Qubes tutors?

[lcres...@gmail.com]

Hi all:

I was wondering whether Qubes as an organization or Qubes users with sufficient expertise offer/will offer tutorials moving forward.

As it presently stands, Qubes has made significant progress making it more user friendly to non-technical users, but there is still quite a learning curve especially for Windows users.

Are there any Qubes users offering freelance tutorial services, or does Qubes have any intention of offering reasonably priced structured courses in the future? Online or in person group classes could be an option for classes with various levels of proficiency (beginner, intermediate, advanced, pro). Also, Ubuntu has various groups or clubs around the world, why not adopt the same thing with Qubes?

As the Qubes experience becomes more user friendly, the barrier to adoption and use becomes less formidable. Qubes is not only making strides vis a vis addressing compatiblity issues, but the price of Qubes compatible machines has come down significantly over the last year or so. Tutorials could further reduce the barrier to adoption and use and help would-be users overcome the inertia, fear, and time it requires to migrate from a different OS.

Just a minor note on a totally different topic regarding A Simple Introduction to Qubes: https://www.qubes-os.org/intro/

How does Qubes compare to running VMs in a convential OS?

Convential should be "conventional"

Beyond this, I think the section should be reorganized, which can be done without significantly disturbing the integrity of the author's contribution. Let me know if you'd like input on this front.

[Robin Schneider]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi

I can not really comment on the tutorial thing except that this would be nice
of course.

Regarding your typo in the docs. Have a look at this repository which tracks
the documentation and which you can edit there:

https://github.com/QubesOS/qubes-doc

Hint: The docs also have a "Edit This Page" link which directly takes you to
the edit page :)

- --
Live long and prosper
Robin `ypid` Schneider
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWjh7WAAoJEIb9mAu/GkD4PiwP/3d5SffSKRC/zGyYI2XBY61M
r/IF5iV3oFhChcRb3UqO1M0BnVGceVtfZ1MWMt0XaFG9zlirkPVxU4PMHVOOWiIC
tQb2YinyeXUJj82Ee6wK2rv1PUl3XXz1yp137KDubw+3xUtOQOkSbyn5yqmR5Wxu
2/wr5BpAnyu/Rn6TMh57MvR4gY1H0+YkICLtOqeXB8CTDx2kL+yRNRsUZ+f7Dcrm
+1hYOYCMXCNxlSgTPOqXIW+rxHi2FaUONToZwP/g0WQpeQmz/rLEuoDK+bEB45q+
MDHs64+G/CshybScjW4PFlHft+/JQWldyNDiSZLyhaibrzrS3o5dyx44qjBFPJ/H
sU0PhxoUrGMknE4pvRmzShZeB5QLMNpSF09WLGs1vldli9X+Pooe+42d7upi+Eyz
spT8iLjNAX8BkV5zR24M467zFWXyOmRGgnhBysCkMpXTSkkhjVdYVSPppV24cqHU
jms79PofdR2fnZNZ7yIh4FIRM4PuR4fM1cwtdC8CtjOF7qy+cpOExpKRSz//4E2q
tET9Ze0XVQU/84QWenVcn3IwfW5lGWJHJH0m0XHWjlLoE4HjdftyHvM465d2JefK
kdbYwOX8bn/sWSsflX2nNXzL9AweRGx58nQbjt5yjGD7evL4YiOPfYgs8K1QQ9Sw
P37fQBsvKpT++ROdaoDQ
=orq8
-----END PGP SIGNATURE-----

[Axon]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

lcres...@gmail.com:
> Convential should be "conventional"

Fixed. Thanks.

> Beyond this, I think the section should be reorganized, which can
> be done without significantly disturbing the integrity of the
> author's contribution. Let me know if you'd like input on this
> front.

I'm open to suggestions.
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWjk83AAoJEJh4Btx1RPV826wQAIVb1Xz5tvsGtofWgWUpXS/P
aIo4IuesIUQPNY34FSmJffh8Dt++OItMdqLkwnrfLxAee0qCuLdoq6ckOw4rIIbo
kPLDNI6a0W4G3JfqR/lyadeLfxDUzSlTJjUEX2XJT/y1r14h4DEbjfDZZyp2cY7W
H0QoEPB0OeAqAIKM+F+gemviH4opudZwv9v3r+uwsKUoYY+6Sb2Nj0UeGtIJfOb6
ickxAhntVpvX64N97Awlx9GDSaIdBpbOimJbXcxqHNQZ/TPGYWqyhy6PSe760eIN
dCenw6ggi7OzEs6QYCSN1GD8BVl81biB84jT+v5QlvkKBeY371VtAxb9kyfro575
N2ahTjtnU5h7RrtRNRqRSmOSfMgw3XM1cKzW3wafZXrrJRK+FTdfOY/OJ4wSpd0M
6yMFCykrvy4mzIsNY+Zya+2h/BGcYH0+3WGjwyIujiDM0nt+VFkIcFwGqJXsONQi
OmA39hI2QVRicxcljhHKNr4rgsiCpdh4UVX2/1ePf0WjI9DsQAp6OfDqvLByDW5y
n+bhn+UHc0A7F5WIeua3dstGpJPG5Nuzp89NHZoxM8C3HoOyFkMzqo7rplQgawtI
qhByyxNX4qUilTfv2oJzndqpUYW+Tg8lUZt3uCSdnkOBouh4piQbSUj3PAOQTpct
wpWnetJYlhTOnak1CuHW
=bf0t
-----END PGP SIGNATURE-----

[prance...@sigaint.org]

> --
> You received this message because you are subscribed to the Google Groups
> "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to qubes-users...@googlegroups.com.
> To post to this group, send email to qubes...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/qubes-users/568E4F46.7000008%40openmailbox.org.
> For more options, visit https://groups.google.com/d/optout.
>
There's lots of how-tos that it would be useful to have, that don't
currently exist because Qubes is relatively new OS with a relatively small
user-base with largely similar goals, but frankly the learning Qubes for
using Qubes as a primary OS is relatively low, even for someone with
minimal linux experience (and I do mean 'minimal', if you can use apt-get
in Ubuntu, you can switch to Qubes with ease).

