[qubes-users] Re: Qubes - Critique (long)
About corruption and reliability of data being stored, regardless of whether or not it is sensitive data or day to day files, is not entirely the responsibility of the Qubes OS itself. There are many factors to consider, the software being used, the filesystem being used, the components of the distro being used, and etc. This is based on my personal experience on using qubes on a daily basis for almost over a year already. So far I've only encountered corruption of data through the use of qvm-copy/qvm-move commands to move stuff from vm to vm and this is a rare case too since it probably only happens once or twice over a hundred times. With this in mind, the LVM thin fs of Qubes I believe, is extremely reliable. So with that I believe the problem most likely leans more towards the software that you are using, with respect to the distro that you are using as well. I haven't had much trouble using any software so far in my experience of using qubes provided they have the right dependencies installed, with respect to my usage of fedora minimal template. Despite that however, I agree with your sentiment about USB devices and the detaching notification though I am not entirely dependent on it since I can go ahead and confirm myself whether or not the usb device was detached by running "sudo lsblk" on the qube where the USB was attached and on the sys-usb qube itself. Convenience-wise, it is bad yes and there is definitely room for improvement. Also mind you that flash is a HUGE BLOB of SECURITY RISK. If you're using qubes for security reasons then using flash is really counterproductive against it not unless you really know what you're doing. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/94143ecf-7500-41e0-8d9b-ab6f154dad02%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes - Critique (long)
Thanks for your input Brendan, David, Chris. Having switched to KDE, the laptop is now completely stable, and in my opinion far more usable than XFCE. I'm also running Trisquel on a Thinkpad X200 flashed with Libreboot, which feels more secure although requires more care over choosing what to install. I would be keen to see a laptop that supports Libreboot and is powerful enough to run Qubes. What are your thoughts on LXD? Lightweight enough to run on an X200/T400, although of course not offering the same compartmentalization as XEN, sharing the same kernel etc [and yes something can 'feel' more secure, insight deeper into the stack results in more trust] Marc Griffiths marc.d.griffi...@gmail.com On Mon, 20 May 2019 at 20:58, wrote: > On Friday, May 10, 2019 at 2:09:09 PM UTC-4, Chris Laprise wrote: > > On 5/10/19 12:16 PM, Marc Griffiths wrote: > > > Next step for me is ordering a T400, which doesn't have Intel > Management > > > Engine, supports Libreboot, and has proven itself as an uncrashable > > > workhorse. I used to run Windows and SUSE on this laptop back in > > > 2008-2011, it never crashed, despite running a complex J2EE dev > > > environment. I will miss having 16GB RAM, but the i7 I can happily > part > > > with. > > > > I doubt that Qubes will install or run on a T400. Qubes was initially > > developed on Sandy Bridge-era hardware, and the requisite virtualization > > features in chipsets was still maturing up to that point. > > > > I feel obliged to mention that if you want to avoid management engines > > and a raft of other processor vulns, you should look to the AMD 15h > > generation of chips (circa 2013). In the form of a Lenovo G505s A10, > > installing Qubes first requires re-flashing the firmware with > > Coreboot... an exercise that I'm about to try. :) > > As much as is really quantifiable...what percent of the real-world risk of > the Intel ME to end-user is related to the fact that the > manufacturer-whitelisted networking chipsets are directly usable by the > firmware, primarily in support of the AMT feature set (and anything > remotely hijacking via AMT, potentially without local compromise)? > > Which is to say: isn't one important mitigation of remote pwnage the > disabling and/or removing (as appropriate) of the manufacturer-supplied > network connections? Without a custom firmware, one can always use a > USB-based wifi/ethernet connection..and with custom firmware (when > possible) you can bypass the hardware whitelist and supply your own > third-party wifi/bt card that the local AMT portion of the firmware has not > been designed to talk to. > > Brendan > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/d84a4fe5-1dcf-4c77-b86a-663672532fcd%40googlegroups.com > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPsYiwpVzO%3DN1Siver%2BYrKhsULLTTbVZmw59vm9utBxO%2BcLp-A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes - Critique (long)
On Friday, May 10, 2019 at 2:09:09 PM UTC-4, Chris Laprise wrote: > On 5/10/19 12:16 PM, Marc Griffiths wrote: > > Next step for me is ordering a T400, which doesn't have Intel Management > > Engine, supports Libreboot, and has proven itself as an uncrashable > > workhorse. I used to run Windows and SUSE on this laptop back in > > 2008-2011, it never crashed, despite running a complex J2EE dev > > environment. I will miss having 16GB RAM, but the i7 I can happily part > > with. > > I doubt that Qubes will install or run on a T400. Qubes was initially > developed on Sandy Bridge-era hardware, and the requisite virtualization > features in chipsets was still maturing up to that point. > > I feel obliged to mention that if you want to avoid management engines > and a raft of other processor vulns, you should look to the AMD 15h > generation of chips (circa 2013). In the form of a Lenovo G505s