document is > > > malicious and may try for instance to delete all of your files (a > > > behavior that you wouldn't notice in the short-lived DisposableVM). But > > > you can also convert it into what's called a ‘Trusted PDF’. > > > You send the > > > file to a different VM, then you open the file manager, navigate to the > > > directory of the file, right-click and choose “Convert to Trusted PDF”, > > > and then send the file back to the VM where you collect your documents. > > > > > > But what does it exactly do? The “Convert to Trusted PDF” tool creates a > > > new DisposableVM, puts the file there, and then transform it via a > > > parser (that runs in the DisposableVM) that basically takes the RGB > > > value of each pixel and leaves anything else. It's a bit like opening > > > the PDF in an isolated environment and then ‘screenshoting it’ if you > > > will. The file obviously gets much bigger, if I recall it transformed > > > when I tested a 10Mb PDF into a 400Mb one. You can get much more details > > > on that in this blogpost by security researcher and Qubes OS creator > > > Joanna Rutkowska. > > > > > > [https://theinvisiblethings.blogspot.nl/2013/02/converting-untrusted-pdfs-into-trusted.html] > > > > > > -- > > > Upon reading it on the suggested sequence of opening random/all PDFs, > > > maybe , people vary their sequence. > > > > > > It sounds like in say my Whonix Anon-appvm , I d/l a PDF, is it then > > > suggested I copy this PDF to a , what, PDF dedicated AppVM 1st, > > > Before doing a “Convert to Trusted PDF” on the PDF file ? > > > > > > This would add a step to the much faster, just “Convert to Trusted > > > PDF” from the actual Anon-Whonix AppVM > > > > > > > > > 2) > > > Do folks typically backup their Template VMs ? as I noticed they > > > aren't set up by default to backup ? > > > > > > and/or what is the thinking behind backing up various VMs ? I guess the > > > ones that have been the most modified eg the AppVMs ? I have 1 very > > > large 20 gigabyte VM with old videos/pictures on it, do I back that > > > one up ? for example? > > > > you just right click on the file and hit convert to trusted pdf. i'm nto > > sure what you're asking. > > ...I separated the sentence out , above, it clearly says "you send the > file to a different VM" THEN convert to a trusted PDF. What would this > 'diferent VM' be? ?a disposable VM ? or ? > I think you need to read that post more carefully, although it isn't altogether clear. I think the scenario Micah has in mind is that you have downloaded a PDF in an untrusted network connected qube, and have a trusted isolated qube for storage. Instead of converting the PDF in the untrusted machine (who knows what might have been done to your Qubes tools?), or qvm-copying the untrusted PDF in to the storage qube, he copies it to another, converts there and then moves the trusted PDF in to trusted storage.(I think the "copy back" is just a mistake.) That "other" qube can be anything you choose - a disposableVM, a dedicated converter.. This is one approach to take - I'd suggest using a disposableVM if you want to do it. However, it looks like overkill to me, because there's a suggestion that just having an untrusted PDF in the storage qube increases the risk. I don't believe this need be so. Another approach might be to have a mini template for the storage qube, and open every file in a disposableVM. If you are wedded to GUI file managers, you could still do this by setting default file handlers to use qvm-open-in-dvm for pretty much every filetype. I hope that make things a little clearer unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170623154315.7ze2vgiyj4shqsrv%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: “Convert to Trusted PDF” protocol, & Backup VMs, which typically?