The biggest hurdle is getting into the Qubes mentality of partitioning
one's digital life, and I think the intro handles that fairly well. That
aspect is always going to be a very personal one, and no single formula
will work for everyone, but perhaps a few examples of different users
actual setups might help that step a little. After that, as an end-user,
if you want to do something and it works in Fedora or Debian, it likely
works in a template. What sort of additional things would you like to see
included?

I'm not familiar with the Ubuntu model. Do these groups meet in person? If
that's so, then Qubes meetups would seem to be somewhat contrary to its
focus on privacy and a ripe target for law enforcement infiltration and
data collection.

I know charging for tutoring would be a good way to keep the lights on at
the domain, but I personally feel uncomfortable when FOSS software
monetizes by the backdoor in this way. I don't object to charging for
personalized or advanced training in principle, but where I've seen it
happen (e.g. pfsense, proxmox), the basic documentation gets neglected or
reduced in what appears to be an attempt to frustrate new users into
handing over money. Two tier documentation would be particularly troubling
for Qubes, since in some cases people's freedom or life depend on it
working.

[Drew White]

i have been using qubes for a while now and i know how a user would use it and how i use it as a software and website developer.

i have done things they said coyld not or should not be done, and i have tightenned the security of qubes as well.

if you need anything, ask here or come on irc chat sometime on freenode. im on there at times, and others are too, who can assist you.

[Tim W]

Not to argue as I really like people that love to tinker and break things down to figure out how to change things to their own likes. I really do.  But at the same time what you are stating in your post is written to read as fact and that is simply not the case and I hope you would agree.  

Example:  It is your opinion that you have made changes to increase security you feel is helpful.  I think its been made clear that others do not agree with this.    But like I said I wish I had the skill to tear things apart and change them at the depths you do.  I am slowing learning though.   Way to many years of little linux use and never done much programming.


Certainly a more comprehensive and organized set of how to documents could be developed.  IMO its way to much to ask of the chief dev people to also handle this.  IMHO the amount of doc that have done is awesome.  This kind of thing is a place where many of us that have benefited greatly from this OS and dev team can help give back.  Anyways that my opinion.

[Zrubi]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 01/07/2016 01:31 AM, lcres...@gmail.com wrote:

> I was wondering whether Qubes as an organization or Qubes users
> with sufficient expertise offer/will offer tutorials moving
> forward.

Actually I've held several sessions (in Budapest) about Qubes OS.
Some was for a larger audience but the most are for only a small group
of people.

My experience as a speaker:

- - if it is for a large audience - then it can only be some kind of
informative/marketing (in a good meaning) session. This can be only
useful for people who would never found (or heard about) Qubes
otherwise on the internet.


- - if it is for a small audience - then it can work as a workshop.
I prefer these kind of sessions, because the audience here are really
interested about Qubes, at least they know what is it in glance and
already had several questions and topics to discuss. But the topics
discussed here are really depends on the audience previous experience.
That means: all the sessions will be different.


- - in general:
Qubes has answers for a lot of problems - but the average (windows)
user not even understand the questions behind, so they will not even
understand the basic features Qubes offers.

So as I see the main issue here the lack of security related knowledge
of the users. Like if you never had a sunburn you will not even know
why the others buying and using sunscreen.



- --
Zrubi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWj4PdAAoJEC3TtYFBiXSvCOsP/1T57T1hK+DgluEZUNDcbQns
AvCAxDBRwIHzKFldGQXoQi9juldzTlS4eyb7txDjLEv8xrDhbpwBLi+vB4iHwl0Z
nCZR2s+0sf8/Iz7q8uJlQpR1/XcTZ6ys/yPYl83S+PrEoWrIYQP3FzVnyi01RNkb
ps9ykluoAyx+J230dhWTSh7TseOSZUEBoKbZazTS5fbWEPc1jEuefu9MO5AUjiIg
9OtVcVdjl9rA0xnzNMF5mK+9Ydlr9YRNsm0mNRz0ieF+jM6xOpNmmhE9UohG4dqC
Tw0i0QN+ojD1sB1rVMroZyfxGbKBIaxA1d1d3ngmkBRhwshopHJg/xfS1srR4vlR
PMhTAZ4kJE0lSnJ27hyJceDlJMtDWi3muYwKxcFjPG+8M1odmvKIaxpgiuhy4nNn
Et7O6OAphSV8qCrAtc6hdGYlGPhKs5vdliZ7T35JiYhZndVkaus9BhGVdG+/vmhG
fgs95Cvl9uJ99ylxz0eHjUJyhlL8g44v1Om9IHcmzxmnM+1OpIL2H9wNeIkqzLx7
/u0/HDqcYczGF9JIi2xHLe1HdiNJOc70pWP5aBhCD0k3UyTfhBE93EHf07Hxt34q
mNmABrYmeaU50IIIu/HqkZN4nN0FYk/fIRTeKv+uARW4BAGlhyeqgEQCNevrnkIH
Q3L7hr4KTlhIxoLptXWJ
=1Tg7
-----END PGP SIGNATURE-----

[7v5w7go9ub0o]

+1 on what Zrubi said.

