-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-22 23:49, Jean-Philippe Ouellet wrote:
> On Sun, May 14, 2017 at 4:20 PM, Andrew David Wong wrote:
>> On 2017-05-14 03:51, Holger Levsen wrote:
>>> On Sat, May 13, 2017 at 02:55:12PM -0500, Andrew David Wong wrote:
> you really dont p
On Sun, May 14, 2017 at 4:20 PM, Andrew David Wong wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 2017-05-14 03:51, Holger Levsen wrote:
>> On Sat, May 13, 2017 at 02:55:12PM -0500, Andrew David Wong wrote:
you really dont protect your gpg key with a passphrase??
>>> See: h
On Tuesday, May 16, 2017 at 11:33:41 PM UTC-4, cooloutac wrote:
> On Tuesday, May 16, 2017 at 9:31:50 PM UTC-4, Andrew David Wong wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA512
> >
> > On 2017-05-16 01:24, cooloutac wrote:
> > > On Sunday, May 14, 2017 at 11:09:25 PM UTC-4, Andrew
On Tuesday, May 16, 2017 at 9:31:50 PM UTC-4, Andrew David Wong wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 2017-05-16 01:24, cooloutac wrote:
> > On Sunday, May 14, 2017 at 11:09:25 PM UTC-4, Andrew David Wong
> > wrote: On 2017-05-14 21:38, cooloutac wrote:
> On Sunday
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-16 01:24, cooloutac wrote:
> On Sunday, May 14, 2017 at 11:09:25 PM UTC-4, Andrew David Wong
> wrote: On 2017-05-14 21:38, cooloutac wrote:
On Sunday, May 14, 2017 at 3:48:04 PM UTC-4, Andrew David
Wong wrote:
>>>
On Sunday, May 14, 2017 at 11:09:25 PM UTC-4, Andrew David Wong wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 2017-05-14 21:38, cooloutac wrote:
> > On Sunday, May 14, 2017 at 3:48:04 PM UTC-4, Andrew David Wong
> > wrote:
>
> >
> > What do you mean? Are you suggesting t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-14 21:38, cooloutac wrote:
> On Sunday, May 14, 2017 at 3:48:04 PM UTC-4, Andrew David Wong
> wrote:
>
> What do you mean? Are you suggesting that qvm-backup has "more
> attack vector" than an encrypted KeePassX (or whatever) databa
On Sunday, May 14, 2017 at 10:38:37 PM UTC-4, cooloutac wrote:
> On Sunday, May 14, 2017 at 3:48:04 PM UTC-4, Andrew David Wong wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA512
> >
> > >
> >
> > What do you mean? Are you suggesting that qvm-backup has "more attack
> > vector" than
On Sunday, May 14, 2017 at 3:48:04 PM UTC-4, Andrew David Wong wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> >
>
> What do you mean? Are you suggesting that qvm-backup has "more attack
> vector" than an encrypted KeePassX (or whatever) database? Why?
> No, I think it's actually
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-14 03:51, Holger Levsen wrote:
> On Sat, May 13, 2017 at 02:55:12PM -0500, Andrew David Wong wrote:
>>> you really dont protect your gpg key with a passphrase??
>> See: https://www.qubes-os.org/doc/split-gpg/
>
> oh wow :(
>
>> Why is t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-13 18:39, cooloutac wrote:
> On Saturday, May 13, 2017 at 3:50:36 PM UTC-4, Andrew David Wong
> wrote: On 2017-05-09 14:54, cooloutac wrote:
On Tuesday, May 9, 2017 at 1:40:03 AM UTC-4, Andrew David
Wong wrote: On 2017-05-08 23
On Sat, May 13, 2017 at 02:55:12PM -0500, Andrew David Wong wrote:
> > you really dont protect your gpg key with a passphrase??
