I've been using Qubes-OS since R2, and I would like to start using the development build so I can try and do some testing for some unikernel and mirage-based security stuff I want to implement.
Can someone tell me where I can get the files? Any tips or hints when it comes to running the latest build?
Hope someon can help me get it.
P.S.
How long before the first rc will be released? This shouldnt be much longer right?
Could someone give me a detailed explanation how I should build the most recent R4.0 iso, with the most up to date dom0 and vm builds?
R4 Will be fedora-23 based for dom0 right? Will I be able to use this build for day to day working in its current state? Or is it still too early?
I would also like to know what choices have been made regarding pvhvm or hvmlite as the main virtualization architecture?
Is the fedora build the most complete? Or would debian have any benefits over fedora?
What parameters should I pick? Version r4.0.0, with dev. Testing or something ? What about unstable vs security-testing?
Hope someone can explain how I can build myself a good r4.0 iso.
How long before hvm with pv stubs is implemented? Or is this one already in, and only pvh2 missing?
How long before gui management tools are ready? Are all the terminal management tools working? If so, I dont care, I could use some practice with the management commands in the terminal :).
By the way, I have a pgp-card, (Nitrokey) that I would like to use for security on my build. Any tips for how to best use one for solid full disk encryption? What storage layout should I use on a SSD with full disk crypto, for optimal security, and prefent evil maid attacks? I was wondering about if it would be possible to encrypt the whole disk, including boot? Or save boot on my nitrokey, and encrypt it, (grub encrypt) so thr usb gives the bootloader, the encryption password, the authentication over pgp, and maybe some more security certificates that are required for accessing the O.S.
The main thing I want to prevent is people tampering with my bootfiles to have a keylogger or something installed, or prevent people logging in using a password obtained with a hidden camera. I want my (disk encryption) security to be real 2 factor security requiring atleast my nitrokey, personal password, and if possible maybe a third factor to be able yo log in to my system, or even be able to unlock my filesystem.
Also,
What about the Tresor mod which saves your encryption key in the cpu? I really like the idea of being able to prevent people frm extracting the key from my ram. Any other tips for security ?
Thanks!
we don't consider this to be a security risk of any kind due to the way dom0 is isolated from domUs:
Does using older and potentially EOL distros for Dom0 leave it with out dated software that can be beneficial to users? e.g. Updated XFCE will always bring improvements for like with dual monitor setups and other fixes better support for HiDPI monitoers. With out these it seem to me that it means Qubes support gets relegated to older hardware with out fancy features.
Should user experience also be considered for major releases?
Same here, the error is:
No valid signed tag found!
Makefile:187: recipe for target 'core-libvirt.get-sources' failed
Should user experience also be considered for major releases?
Yes, but we simply don't have the workforce at this point. Higher priority tasks consume all available developer bandwidth.
The user experience or even hardware support is an important one. If people can't use it, Qubes is doing to languish in some obscurity, should more developers be brought on?
I know that is a matter of money or someone being generous with time but funding should be a possible route (ccing Michael Carbone) but I am sure hard work to gain or even applying for some like Google Summer of Code.
Hello? Can someone please give me an update on this topic? I would really like to build 4.0 ...