Some additional, random thoughts:

- Qubes is still undergoing significant development and evolution. So
I'd guess that beyond the current documentation, today's tutorials would
be obsolete in a year.

Baring a grant or funded corporate request, a very tough time to be
investing in training.


- Many "interested" folks are only casually so. Typically they are
Windows-only users who are disinclined to learn anything about Linux -
even the most user-friendly levels generally required by Qubes. So you
need to talk about Windows and Linux before talking about Qubes and
hypervisors. A major undertaking.

- I am a total newbie - yet a year or so ago (R2 final) found the
documentation, discussions, and this news group (especially Marek) to be
very good. But I did have to work at it! (and had a few years of
command-line linux experience, so was not dissuaded by tweaking or
having to learn rudimentary Fedora).

- I'd guess it is difficult for Axon and others to introduce/document
Qubes. He/other users can look at a document and find it clear and
useful; whereas a newbie can look at it and become easily confused by
the most minor of items (e.g. is it "Security through isolation";
Security though virtualization"; "Security by compartmentalization"? Are
these the same?)

Perhaps lcrespo367 and others could be prevailed upon to assist? There
may be some low-cost improvements. e.g.

1. Is the present documentation readily locatable via Google?

2. Is the present documentation clearly identifiable as R2; R3.0; R3.1
etc. (or is it Q2; Q3).

(e.g. instead of
<https://www.qubes-os.org/doc/installation-guide/>
should it each page have reference to version:
<https://www.qubes-os.org/doc/R3.0/installation-guide/>

3. Are there outdated pages on the Qubes domain; pointed to by Google
searches?

4. Is there a good way to find Marek's newsgroup commentary - which
often can save much confusion.

5. Can the organization of the documentation be improved? I (and others)
expect to upgrade to R3.x shortly after it is finalized (a month or so?)
and will essentially rebuild my box. This will necessitate a paragraph
by paragraph use of the documentation. How can I best feed back comments
to Axon without garbaging up this news group? Perhaps a "documentation"
group?

(ps the introduction and organization of
<https://www.qubes-os.org/doc/installation-guide/> actually seems pretty
good, given this stage of Qubes development - I'll have an opinion in a
few months).

HTH

[Eric Shelton]

On Friday, January 8, 2016 at 4:39:48 AM UTC-5, Laszlo Zrubecz wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 01/07/2016 01:31 AM, lcres...@gmail.com wrote:

> I was wondering whether Qubes as an organization or Qubes users
> with sufficient expertise offer/will offer tutorials moving
> forward.

Actually I've held several sessions (in Budapest) about Qubes OS.
Some was for a larger audience but the most are for only a small group
of people.

My experience as a speaker:

- - if it is for a large audience - then it can only be some kind of
informative/marketing (in a good meaning) session. This can be only
useful for people who would never found (or heard about) Qubes
otherwise on the internet.


- - if it is for a small audience - then it can work as a workshop.
I prefer these kind of sessions, because the audience here are really
interested about Qubes, at least they know what is it in glance and
already had several questions and topics to discuss. But the topics
discussed here are really depends on the audience previous experience.
That means: all the sessions will be different.

Such sessions sound like a great idea, and remind me of "crypto parties" conducted by Internet activists (including Snowden).  See https://www.cryptoparty.in/  Maybe it would be helpful to work collectively on some slides for such events.  Here is one set of slides: http://www.slideshare.net/csirac2/qubes-os-presentationtoclug20150727

Beyond the initial issues of installing Qubes, it seems like a frequent issues include (1) deciding how to divide one's activities across AppVMs, and then (2) using the resulting collection of AppVMs in a secure way (and adding new ones as needed).  Aside from instructional materials, it might be good to develop techniques that help people avoid making mistakes.  For example, a web browser plugin that prevents the browser in the untrusted AppVM from visiting your banking website that should only be accessed via the banking AppVM.

Another helpful set of materials might involve identifying common setups people have on home or work computers, and illustrating how that could be translated into a Qubes setup.  For example, printing is going to be an issue for many users.  I suspect there are many users for which having a web browser and LibreOffice would meet most or all of their needs.

 

- - in general:
Qubes has answers for a lot of problems - but the average (windows)
user not even understand the questions behind, so they will not even
understand the basic features Qubes offers.

So as I see the main issue here the lack of security related knowledge
of the users. Like if you never had a sunburn you will not even know
why the others buying and using sunscreen.

I think this problem extends well beyond the "average user".  Going by times that Qubes-related news has popped up on Hacker News and Reddit, there is a clear lack of understanding as to what Qubes offers.  Some examples:

https://news.ycombinator.com/item?id=2645170

https://news.ycombinator.com/item?id=10518842

https://news.ycombinator.com/item?id=10736516 (disappointing lack of discussion of Qubes OS; focuses on coreboot-type gripes against Purism)

Among more expert users, Qubes seems to often be dismissed based on the view that isolation via VMs does not offer anything over standard MMU-based process isolation or Linux containers (or FreeBSD jails, etc), and that it merely adds another layer to things.  Also, for those who at least know something about Xen, last year's run of XSAs seems to have diminished their faith in Xen providing bulletproof isolation (despite the Qubes team having made choices that defused a fair chunk of those XSAs).  Some advanced users are absolutists, and appear to believe that the lack of grsec kernel hardening and the use of passwordless sudo are just begging for AppVMs to be compromised, and that this betrays a lack of seriousness in providing security.  I think Joanna's presentation at the Post-Snowden Crypto conference (see https://psc2015videos.projectbullrun.org/) addresses a lot of these issues, but few are going to watch the video, and the slide deck does not seem to be posted on the qubes-os.org website.