> See: https://www.qubes-os.org/doc/split-gpg/
oh wow :(
> Why is that a problem? It's only visible in dom0. If an attacker is in
> dom0, it's already game over.
no, t
On Saturday, May 13, 2017 at 3:50:36 PM UTC-4, Andrew David Wong wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 2017-05-09 14:54, cooloutac wrote:
> > On Tuesday, May 9, 2017 at 1:40:03 AM UTC-4, Andrew David Wong
> > wrote: On 2017-05-08 23:47, cooloutac wrote:
> On Tuesd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-11 20:53, Manuel Amador (Rudd-O) wrote:
> On 05/09/2017 07:54 PM, cooloutac wrote:
>> On Tuesday, May 9, 2017 at 1:40:03 AM UTC-4, Andrew David Wong
>> wrote:
>>
>> Why? No need to encrypt the database file if the whole VM is
>> encrypt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-12 06:53, Holger Levsen wrote:
> On Sun, May 07, 2017 at 12:23:47PM -0500, Andrew David Wong wrote:
>> 1. LUKS passphrase 2. Backup passphrase 3. Screen locker
>> passphrase Managing these three allows me to have an arbitrary
>> number of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-09 14:54, cooloutac wrote:
> On Tuesday, May 9, 2017 at 1:40:03 AM UTC-4, Andrew David Wong
> wrote: On 2017-05-08 23:47, cooloutac wrote:
On Tuesday, May 9, 2017 at 12:47:11 AM UTC-4, cooloutac
wrote:
> On Sunday, May 7, 2
On 05/12/2017 03:02 PM, Tom Hutchinson wrote:
> Thanks for the contribution Manuel. I'll check it out.
My pleasure :-)
Agreed about the passwords thing!
--
Rudd-O
http://rudd-o.com/
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To u
On 05/12/2017 11:53 AM, Holger Levsen wrote:
> On Sun, May 07, 2017 at 12:23:47PM -0500, Andrew David Wong wrote:
>> 1. LUKS passphrase
>> 2. Backup passphrase
>> 3. Screen locker passphrase
>> Managing these three allows me to have an arbitrary number of
>> additional secrets in VMs without having
On Friday, May 12, 2017 at 11:03:01 AM UTC-4, Tom Hutchinson wrote:
> Thanks for the contribution Manuel. I'll check it out.
>
> I can't wait for us all to get rid of passwords. They are garbage
> technology and garbage security. I don't know - maybe that's just me.
>
> Cheers,
>
> Tom
>
> On F
On Friday, May 12, 2017 at 7:53:40 AM UTC-4, Holger Levsen wrote:
> On Sun, May 07, 2017 at 12:23:47PM -0500, Andrew David Wong wrote:
> > 1. LUKS passphrase
> > 2. Backup passphrase
> > 3. Screen locker passphrase
> > Managing these three allows me to have an arbitrary number of
> > additional sec
Thanks for the contribution Manuel. I'll check it out.
I can't wait for us all to get rid of passwords. They are garbage
technology and garbage security. I don't know - maybe that's just me.
Cheers,
Tom
On Fri, May 12, 2017 at 7:53 AM, Holger Levsen wrote:
> On Sun, May 07, 2017 at 12:23:47PM
On Sun, May 07, 2017 at 12:23:47PM -0500, Andrew David Wong wrote:
> 1. LUKS passphrase
> 2. Backup passphrase
> 3. Screen locker passphrase
> Managing these three allows me to have an arbitrary number of
> additional secrets in VMs without having to remember anything else.
you really dont protect
On 05/09/2017 07:54 PM, cooloutac wrote:
> On Tuesday, May 9, 2017 at 1:40:03 AM UTC-4, Andrew David Wong wrote:
>
> Why? No need to encrypt the database file if the whole VM is
> encrypted. Also, if your database file doesn't use authenticated
> encryption, that's another thing to worry about. You
On Tuesday, May 9, 2017 at 1:40:03 AM UTC-4, Andrew David Wong wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 2017-05-08 23:47, cooloutac wrote:
> > On Tuesday, May 9, 2017 at 12:47:11 AM UTC-4, cooloutac wrote:
> >> On Sunday, May 7, 2017 at 12:33:54 PM UTC-4, nick...@kulinacs.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-08 23:47, cooloutac wrote:
> On Tuesday, May 9, 2017 at 12:47:11 AM UTC-4, cooloutac wrote:
>> On Sunday, May 7, 2017 at 12:33:54 PM UTC-4, nick...@kulinacs.com
>> wrote:
