Privacy Screen. How to
52 views
Skip to first unread message
Catacombs
Mar 25, 2020, 8:47:23 PM3/25/20
to qubes-users
I have just installed Qubes on a Lenovo X230 with original Intel WiFi. I go McDonalds to try to use public WiFi. I power up. I get A box to start Tor connection. Which I am pretty sure will not work. I cancel. I start Debian 10 Firefox. After awhile I get a cherry red connection icon on the upper right side of screen. It shows connections available. I choose McDs. McDs has a privacy screen. Harden wall. A button. Click here to use internet. Usually. Nothing comes up in browser to allow me to get through this.
By comparison. If I start Tails Linux. I can start untrusted browser. Get it to initiate internet contact by typing in 1.1.1.1. And untrusted browser will bring up web page with login button to click on. After starting connection to intermet. I turn off untrusted browser and start tor browser.
Right now I have very limited time to test what might work as I only have few minutes sitting in my car outside McDs. I do have an iPhone. But my searches have not brought up anything that tells me how to solve a problem.
Thanks for any help.
unman
Mar 25, 2020, 8:59:17 PM3/25/20
to qubes-users
equivalent of a Tails "untrusted browser".
I've found that works in these cases to enable the log in to the
network, and then you can start a Tor connection.
I dont know if this will work in McDs, but it does in Starbucks ;-)
Stay safe
scurge1tl
Mar 26, 2020, 8:10:42 AM3/26/20
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Catacombs:
Fresh install of qubes creates few DVMs. If I remember properly, one
is based on a Fedora template and one is based on Whonix template.
Mine is already adjusted so I don't remember what is the preset.
For this case,
- - open the Firefox in the Fedora-30-dvm and connect directly to the
clearnet like you usually do in Tails with unsafe browser.
- - open Tor Browser in the whonix-15-dvm and try IP Check if all works
well (it should).
Some of such connections like the one at McDs also have time limit for
connection, like 2 hours. If you used to use Tails, you will most
probably like to have your MAC address anonymized in Qubes too, as per
this guide
http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/do
c/anonymizing-your-mac-address/
Based on your MAC changer settings, you can just restart the
connection or sys- VMs and appear like a new user to continue your work.
If you are limited by time in the parking place you should most
probably consider to use something like this:
https://www.thinkpenguin.com/gnu-linux/penguin-wireless-n-usb-adapter-w-
external-antenna-gnu-linux-tpe-n150usbl
to increase the range of your wifi card and limit your exposure to the
place where you connect to the net. With 9dBi antenna you can get to
about 800m range and add an another level to your anonymity.
Fly safe!
Let us know if it works for you.
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEExlmPb5HoPUTt+CQT44JZDAWK6UwFAl58m6ZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEM2
NTk4RjZGOTFFODNENDRFREY4MjQxM0UzODI1OTBDMDU4QUU5NEMACgkQ44JZDAWK
6UzBTQ//WORq9faLpn/vy49OHREUbFUVNyzcX098rA17HnTosfUGGsvZZqSpDLXO
Sv8kNzSSv2lJbg83IAUogF68NcZFM5Vcm0J3RX89EJa8ipm0VwmDnGHn7Qb30LE/
nuudKaddivCjjLH6OF29hdvgvDcgBtWlAtWuIGHblvJ5iZnE/J6dvDDkfEnt9UPW
uD6PqeqZ7Kd5045iyYT1iD/Q1hjhx0VrqykJFjUKFIi6W+0VKlKCj/yKOSh/YcR6
tEJtTLceJ5T/luxagbnX1xjA+dRp6vaxlriuSSFzPa7720dx6VQheyGC3/oXUDL/
je6fwAav3VmIbhFGoEYT0PTms7k7I2s0IS1Oai2cxD+QrI6BBSc3TKFddWYOb33/
A1hDj56ihOIT02IZO1KyIgYN41WF+apBwJuW97ocHTRieQJOfHVB9BVir3UktQvM
R825E57iJkxouJmEGFpJSCjWD8jxIePsrNcRO+owZwdPMLkjLYndZFymaLIh1QXq
cI/BpSy28t5qpNZSdhBoQubAu9yRAUYUVlXlIWNY7HRilbeSl5buz1rIlZYUQFH6
tWSzJ6AGJSuG9GseofKQxbMMkEAjqETNLaFCCgHYcBnBDJn77wAPn5+ZEttiz70g
xJ9OQRRf2s+1VUs+ahKaCtPu9Is9C+O+puyMYcYYmKeeq47CITo=
=HeQV
-----END PGP SIGNATURE-----
Hash: SHA512
Catacombs:
is based on a Fedora template and one is based on Whonix template.