Eric

[Drew White]

On Friday, 8 January 2016 17:01:48 UTC+11, Tim W wrote:

On Thursday, January 7, 2016 at 8:54:43 AM UTC-5, Drew White wrote:

i have been using qubes for a while now and i know how a user would use it and how i use it as a software and website developer.

i have done things they said coyld not or should not be done, and i have tightenned the security of qubes as well.

if you need anything, ask here or come on irc chat sometime on freenode. im on there at times, and others are too, who can assist you.

Not to argue as I really like people that love to tinker and break things down to figure out how to change things to their own likes. I really do.  But at the same time what you are stating in your post is written to read as fact and that is simply not the case and I hope you would agree.  

It is to read as fact because it simply is fact.
 

Example:  It is your opinion that you have made changes to increase security you feel is helpful.  I think its been made clear that others do not agree with this.    But like I said I wish I had the skill to tear things apart and change them at the depths you do.  I am slowing learning though.   Way to many years of little linux use and never done much programming.

The fact is that the Unix/Linux community are the ones that I learned from, and I learned from hackers, and I know for a fact that I further secured it by turning off vulnerabilities that are naturally there. One of those being SUDO. I altered things to work without SUDO. Thus increasing security. That's only one of the things that I did.

 

Certainly a more comprehensive and organized set of how to documents could be developed.  IMO its way to much to ask of the chief dev people to also handle this.  IMHO the amount of doc that have done is awesome.  This kind of thing is a place where many of us that have benefited greatly from this OS and dev team can help give back.  Anyways that my opinion.

If you were to go through the forum here, you would find everything you need to create brilliant documentation. My first stop before the documentation (that makes very little sense to me) is to come here for some technical way of having it explained so that I understand it. I'm one of those people that has issues understanding Lamens Terms. But I'm learning. However it is taking me a while. Don't get me wrong, I"m not saying that the documentation is bad, but that it's not for me. The read-me on how to create a template, it makes almost 0 sense to me. I can't find where to start as there is nothing to say what I have to do before I get to the point where it says to start doing what it's doing.


 

[prance...@sigaint.org]

> Am 07.01.2016 um 14:27 schrieb prance...@sigaint.org:
>> but frankly the learning Qubes for > using Qubes as a primary OS is
>> relatively low, even for someone with
>> minimal linux experience (and I do mean 'minimal', if you can use
> apt-get > in Ubuntu, you can switch to Qubes with ease).

> Definitely not. Even if you don't consider "ease of use" (and frankly,
> Linux sucks in comparison to Mac OS X in that department) you're
> over-simplifying.
>
> I'm trying to get Qubes to be manageable on a Lenovo W540 with a HiDPI
> display. I don't know how Ubuntu is dealing with it but it does.
>
> Depending on the kernel, the available connectors (i. e. is it in the
> docking station or not) and the phase of the moon the password entry
> mask for disk decryption is appearing on a random screen (even if none
> is connected there). Getting all components to find some resolution that
> ends up in the visible range is non-trivial either (something you don't
> have to care about in Ubuntu at all).

>> The biggest hurdle is getting into the Qubes mentality of partitioning >
>> one's digital life,
>

> The biggest hurdle is getting your environment working at all. I stopped
> caring for X11 after I bought my first PowerBook in 2003 and returning
> to (having to take a look at) it in 2015 made me wonder if anything has
> changed since then (and to be honest: X10 on a MicroVax was easier to
> set up). And let's not get into details; choosing the shell user's most
> beloved key combinations for cut&paste between machines, too, was
> ingenious. Maybe I'm too stupid to find the documentation but I had to
> use strings (and install it in the fedora template first!) to get an
> idea about the syntax for changing guid.conf.
>
> Qubes doesn't have the amount of documentation some end-user-ready OS
> needs (and how should it?) and neither does it have the ease of use of
> one (I could - and did - put my mother in front of a Mac and she didn't
> bother me with it) so anything that helps people to deal with it should
> be welcome.
>
>
> Achim
>
>

Hi Achim. Please send your responses to the mailing list, and not me
directly. Every post is potentially useful to another user down the line.

Anyway, you're right, I was oversimplifying a bit. If you want a
complicated set up or hardware that's not supported, it's definitely
tricky. If you want to do something non-standard in dom0 (particularly in
the GUI department), then it's complicated; and frequently means
sacrificing security.

I understand the plan is to move drivers (and maybe some other things) out
of dom0 to a semi-trusted non-dom0 VM . This should allow better
customization and compatibility.

Qubes is definitely limited in some departments. It's not that pretty and
you might have to change your hardware to suit it. But imo, this is a good
trade off for the added security and privacy it allows.

[Achim Patzner]

Am 07.01.2016 um 14:27 schrieb prance...@sigaint.org:

> but frankly the learning Qubes for > using Qubes as a primary OS is relatively low, even for someone with > minimal linux experience (and I do mean 'minimal', if you can use apt-get > in Ubuntu, you can switch to Qubes with ease).