On Friday, June 23, 2017 at 1:25:04 AM UTC-4, yreb-qusw wrote: > On 06/21/2017 04:21 PM, cooloutac wrote: > > On Saturday, June 17, 2017 at 5:45:45 PM UTC-4, yreb-qusw wrote: > >> Permit me to ask two questions? > >> > >> > >> > >> 1) I was reading this > >> > >> - > >> https://security.stackexchange.com/questions/151300/what-is-the-safest-way-to-deal-with-loads-of-incoming-pdf-files-some-of-which-c > >> > >> (Credits: Micah Lee) > >> What's that “Convert to Trusted PDF” you were talking about? > >> > >> Let's say you found an interesting document, and let's say that you had > >> an offline virtual machine specifically dedicated for storing and > >> opening documents. Of course, you can directly send that document to > >> that VM, but there could still be a chance that this document is > >> malicious and may try for instance to delete all of your files (a > >> behavior that you wouldn't notice in the short-lived DisposableVM). But > >> you can also convert it into what's called a ‘Trusted PDF’. > > > You send the > >> file to a different VM, then you open the file manager, navigate to the > >> directory of the file, right-click and choose “Convert to Trusted PDF”, > >> and then send the file back to the VM where you collect your documents. > > > > >> But what does it exactly do? The “Convert to Trusted PDF” tool creates a > >> new DisposableVM, puts the file there, and then transform it via a > >> parser (that runs in the DisposableVM) that basically takes the RGB > >> value of each pixel and leaves anything else. It's a bit like opening > >> the PDF in an isolated environment and then ‘screenshoting it’ if you > >> will. The file obviously gets much bigger, if I recall it transformed > >> when I tested a 10Mb PDF into a 400Mb one. You can get much more details > >> on that in this blogpost by security researcher and Qubes OS creator > >> Joanna Rutkowska. > >> > >> [https://theinvisiblethings.blogspot.nl/2013/02/converting-untrusted-pdfs-into-trusted.html] > >> > >> -- > >> Upon reading it on the suggested sequence of opening random/all PDFs, > >> maybe , people vary their sequence. > >> > >> It sounds like in say my Whonix Anon-appvm , I d/l a PDF, is it then > >> suggested I copy this PDF to a , what, PDF dedicated AppVM 1st, > >> Before doing a “Convert to Trusted PDF” on the PDF file ? > >> > >> This would add a step to the much faster, just “Convert to Trusted > >> PDF” from the actual Anon-Whonix AppVM > >> > >> > >> 2) > >> Do folks typically backup their Template VMs ? as I noticed they > >> aren't set up by default to backup ? > >> > >> and/or what is the thinking behind backing up various VMs ? I guess the > >> ones that have been the most modified eg the AppVMs ? I have 1 very > >> large 20 gigabyte VM with old videos/pictures on it, do I back that > >> one up ? for example? > > > > you just right click on the file and hit convert to trusted pdf. i'm nto > > sure what you're asking. > > ...I separated the sentence out , above, it clearly says "you send > the file to a different VM" THEN convert to a trusted PDF. What would > this 'diferent VM' be? ?a disposable VM ? or ? > > > > when it comes to backing up template vms. I only backup my cloned vms. I > > clone vms from the defaults if I'm gonna install custom configs in them. > > also so it has a diff name then default vms for less chance of issues when > > restoring. > > > > and of course you back up your videos and pictures, are you being serious? > > lol. thats what most people backup. and deeper thought is what if they > > all have viruses and everytime you open one up you infect your system. > > > > So that leads to another thought that well if you are willing to reinstall > > all your programs and configs from scratch on a default template, mabe > > you'd be better off. But backing them up and restoring them is for > > convenience. > > ...ya, like many people perhaps, though, I used Qubes 90% of the > time, my old files/photos, are also on laptop, google photos, removable > large hard drive, windows 10 dual boot HD, etc, yes, they are on Qubes, > but take up a huge amount of space, HENCE, backing them up would be a > bit of a pain for the time it takes. > > ..you clone AppVMs you mean then back them up ; I really can't > follow what your saying about your backups in sum, thanks > > > not sure why you are sending it to another vm. But if you want to it can be anything. Whether you want to spend the time to backup your data or not is up to you. You asked about template vms. I was saying I only backup cloned templates. not default ones. which I create for the reasons stated in my previous post. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send
[qubes-users] Re: “Convert to Trusted PDF” protocol, & Backup VMs, which typically?
On 06/21/2017 04:21 PM, cooloutac wrote: On Saturday, June 17, 2017 at 5:45:45 PM UTC-4, yreb-qusw wrote: Permit me to ask two questions? 1) I was reading this - https://security.stackexchange.com/questions/151300/what-is-the-safest-way-to-deal-with-loads-of-incoming-pdf-files-some-of-which-c (Credits: Micah Lee) What's that “Convert to Trusted PDF” you were talking about? Let's say you found an interesting document, and let's say that you had an offline virtual machine specifically dedicated for storing and opening documents. Of course, you can directly send that document to that VM, but there could still be a chance that this document is malicious and may try for instance to delete all of your files (a behavior that you wouldn't notice in the short-lived DisposableVM). But you can also convert it into what's called a ‘Trusted PDF’. You send the file to a different VM, then you open the file manager, navigate to the directory of the file, right-click and choose “Convert to Trusted PDF”, and then send the file back to the VM where you collect your documents. But what does it exactly do? The “Convert to Trusted PDF” tool creates a new DisposableVM, puts the file there, and then transform it via a parser (that runs in the DisposableVM) that basically takes the RGB value of each pixel and leaves anything else. It's a bit like opening the PDF in an isolated environment