A10, > installing Qubes first requires re-flashing the firmware with > Coreboot... an exercise that I'm about to try. :) As much as is really quantifiable...what percent of the real-world risk of the Intel ME to end-user is related to the fact that the manufacturer-whitelisted networking chipsets are directly usable by the firmware, primarily in support of the AMT feature set (and anything remotely hijacking via AMT, potentially without local compromise)? Which is to say: isn't one important mitigation of remote pwnage the disabling and/or removing (as appropriate) of the manufacturer-supplied network connections? Without a custom firmware, one can always use a USB-based wifi/ethernet connection..and with custom firmware (when possible) you can bypass the hardware whitelist and supply your own third-party wifi/bt card that the local AMT portion of the firmware has not been designed to talk to. Brendan -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d84a4fe5-1dcf-4c77-b86a-663672532fcd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes - Critique (long)
On 5/10/19 8:09 PM, Chris Laprise wrote: On 5/10/19 12:16 PM, Marc Griffiths wrote: My experience of installing on a Lenovo Yoga 720 was seamless, everything worked including the touch screen. However, I experienced a lot of random browser crashing. Chromium dead birds on a fairly regular basis. Vivaldi, Chromium, and Firefox browser windows disappearing without error, on both Fedora and Debian. Upgrading to Fedora 29, and upgrading dom0 didn't resolve the problem. A few times the desktop became unresponsive, and while I was able to ctrl+alt+F2 to dom0, it wasn't clear how I could view processes running on a particular VM. Sorry to hear about the stability issues. You might try updating your UEFI firmware to see if that helps.. the precise way that it configures advanced hardware features (seldom used by other operating systems) does have an impact on both compatibility and stability. This is also a good reason to stick with business-oriented computers because vendors take more care to get advanced features working correctly on them; its one of the reasons why Thinkpads are so popular among Qubes users. The browser stuff sounds more like memory issues to me (not enough memory assigned to disposable VMs). I can confirm the ctrl+alt+F2 desktop issue with awesome WM as well. Usually it became responsive after going back from the console to the WM though. This was "introduced" ~3 months ago or so; I guess it's a well hidden bug, possibly not a Qubes one. You're not limited to XFCE, and in my experience KDE works better. And awesome, i3, ... But yes, KDE was even standard with Qubes 3. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3f9c7180-1648-7b05-8a66-a8f2fdf08a7a%40hackingthe.net. For more options, visit https://groups.google.com/d/optout. smime.p7s Description: S/MIME Cryptographic Signature
Re: [qubes-users] Re: Qubes - Critique (long)
On 5/10/19 12:16 PM, Marc Griffiths wrote: Hi everyone. Nice critique John. To throw in my perspective as an experienced Linux user switching to Qubes as sole laptop OS a few months back. Primary usecase for me is #1 increased security when using crypto exchanges and #2 the feeling of spinning up an environment that I have confidence in being private, for the writing of personal notes and reflections. The concept is awesome, perfectly designed for protection against malicious applications, websites and devices. Although it offers no protection against Intel Management Engine. There is much more to low-level vulnerabilities than IME: PortSmash, Foreshadow, Rowhammer, etc. Overall, AMD processors appear to be less vulnerable than Intel. My experience of installing on a Lenovo Yoga 720 was seamless, everything worked including the touch screen. However, I experienced a lot of random browser crashing. Chromium dead birds on a fairly regular basis. Vivaldi, Chromium, and Firefox browser windows disappearing without error, on both Fedora and Debian. Upgrading to Fedora 29, and upgrading dom0 didn't resolve the problem. A few times the desktop became unresponsive, and while I was able to ctrl+alt+F2 to dom0, it wasn't clear how I could view processes running on a particular VM. Sorry to hear about the stability issues. You might try updating your UEFI firmware to see if that helps.. the precise way that it configures advanced hardware features (seldom used by other operating systems) does have an impact on both compatibility and stability. This is also a good reason to stick with business-oriented computers because vendors take more care to get advanced features working correctly on them; its one of the reasons why Thinkpads are so popular among Qubes users. I'd be interested in knowing what audience Qubes is aimed at. With the rapidly increasing public awareness on cyber-security and privacy, Qubes could very easily find itself in high demand. At present though it's only going to appeal to experienced Linux users, which is a shame, because it wouldn't be that much work to make it far more accessible. If the Qubes team is interested in a larger audience, I would suggest: * Include Ubuntu based VM as default, or at least make the process of adding a Ubuntu template significantly easier * Include a brief getting started guide that covers essentials such as cross VM copy/paste, accessing devices, upgrading software etc * If we're limited to XFCE, then include guides on customising to be more like other environments. Most critical for me was adding shortcuts for switching desktops and moving windows between desktops: System tools > Window Manager > Keyboard * A guide on the limitations: what does Qubes protect you from, what