Definitely not. Even if you don't consider "ease of use" (and frankly, Linux sucks in comparison to Mac OS X in that department) you're over-simplifying.

I'm trying to get Qubes to be manageable on a Lenovo W540 with a HiDPI display. I don't know how Ubuntu is dealing with it but it does. Compared to that, Qubes is painful.

Depending on the kernel, the available connectors (i. e. is it in the docking station or not) and the phase of the moon the password entry mask for disk decryption is appearing on a random screen (even if none is connected there). Getting all components to find some resolution that ends up in the visible range is non-trivial either (something you don't have to care about in Ubuntu at all).

> The biggest hurdle is getting into the Qubes mentality of partitioning > one's digital life,

[raah...@gmail.com]

I think you should get a linux tutor. I think the fact i can use qubes very well is because i learned the basics of linux first, like all the basic terminal commands as example. If you are comfortable using linux, qubes should not feel much different and will be very easy to pick up because the dom0 and the default apps are based on fedora. . You would not believe the genius experts I talk to, who assume qubes is hard to setup even though its easy to use even for a noob like me.

That being said in qubes there is other commands you will need to learn, like how to mount external storage to a vm, or transfer files between vms. How to update qubes or install apps properly, customize vms etc... But qubes made it very easy to do almost all these things from the qubes vm manager gui so there is not even a need for commandline. The biggest issue i have for myself personally, is learning how to monitor all network and i/o activity on the machine and setting custom fascist firewall rules. This is something i have been accustomed to doing for years on traditional windows and linux, but in qubes it s very complicated and most users feel it is not nescessary. And in reality its probably not useful and most times impossible to determine when a comporomise happens, which is partly the whole purpose of using qubes instead in the first place. So I sometimes feel lost in qubes, but I think the tradeoff is worth it.

This mailing list is extremely helpful and has loads of information though. Feel free to ask anything and don't be ashamed. I don't think the team has enough time to really focus on documentation so alot of times the offical qubes website documentation links to threads on this very mailing list (or "threats" as joanna usually Freudian slips with lol) for certain discussions.

But the main things to learn that is different with qubes vs traditional os, as an above user posted, is learning how to compartmentalize your life. Joanna has a blog post with a similar title where she shows how she chooses to do it on her personal machine which helped me understand, but for some reason i cannot find the blog post if anyone can post it please? You basically have to determine what tasks are more secure or need more privacy then others, and to seperate them in different vms. Qubes, like anything else, still boils down to personal opsec, but what qubes does more then antying is really make you think about these things. For example I use a separate vm for banking only. I use the personal vm for logging into my non- important password accounts like personal email, forums, this mailing list. I use a whonix tor vm for random web browsing. Disposable vm for porn or dangerous websites or files or task where i would rather not expose an appvm. A separate vm for mounting external usb drives. I have a seperate non networkd vm for playing media on local hdd, and another vm for offline work....etc.

I think as qubes will get more popular and more experts start to use it, it will become even more secure. For example it now has other vm templates like debian and whonix which you can now implement apparmor security and more robust tor vm. Maybe if some grsecurity people decide to join forces it will even have better kernel security in the future. I think right now qubes goes against a traditional way of thinking and alot of "experts" are still uncomfortable with it. ALso, We are in an age right now where offensive security is all people are interested in and defensive security has a taken a far back seat. I think is part of the problem with the industry, Its not the 95-2005 decade anymore but I think qubes is helping to change the industries philosophy, which is sorely needed in this day and age.

[Tim W]

I agree I think 99% of what you have to do in terms of config troubleshoot is linux based.  Same goes with most maintaince stuff.  The big dif I agree is learning to use the security functions Qubes brings to the  game. 

"I'm trying to get Qubes to be manageable on a Lenovo W540 with a HiDPI display. I don't know how Ubuntu is dealing with it but it does. Compared to that, Qubes is painful."

This too if the issue is the tiny tiny icons and text etc is not a Qubes issue but is the windows server/manger issue.  That all is controled by GNOME/KDE.  You need to searches on that.  Now as Qubes tends to lag behing current release in Dom0 and that is where the windows manger is this I guess you could say is a Qubes issue.   The issue in fact is KDE or whatever windows manager is in use.  These days they are really not just windows managers as they started out but are GUI environments as they have so many other packages and functions. 

If you do a google search "KDE settings for  HiDPI" will get you all kinds of info.   Same for gnome.  The likely reason Ubuntu Unity may be so smooth is that they control both.   It looks like KDE5 seems to have settings that are working quite well.   I have never messed with upgrading dom0 like that.   IIRC I think Qubes runs a somewhat stripped down KDE4 environment.   Not sure what issues would be found upgrading to kde5. 

But searching there seems to be recommended settings to try and how tos for all the various DEs: KDE, GNOME, XFCE. etc.....

[piitb...@gmail.com]

Hello,

Am Donnerstag, 7. Januar 2016 02:31:25 UTC+1 schrieb lcres...@gmail.com:

> Are there any Qubes users offering freelance tutorial services, or does Qubes have any intention of offering reasonably priced structured courses in the future? Online or in person group classes could be an option for classes with various levels of proficiency (beginner, intermediate, advanced, pro). Also, Ubuntu has various groups or clubs around the world, why not adopt the same thing with Qubes?

I like the idea that technology (somehow more) skilled people help each other to solve problems and while solving those problems generate a better documentation for less technology aware people.
This is the approach I am currently taking, writing a howto to run Qube OS including Win 7 on my Lenovo W540 which is a nice laptop for Qube OS, as it has a quadcore cpu, 32GB ram and two SSDs.