Mine is already adjusted so I don't remember what is the preset.
For this case,
- - open the Firefox in the Fedora-30-dvm and connect directly to the
clearnet like you usually do in Tails with unsafe browser.
- - open Tor Browser in the whonix-15-dvm and try IP Check if all works
well (it should).
Some of such connections like the one at McDs also have time limit for
connection, like 2 hours. If you used to use Tails, you will most
probably like to have your MAC address anonymized in Qubes too, as per
this guide
http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/do
c/anonymizing-your-mac-address/
Based on your MAC changer settings, you can just restart the
connection or sys- VMs and appear like a new user to continue your work.
If you are limited by time in the parking place you should most
probably consider to use something like this:
https://www.thinkpenguin.com/gnu-linux/penguin-wireless-n-usb-adapter-w-
external-antenna-gnu-linux-tpe-n150usbl
to increase the range of your wifi card and limit your exposure to the
place where you connect to the net. With 9dBi antenna you can get to
about 800m range and add an another level to your anonymity.
Fly safe!
Let us know if it works for you.
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEExlmPb5HoPUTt+CQT44JZDAWK6UwFAl58m6ZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEM2
NTk4RjZGOTFFODNENDRFREY4MjQxM0UzODI1OTBDMDU4QUU5NEMACgkQ44JZDAWK
6UzBTQ//WORq9faLpn/vy49OHREUbFUVNyzcX098rA17HnTosfUGGsvZZqSpDLXO
Sv8kNzSSv2lJbg83IAUogF68NcZFM5Vcm0J3RX89EJa8ipm0VwmDnGHn7Qb30LE/
nuudKaddivCjjLH6OF29hdvgvDcgBtWlAtWuIGHblvJ5iZnE/J6dvDDkfEnt9UPW
uD6PqeqZ7Kd5045iyYT1iD/Q1hjhx0VrqykJFjUKFIi6W+0VKlKCj/yKOSh/YcR6
tEJtTLceJ5T/luxagbnX1xjA+dRp6vaxlriuSSFzPa7720dx6VQheyGC3/oXUDL/
je6fwAav3VmIbhFGoEYT0PTms7k7I2s0IS1Oai2cxD+QrI6BBSc3TKFddWYOb33/
A1hDj56ihOIT02IZO1KyIgYN41WF+apBwJuW97ocHTRieQJOfHVB9BVir3UktQvM
R825E57iJkxouJmEGFpJSCjWD8jxIePsrNcRO+owZwdPMLkjLYndZFymaLIh1QXq
cI/BpSy28t5qpNZSdhBoQubAu9yRAUYUVlXlIWNY7HRilbeSl5buz1rIlZYUQFH6
tWSzJ6AGJSuG9GseofKQxbMMkEAjqETNLaFCCgHYcBnBDJn77wAPn5+ZEttiz70g
xJ9OQRRf2s+1VUs+ahKaCtPu9Is9C+O+puyMYcYYmKeeq47CITo=
=HeQV
-----END PGP SIGNATURE-----
Catacombs
Mar 26, 2020, 9:38:31 AM3/26/20
to qubes-users
Unmans suggestion worked. Actually I did not get the privacy screen. It just. Let me on. McDonalds does not have a time limit. McDs uses Suddenlink, who was fined several times for spying on uses, during the Obama. The sites are programmed by AT&T. McDs blocks free software downloads. Like Linux .isos and updates. Firefox works but will not update. Windows updates work.
When I get the chance. I will spend time trying how Qubes might be detected by ISP or public WiFi points.
Thanks for the information on how to get online.
unman
Mar 26, 2020, 10:27:39 AM3/26/20
to qubes-users
It's relatively easy to fingerprint individual qubes, and to correlate
those based on particular templates. Customising separate browsers and
using different templates, including those based on non standard OS
including BSDs, can help to mitigate this.
Of course, that *will* identify you if someone is able to inspect the
contents of dom0.
Catacombs
Mar 26, 2020, 10:43:26 AM3/26/20
to qubes-users
I will have to get some kind of WiFi antenna as well. My risk as a 70 year old diabetic with heart disease is not ending at Easter 2020. So yes. I will look at the antenna when Social Security gets paid. I will try to do my own research now that I can get online.
Reply all
Reply to author
Forward
0 new messages