>>> On May 7, 2017 10:39:22 AM CDT, Andrew David Wong
>>> wrote:
>
On Tuesday, May 9, 2017 at 12:47:11 AM UTC-4, cooloutac wrote:
> On Sunday, May 7, 2017 at 12:33:54 PM UTC-4, nick...@kulinacs.com wrote:
> > On May 7, 2017 10:39:22 AM CDT, Andrew David Wong wrote:
> > >-BEGIN PGP SIGNED MESSAGE-
> > >Hash: SHA512
> > >
> > >On 2017-05-07 10:32, nickl...@
On Sunday, May 7, 2017 at 12:33:54 PM UTC-4, nick...@kulinacs.com wrote:
> On May 7, 2017 10:39:22 AM CDT, Andrew David Wong wrote:
> >-BEGIN PGP SIGNED MESSAGE-
> >Hash: SHA512
> >
> >On 2017-05-07 10:32, nickl...@kulinacs.com wrote:
> >> On May 7, 2017 10:23:54 AM CDT, Andrew David Wong
On 05/07/2017 05:23 PM, Andrew David Wong wrote:
>
> I prefer the security of qvm-backup[-restore], since it allows me to
> keep the vault and its contents permanently offline. The entire VM is
> BZIP compressed, AES-256 encrypted, and HMAC-SHA512 authenticated. The
> integrity verification, authen
On 05/07/2017 03:23 PM, Andrew David Wong wrote:
> On 2017-05-07 10:10, nickl...@kulinacs.com wrote:
> > What benefit does this have over simply ysing
> > qubes-split-gpg-client-wrapper, like done here:
> > https://github.com/kulinacs/pass-qubes It seems like a lot of
> > overhead for not a lot of
On 05/07/2017 03:10 PM, nickl...@kulinacs.com wrote:
> What benefit does this have over simply ysing
> qubes-split-gpg-client-wrapper, like done here:
> https://github.com/kulinacs/pass-qubes
> It seems like a lot of overhead for not a lot of gain.
1. The actual store is stored in a separate VM.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-07 12:23, Andrew David Wong wrote:
> On 2017-05-07 11:33, nickl...@kulinacs.com wrote:
>> On May 7, 2017 10:39:22 AM CDT, Andrew David Wong
>> wrote: On 2017-05-07 10:32,
>> nickl...@kulinacs.com wrote:
> On May 7, 2017 10:23:54 AM CD
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-07 11:33, nickl...@kulinacs.com wrote:
> On May 7, 2017 10:39:22 AM CDT, Andrew David Wong
> wrote: On 2017-05-07 10:32,
> nickl...@kulinacs.com wrote:
On May 7, 2017 10:23:54 AM CDT, Andrew David Wong
wrote: On 2017-05-07 10:
On May 7, 2017 10:39:22 AM CDT, Andrew David Wong wrote:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA512
>
>On 2017-05-07 10:32, nickl...@kulinacs.com wrote:
>> On May 7, 2017 10:23:54 AM CDT, Andrew David Wong
>> wrote: On 2017-05-07 10:10,
>> nickl...@kulinacs.com wrote:
> What benefit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-07 10:32, nickl...@kulinacs.com wrote:
> On May 7, 2017 10:23:54 AM CDT, Andrew David Wong
> wrote: On 2017-05-07 10:10,
> nickl...@kulinacs.com wrote:
What benefit does this have over simply ysing
qubes-split-gpg-client-wrap
On May 7, 2017 10:23:54 AM CDT, Andrew David Wong wrote:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA512
>
>On 2017-05-07 10:10, nickl...@kulinacs.com wrote:
>> What benefit does this have over simply ysing
>> qubes-split-gpg-client-wrapper, like done here:
>> https://github.com/kulinacs/pass-q
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-05-07 10:10, nickl...@kulinacs.com wrote:
> What benefit does this have over simply ysing
> qubes-split-gpg-client-wrapper, like done here:
> https://github.com/kulinacs/pass-qubes It seems like a lot of
> overhead for not a lot of gain.
>
What benefit does this have over simply ysing qubes-split-gpg-client-wrapper,
like done here:
https://github.com/kulinacs/pass-qubes
It seems like a lot of overhead for not a lot of gain.
On May 7, 2017 9:50:26 AM CDT, "Manuel Amador (Rudd-O)"
wrote:
>Building on the excellent pass (https://pas
Building on the excellent pass (https://passwordstore.org), it gives me
great pleasure to announce the initial release of qubes-pass — an
inter-VM password manager and store for Qubes OS.
Check it out here!
https://github.com/Rudd-O/qubes-pass
--
Rudd-O
http://rudd-o.com/
--
You recei
38 matches
Mail list logo