While there is already great documentation available at https://www.qubes-os.org/doc/ I'm searching for a documentation based on hardware modells.
Something like the ThinkWiki for Qubes OS.

This would allow newbies to search which systems are running Qubes OS and how they need to be setup. It would be much easier to follow a detailed step-by-step howto that has been made for a specific modell than a more generic howto.

Example: I know that some people have successfully setup the W540 with Qubes OS, but I can't find a place that answers all my current questions:

- do I really need to install nvidia drivers?
- is it possible to get the WWAN/LTE-card to work?
- the documentation regarding nvidia drivers says that they will work for GeForce 6/7/8/9/200/300/400/500/600/700/800/900 series cards. Does this include the nvidia GK106GLM (Quadro K2100M) which is the dedicated GPU in my W540?

Is there a qubes OS Wiki already?
If not I would add my Qubes OS Howto to my own wiki, which is not that great.

- Piit

[Axon]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

piitb...@gmail.com:

> Hello,
>
> Am Donnerstag, 7. Januar 2016 02:31:25 UTC+1 schrieb
> lcres...@gmail.com:
>
>> Are there any Qubes users offering freelance tutorial services,
>> or does Qubes have any intention of offering reasonably priced
>> structured courses in the future? Online or in person group
>> classes could be an option for classes with various levels of
>> proficiency (beginner, intermediate, advanced, pro). Also,
>> Ubuntu has various groups or clubs around the world, why not
>> adopt the same thing with Qubes?
>
>
> I like the idea that technology (somehow more) skilled people help
> each other to solve problems and while solving those problems
> generate a better documentation for less technology aware people.
> This is the approach I am currently taking, writing a howto to run
> Qube OS including Win 7 on my Lenovo W540 which is a nice laptop
> for Qube OS, as it has a quadcore cpu, 32GB ram and two SSDs.
>
> While there is already great documentation available at
> https://www.qubes-os.org/doc/ I'm searching for a documentation
> based on hardware modells. Something like the ThinkWiki for Qubes
> OS.
>
> This would allow newbies to search which systems are running Qubes
> OS and how they need to be setup. It would be much easier to follow
> a detailed step-by-step howto that has been made for a specific
> modell than a more generic howto.
>

I think that's a great idea!

> Example: I know that some people have successfully setup the W540
> with Qubes OS, but I can't find a place that answers all my current
> questions:
>
> - do I really need to install nvidia drivers? - is it possible to
> get the WWAN/LTE-card to work? - the documentation regarding nvidia
> drivers says that they will work for GeForce
> 6/7/8/9/200/300/400/500/600/700/800/900 series cards. Does this
> include the nvidia GK106GLM (Quadro K2100M) which is the dedicated
> GPU in my W540?
>
>
> Is there a qubes OS Wiki already? If not I would add my Qubes OS
> Howto to my own wiki, which is not that great.
>

No, but if you'd like to add your guides to the documentation, we are
always seeking quality contributions. Here are the details:
https://www.qubes-os.org/doc/doc-guidelines/

> - Piit
>

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJW6IGiAAoJEJh4Btx1RPV8krEP/RUXb29ILT2bc9IMa8fMZnpL
5xuhClRvYymgtpF3nnC+rfQ9aQ6LKbTKp8irEVQ81jvyYbx+IwrLtqrYF5rUa+Kp
t/odGHA2FHrp56Yowtt9HAnTrpZkPGV6F06f7QgYBfYOeJVFWmeyz2Q9Lw9+hfPu
rGIuugRbRs+VjmAYss4YhoQ8M2ISnUYwcANx19E3/H3Xo4kTwwfR0S93k7+470BK
HUHRqWAd8Xy8qJUA4vXlS7LDdZVjxCNxw+WGehtMvQkzaZimtXIUoYvpllL8GoRf
ji+JFIHlKrt0JojuKDAcY+4yfLRRyP3tAFamPDHgpEAAMKsQq3SfBCZHawVWA2SB
6ZlPJlcO5Gdx3dcykAIX9WCgkpKiUuIlCp+SFl1VQsURUpp8O8v03JdzR2KEkyDf
pDnxZdR0RmHTd1H/3l3V+fQK9LVtHEhU/ddBBtGfMca70Ij/nINlByYHWUnbx5HT
AqRR5/Csf4Y6Qb4RZK7830jaK1oR+PVHqXVjIsD/ihwJgRlD8unqWUtR86tIp443
qkURzltNY2um6xN0o3owrmM6Ew5E+c4qtcu7vUodqpbe9evKat0UZ3DR/PXdsx0+
6ijbH6Kaj/Qwprab4mWAbHJ2aLjeogkVOGEaoYhHgOjNxaSKpAEnRCVv+vPj45KO
15Y//lrL9u08Q2B6D3Bb
=dOji
-----END PGP SIGNATURE-----

[piitb...@gmail.com]

Am Dienstag, 15. März 2016 22:42:47 UTC+1 schrieb Axon:

> > While there is already great documentation available at
> > https://www.qubes-os.org/doc/ I'm searching for a documentation
> > based on hardware modells. Something like the ThinkWiki for Qubes
> > OS.
> > This would allow newbies to search which systems are running Qubes
> > OS and how they need to be setup. It would be much easier to follow
> > a detailed step-by-step howto that has been made for a specific
> > modell than a more generic howto.