and then ‘screenshoting it’ if you will. The file obviously gets much bigger, if I recall it transformed when I tested a 10Mb PDF into a 400Mb one. You can get much more details on that in this blogpost by security researcher and Qubes OS creator Joanna Rutkowska. [https://theinvisiblethings.blogspot.nl/2013/02/converting-untrusted-pdfs-into-trusted.html] -- Upon reading it on the suggested sequence of opening random/all PDFs, maybe , people vary their sequence. It sounds like in say my Whonix Anon-appvm , I d/l a PDF, is it then suggested I copy this PDF to a , what, PDF dedicated AppVM 1st, Before doing a “Convert to Trusted PDF” on the PDF file ? This would add a step to the much faster, just “Convert to Trusted PDF” from the actual Anon-Whonix AppVM 2) Do folks typically backup their Template VMs ? as I noticed they aren't set up by default to backup ? and/or what is the thinking behind backing up various VMs ? I guess the ones that have been the most modified eg the AppVMs ? I have 1 very large 20 gigabyte VM with old videos/pictures on it, do I back that one up ? for example? you just right click on the file and hit convert to trusted pdf. i'm nto sure what you're asking. ...I separated the sentence out , above, it clearly says "you send the file to a different VM" THEN convert to a trusted PDF. What would this 'diferent VM' be? ?a disposable VM ? or ? when it comes to backing up template vms. I only backup my cloned vms. I clone vms from the defaults if I'm gonna install custom configs in them. also so it has a diff name then default vms for less chance of issues when restoring. and of course you back up your videos and pictures, are you being serious? lol. thats what most people backup. and deeper thought is what if they all have viruses and everytime you open one up you infect your system. So that leads to another thought that well if you are willing to reinstall all your programs and configs from scratch on a default template, mabe you'd be better off. But backing them up and restoring them is for convenience. ...ya, like many people perhaps, though, I used Qubes 90% of the time, my old files/photos, are also on laptop, google photos, removable large hard drive, windows 10 dual boot HD, etc, yes, they are on Qubes, but take up a huge amount of space, HENCE, backing them up would be a bit of a pain for the time it takes. ..you clone AppVMs you mean then back them up ; I really can't follow what your saying about your backups in sum, thanks -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d85a9bc5-3cb2-259b-4834-fb2626209a8e%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: “Convert to Trusted PDF” protocol, & Backup VMs, which typically?
On Saturday, June 17, 2017 at 5:45:45 PM UTC-4, yreb-qusw wrote: > Permit me to ask two questions? > > > > 1) I was reading this > > - > https://security.stackexchange.com/questions/151300/what-is-the-safest-way-to-deal-with-loads-of-incoming-pdf-files-some-of-which-c > > (Credits: Micah Lee) > What's that “Convert to Trusted PDF” you were talking about? > > Let's say you found an interesting document, and let's say that you had > an offline virtual machine specifically dedicated for storing and > opening documents. Of course, you can directly send that document to > that VM, but there could still be a chance that this document is > malicious and may try for instance to delete all of your files (a > behavior that you wouldn't notice in the short-lived DisposableVM). But > you can also convert it into what's called a ‘Trusted PDF’. You send the > file to a different VM, then you open the file manager, navigate to the > directory of the file, right-click and choose “Convert to Trusted PDF”, > and then send the file back to the VM where you collect your documents. > But what does it exactly do? The “Convert to Trusted PDF” tool creates a > new DisposableVM, puts the file there, and then transform it via a > parser (that runs in the DisposableVM) that basically takes the RGB > value of each pixel and leaves anything else. It's a bit like opening > the PDF in an isolated environment and then ‘screenshoting it’ if you > will. The file obviously gets much bigger, if I recall it transformed > when I tested a 10Mb PDF into a 400Mb one. You can get much more details > on that in this blogpost by security researcher and Qubes OS creator > Joanna Rutkowska. > > [https://theinvisiblethings.blogspot.nl/2013/02/converting-untrusted-pdfs-into-trusted.html] > > -- > Upon reading it on the suggested sequence of opening random/all PDFs, > maybe , people vary their sequence. > > It sounds like in say my Whonix Anon-appvm , I d/l a PDF, is it then > suggested I copy this PDF to a , what, PDF dedicated AppVM 1st, > Before doing a “Convert to Trusted PDF” on the PDF file ? > > This would add a step to the much faster, just “Convert to Trusted > PDF” from the actual Anon-Whonix AppVM > > > 2) > Do folks typically backup their Template VMs ? as I noticed they > aren't set up by default to backup ? > > and/or what is the thinking behind backing up various VMs ? I guess the > ones that have been the most modified eg the AppVMs ? I have 1 very > large 20 gigabyte VM with old videos/pictures on it, do I back that > one up ? for example? you just right click on the file and hit convert to trusted pdf. i'm nto sure what you're asking. when it comes to backing up template vms. I only backup my cloned vms. I clone vms from the defaults if I'm gonna install custom configs in them. also so it has a diff name then default vms for less chance of issues when restoring. and of course you back up your videos and pictures, are you being serious? lol. thats what most people backup. and deeper thought is what if they all have viruses and everytime you open one up you infect your system. So that leads to another thought that well if you are willing to reinstall all your programs and configs from scratch on a default template, mabe you'd be better off. But backing them up and restoring them is for convenience. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/feedcc3c-0039-4db2-a003-1fa5a3a4c010%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.