does it not protect you from, what are the next steps to improve security. Having a colour-coded grid to communicate this would be excellent. You're not limited to XFCE, and in my experience KDE works better. Next step for me is ordering a T400, which doesn't have Intel Management Engine, supports Libreboot, and has proven itself as an uncrashable workhorse. I used to run Windows and SUSE on this laptop back in 2008-2011, it never crashed, despite running a complex J2EE dev environment. I will miss having 16GB RAM, but the i7 I can happily part with. I doubt that Qubes will install or run on a T400. Qubes was initially developed on Sandy Bridge-era hardware, and the requisite virtualization features in chipsets was still maturing up to that point. I feel obliged to mention that if you want to avoid management engines and a raft of other processor vulns, you should look to the AMD 15h generation of chips (circa 2013). In the form of a Lenovo G505s A10, installing Qubes first requires re-flashing the firmware with Coreboot... an exercise that I'm about to try. :) -- Chris Laprise, tas...@posteo.net https://github.com/tasket https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e1025b4f-2c6d-84a9-47cb-fcfacb88ecdb%40posteo.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes - Critique (long)
Hi everyone. Nice critique John. To throw in my perspective as an experienced Linux user switching to Qubes as sole laptop OS a few months back. Primary usecase for me is #1 increased security when using crypto exchanges and #2 the feeling of spinning up an environment that I have confidence in being private, for the writing of personal notes and reflections. The concept is awesome, perfectly designed for protection against malicious applications, websites and devices. Although it offers no protection against Intel Management Engine. My experience of installing on a Lenovo Yoga 720 was seamless, everything worked including the touch screen. However, I experienced a lot of random browser crashing. Chromium dead birds on a fairly regular basis. Vivaldi, Chromium, and Firefox browser windows disappearing without error, on both Fedora and Debian. Upgrading to Fedora 29, and upgrading dom0 didn't resolve the problem. A few times the desktop became unresponsive, and while I was able to ctrl+alt+F2 to dom0, it wasn't clear how I could view processes running on a particular VM. I'd be interested in knowing what audience Qubes is aimed at. With the rapidly increasing public awareness on cyber-security and privacy, Qubes could very easily find itself in high demand. At present though it's only going to appeal to experienced Linux users, which is a shame, because it wouldn't be that much work to make it far more accessible. If the Qubes team is interested in a larger audience, I would suggest: - Include Ubuntu based VM as default, or at least make the process of adding a Ubuntu template significantly easier - Include a brief getting started guide that covers essentials such as cross VM copy/paste, accessing devices, upgrading software etc - If we're limited to XFCE, then include guides on customising to be more like other environments. Most critical for me was adding shortcuts for switching desktops and moving windows between desktops: System tools > Window Manager > Keyboard - A guide on the limitations: what does Qubes protect you from, what does it not protect you from, what are the next steps to improve security. Having a colour-coded grid to communicate this would be excellent. Next step for me is ordering a T400, which doesn't have Intel Management Engine, supports Libreboot, and has proven itself as an uncrashable workhorse. I used to run Windows and SUSE on this laptop back in 2008-2011, it never crashed, despite running a complex J2EE dev environment. I will miss having 16GB RAM, but the i7 I can happily part with. Marc Griffiths marc.d.griffi...@gmail.com On Sun, 31 Mar 2019 at 11:18, wrote: > Chris mentioned: > > "The current Firefox ESR does have a tendency to freeze temporarily when > memory gets low. I'm considering switching to the non-ESR 'firefox' > package in Debian to see if the newer versions are better in this respect." > > My computer (Intel NUC7i7) has 32 GB RAM, so I doubt I am having low > memory issues -- but I suppose with my tendency to open a lot of tabs, it > could happen. > > I finally got around to trashing the ESR version of Firefox and installing > the latest "regular" release. It is too early to tell (less than a day), > but I have not run into a problem yet (I had been running into the problem > at least once or twice a day). > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/9fbf11f4-2ca3-45f5-ba11-b708b405ba3a%40googlegroups.com > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPsYiwrunua7mm-4vES16ocftMzAbEnKRMevN5Nqoyeb_OpxDQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes - Critique (long)
Chris mentioned: "The current Firefox ESR does have a tendency to freeze temporarily when memory gets low. I'm considering switching to the non-ESR 'firefox' package in Debian to see if the newer versions are better in this respect." My computer (Intel NUC7i7) has 32 GB RAM, so I doubt I am having low memory issues -- but I suppose with my tendency to open a lot of tabs, it could happen. I finally got around to trashing the ESR version of Firefox and installing the latest "regular" release. It is too early to tell (less than a day), but I have not run into a problem yet (I had been running into the problem at least once or twice a day). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9fbf11f4-2ca3-45f5-ba11-b708b405ba3a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.