> I think that's a great idea!

Great, I'm happy to start unfortunately I am not gifted with any programming skills and as such can only provide documentation / project management skills to this project.

> > Is there a qubes OS Wiki already? If not I would add my Qubes OS
> > Howto to my own wiki, which is not that great.

> No, but if you'd like to add your guides to the documentation, we are
> always seeking quality contributions. Here are the details:
> https://www.qubes-os.org/doc/doc-guidelines/

This sounds great, as I don't want to mess up the existing documentation, I suggest opening up an own headline / area within the existing documentation which could be named something like "Qubes OS - <Vendor Modell> Install-Guide", for example: Lenovo W540 Install-Guide or Install Howto.

Within this page someone could start do document what (s)he made to get Qubes OS running and maybe additional tricks specifically to this modell.

Another nice idea for newbies would be if some people would like to become something like a "support contact" specifically for this modell.
For example I would be happy to help other Lenovo W540 users to get Qubes OS running on there machines.

QUESTION:
Can you create the structure and point me to a page where I can start this idea for my laptop modell.
If you decide that you want to go another way for the documentation, the information can still be (more) usefull than being located in some file on my local machine.

- Piit

[Axon]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

piitb...@gmail.com:

Sure! Here you go. I made a blank page here:

https://www.qubes-os.org/doc/installation-guide/lenovo-w540/

You can edit it by clicking on the "Edit This Page" button on that page.

When you're ready, simply follow these steps to create a pull request:

https://www.qubes-os.org/doc/doc-guidelines/#how-to-contribute

If you run into any problems, please let me know!
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJW6UEVAAoJEJh4Btx1RPV8gboQAOtrxPjU0sk+iGmI+NABgWRZ
tq1dFvR1WfcVLHEBvhKwAshr4FYbBh8Evm/CSXzxVu0lZdXummvo2IKzSZchCC0Z
HR4Vl3CrhKNNmgF9jM+L4DmQWLVnsE3+xqsn1CkGwoBjmHedN1hSaa6utfSbUnOe
ahAlw/owMK0+dd48p2t9UiZnMXigJrZ6/I/SdANL44rM7Oq+KsM5YuD2UdgdlD2H
6JSXCbtv/l34dQZrFaxKoJJ1PGm02pG9DfXzKpXITNZ9DbIqJV+OaPrWI2VnsNxn
OU0BNGudMXUXoBRDe6uskBJaZLYWh19TkmJj99TQDapqDu/U764Sb9+X0sYQMmzL
7+VeeiUlJs8Az6rFkYRzyTh8Fs8XNSNmk0I5oI1cioqbUx8O8SVvniIZXqaWxB9j
A1cF6X2n5uikEYeH2vu3OKS2uwGr4raz/AOpQ22Marn3thdvhb0ofdGtTs+VSBdH
8iFBLqcH/MhbwqKldmMUQMCgjoVY2m4CtVHhXR/PKartuHFYGT4wAu8I4Fk0oB3K
7tLNCYynD123RzxjE4cm3vYNHOpucAlM/n6cDN1yOdbS8NCcJ/g7Wg1xL2M2x9XV
C6sM/d1ttbOWgNySnIIbIER7v2WxVFktt1rx//7j2iKYxh3hCf8Vp4vR1GlfNlFn
k+LL1DX4zWhzUxodQwsD
=5nmk
-----END PGP SIGNATURE-----

[piitb...@gmail.com]

Hello,

Am Mittwoch, 16. März 2016 12:19:14 UTC+1 schrieb Axon:

> QUESTION: Can you create the structure and point me to a page where
> I can start this idea for my laptop modell. 

Sure! Here you go. I made a blank page here:
https://www.qubes-os.org/doc/installation-guide/lenovo-w540/

(...)

Thank you, I've started to edit this page - as I have never worked with GIT before I would like to know if my first commit was right, before I continue to work on the page.

I've jot done some notes, but the changes are not (yet?) reflected on the site.

Do these changes need to go through an approvement process or have the changes not be transferred from my GIT.account?

- Piit

[Axon]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Axon:
> piitb...@gmail.com:

> The changes have to be approved before they will appear on the
> live website. This is explained on the Documentation Guidelines
> page, along with a step-by-step guide (with screenshots) of how to
> submit your changes. After you commit your changes, you'll have to
> make a "pull request" as explained in the guide. I don't yet see a
> pull request from you (which is fine if you're still working on the
> page). Please carefully read the guide and following the steps. If
> you still have trouble or if the guide is unclear, let me know.
>

Correction: I see that there was a pull request from you which was
closed one minute later. So, just do the same thing again once you
have a version you'd like to see go live. :)
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJW6cApAAoJEJh4Btx1RPV87BQQAMmQM2XZ+Ah3C/FMdF84xAKz
8I4j3D6P/Zd4oU0n+Z8l9gFLPpujVErmd/GtbhaswHqK3xlPR2FXzQWYjxEzDsSI
G1NpquQiXu/XAG+oIBPDZuazpKqSDtH+ISOyg36anrndrVCn1Cbuxyr6huO8IeDv
3SfAgE2Tho0ie1cyoPyB83AR6AdaCh6caGGPM2n59Q/6r09TBdDizhNN7MpwH679
M1qqQr9LA2GocVJMAqvt/Z0LHxI6dnzSBkzLit6HuSjt/38Vpch7qlGkeYCR2kYD
sa19TkugqaT4zL+XUdijVArM6P8644+KR/wnHrGjYEm+cEOtDW44UQLiBSVQLulv
F7VkGrK2XM3bo+fCkZv4nHynqT5edBqMNdRV+gX0iUNyEoKKhbQQoqdyxW8eQ9Ul
iAfeXkMAnwyn6mgsw1PkqgLZ8LalDwPrlPiiA0BLGSafXL0/V6t+KVcYkTOW58rQ
dVxuPPEPqhpUxPJGUE3hLFDdpV4JMiOKSlc4S+vHqdF9/+upz9neJdpIFBWz+iht
q8ttWyEYZ2nC6sj9GkxGk25+Bqqnhe0uJ8Bp+L/CcWN524C/jw/uT1Cb8VvTDRB+
AG5ikQ2djZLEbDtxrdv0k7W9dyeboonf9dvpQ71+zkCuAs7rGeWQrP4Hsj93fCBw
/doWvFsySzGo85xM/y/p
=oQGw
-----END PGP SIGNATURE-----

[Axon]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

piitb...@gmail.com:

The changes have to be approved before they will appear on the live
website. This is explained on the Documentation Guidelines page, along
with a step-by-step guide (with screenshots) of how to submit your
changes. After you commit your changes, you'll have to make a "pull
request" as explained in the guide. I don't yet see a pull request
from you (which is fine if you're still working on the page). Please
carefully read the guide and following the steps. If you still have
trouble or if the guide is unclear, let me know.

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJW6b42AAoJEJh4Btx1RPV8Y2gQALB+ap0Hj0RWjZ8OXgrrQqae
kv3sIJxWgFcxIAOcFhj+QY4zFXje9RIlgyEpgUBvkumHMRId+pC0dGcci7hrt4iN
sNQBvs5qEj0Gz38dSyncrdjmatNrzdj6laWn9rVmviOOOn1rTtdRsO514KRwja/Z
3h4EVej8jB7NZyUzQUusz5Z7/ysbcVQl8LU1X5FO6Iqkf7YcNwyRt4ApzJ72bet/
a2Duc9+6Wj/06yPsxJMB+mje+oTbP9OOK4N0YUp5Cq96qcUudj8etnnFuS45nVyt
Dqar3uPIeAUSSdZhfrBdO/aMqmdlY10gCLKSn1+oLTTtXeBVz4oJ7B/vMIfdd4mh
39xvosC73tyNVbGrD1R4F07ttQ/oKwDeWJKi5IDUNeLaeg6PhGHyif7fRj5V4hUv
/viimlL4oUI7QZOa/rvTckLKGbSsUHlY3+HsAhl0cnOKS0Wris1lPPWEFyPhr7ep
eG0ETBe8AhKtd0PL142OT0sPLuNh3UTDwNekDqMSqg+D8kIyWHTkmaltxdUkFZOu
67nUbb9T6xiwwTa0Olv2rk3x4LD6+/aa+fq00KonmWIyQ0OxWaGqkPyuRBhqEkyK
vlnRlyCCe3g5XhUqAakwkXpQinBex0kLfKwPhF1z4Q+A1VNcAN9wP+J4GVN83zB0
NQoX6ZEGfXSlfci8mKLr
=0/zk
-----END PGP SIGNATURE-----

[Manuel Amador (Rudd-O)]

On 01/09/2016 01:01 AM, Drew White wrote:
> On Friday, 8 January 2016 17:01:48 UTC+11, Tim W wrote:
>
> On Thursday, January 7, 2016 at 8:54:43 AM UTC-5, Drew White wrote:
>
> i have been using qubes for a while now and i know how a user
> would use it and how i use it as a software and website
> developer.
>
> i have done things they said coyld not or should not be done,
> and i have tightenned the security of qubes as well.
>
> if you need anything, ask here or come on irc chat sometime on
> freenode. im on there at times, and others are too, who can
> assist you.
>
>
> Not to argue as I really like people that love to tinker and break
> things down to figure out how to change things to their own likes.
> I really do. But at the same time what you are stating in your
> post is written to read as fact and that is simply not the case
> and I hope you would agree.
>
>
> It is to read as fact because it simply is fact.

Nah. It's really your opinion, and there is no way to verify any of
your claims because you have not published any of your work. It would
be a different story if you had published, say, scripts that implement
your "security upgrades", but no, you haven't published anything, so all
we have to go on, is your word. Which is not very good because you
often say things that others find nonsensical or baseless.

*Publish your work and let it be judged, instead of praising it constantly.*

--
Rudd-O
http://rudd-o.com/

[timet...@gmail.com]

On Wednesday, January 6, 2016 at 6:31:25 PM UTC-7, lcres...@gmail.com wrote:
> Hi all:
>
> I was wondering whether Qubes as an organization or Qubes users with sufficient expertise offer/will offer tutorials moving forward.
>
> As it presently stands, Qubes has made significant progress making it more

IMO very few issues are Qubes specific. My experience is that the majority of problem either come from (a) hardware issues and (b) Fedora issues. As someone coming from Windows to Linux via Qubes I can say I have come to hate Fedora. I have done the reading and I understand why Fedora was chosen but of the major Linux distros it is by far and away the most user-unfriendly, has the smaller user base, and has the least hardware support.

So they items that are specific to Qubes is really not many, not unless one gets into advanced topics. Better to spend time with Fedora or spend $$$ on hardware. These will make your life easier than any Qubes tutorial.

[raah...@gmail.com]

switch to debian-8 template for your vms instead of fedora.