Qubes better dove tailed for Journalists, and Human Rights Workers.

[Catacombs]

To be clear, the folks who have put together and developed QUBE's have done a fantastic job.  A great accomplishment.  

I bet this has been discussed before.   Much of what I have experienced is that QUBE's users should be more like techy geeky people.  A Journalist or a Human Rights investigator, I think are more comfortable with ease of use, not secure. 

So, I bet this has been talked about before.  As I was doing the upgrade to Fedora 31, I realized a Journalist is not likely to be very happy doing that.  After that, I had to search to find a Text Editor, (Gedit is what I used)  A Journalist would expect that the things he/she does all the time would be right there, ready for use.   I would think a Journalist would have 12 different ongoing projects, which he might realize should be in separate QUBE's, and might not have the presence of memory to realize what to save, where, something an investigator would need to do often.   I would think the investigator might not realize to create a number of encrypted partitions, to further protect information distinct to a particular, specific investigation.

Then I tried to watch a Video.   Gee guys, a Journalist just expects this stuff to work.  I , on the other hand, am concerned our mythical investigator not realizing the possible security implications of opening what kind of app, when.

It is not my intention to provide a list of things to put in the basic OS for an Investigator who is not what I would term, a techno geek, nor who does not want to be.  It is to find out what has been discussed in the past about this subject, and for some of you, who are more experienced with QUBE's, and investigators, to put that list together, and perhaps build that list into the basic Install of QUBE's.  

Once again, I deeply respect what the QUBE's developers have accomplished.  So this is not intended as a criticism of the folks who have put in thousands of hours getting this project to this point.  Thank you for what you have done. 

Tech people do not think like Journalists of Human Rights Workers, nor vice versa.

[Sven Semmler]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Fri, May 08, 2020 at 04:12:57PM -0700, Catacombs wrote:
> It is not my intention to provide a list of things to put in the basic OS
> for an Investigator who is not what I would term, a techno geek, nor who
> does not want to be. It is to find out what has been discussed in the past
> about this subject, and for some of you, who are more experienced with
> QUBE's, and investigators, to put that list together, and perhaps build
> that list into the basic Install of QUBE's.

Hi Catacombs,

your points are valid. One thing I am aware of is the the Freedom of the
Press Foundation is using Qubes and that there is at least one UX
designer thinking about usability and contributing actively to Qubes.
You will see these improvement over time.

Another thing all of us "techno geeks" can do in the meantime is to
monitor this mailing list and maybe even the IRC channel and help as
many users as possible.

I think the standard Fedora template has a pretty solid list of default
apps installed. But for sure there could be more tutorial style videos,
better documentation, maybe even tailored templates. I don't know what a
Journalist needs - do you?

To some degree I think the core Qubes team wants to stay out of the
'what should be included in the default template' discussion as there
are as many opinions as discussion participants. There is even an FAQ
entry about it: https://www.qubes-os.org/faq/#could-you-please-make-my-preference-the-default

I understand this is not exactly what you asked for and a GUI text
editor and a video player are pretty standard things. I am surprised
they weren't there.

/Sven

- --
public key: https://www.svensemmler.org/0x8F541FB6.asc
fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl61/b8ACgkQ2m4We49U
H7baJRAAzA5NDa4qPS239PdTIEWdiXA7UZAKjSVr1CwP+I0p1RI0l4X9mmrOp5Yx
x69h/ZyY3CVSXI6coFd/XEAH61MXgAlRwMY5erMz+BHss0lDIdFQkyf5Ybsa77Sm
lgZNrvvTqn3KJ9RFkpG8HocrTw7c3sFyESD8gvy504rUtCyk5H+WcJ5piobUKCIP
N7DBgx0WCuynej99IudT6hW+uPHUNgnXspDmZhpGjxQxnD04NgKY+kHzlXRSBHuB
+OcRM4+vgym3jHRhl8owwquGgxdVePJSLqNNmstOpp57s/hOWGaPwPqIWcAwOcz9
KFHOcPNw0+hDD/Y413iVTpFH/0pV1OIFpR5vm+kBaYFYX6dzfK78+dO1r9XFgpf5
mzViYWFOU6di6jJBuHPAy1bBVVI08ahKtjd7xd+OFgI3MYmKr7MxabAYAGXd8bAM
F2j+x1sBTlUaf9ooRbG6M+4HkoQGszmTIwGKEclYNfak6B6EXTM5vN9404yxDn0Y
uXFPcsML7ZJGnqvhXfIQi/ZxgxiPY89qSz4jfT1Rt4mP8aDXEi+bmfwv2giSJn4T
tAcBbfp5NMiAmJPkUG6xuQWaAFPNHGXz52pL5BeFbwqVwMjbMdaeC8DeEwqsTdM2
oCyyNOUX+lu6ZSvf+FcdccSc6NuwE6rHzwoVo7ZizjSVLynZS0Q=
=+hMy
-----END PGP SIGNATURE-----

[Logan]

Hi Catacombs,

This is an important topic. It actually is my intention to come up with
a list of tweaks that a less tech-savvy journalist could benefit from.

I am not versed in customizing or automating Linux installs via scripts,
but a motivated designer could engineer such a tool for a more visually
appealing turn-key installation that is closer to "just works" than the
"hack it to perfection" experience most of us have had with Qubes.

The matter exists that Qubes is a completely different way of computing,
though. A structured training program may be beneficial to these groups.

If an organization or group were created to promote the use of Qubes and
provide custom tools and training to journalists this could be quite a
benefit to the community as a whole.

What would it take to get a working group together for this? I'm
definitely interested in working on something like it.

Logan

[Insurgo Technologies Libres / Open Technologies]

There is a ticket opened on qubes for personas. Time to poke and make Freedom Of Press foundation into this. And tailor salt recipes to be deployed for those personas.

My 2 cents

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.

[Logan]

Cool. I am aware that FPF does training for journalists, but not to what extent. I will reach out to them to see what is already being provided.

In the meantime, I will do my homework on salt to see if I can contribute.

Logan

[pixel fairy]

You should look up Micah Lee. He's a journalist and programmer with a strong interest in privacy. Here is his yt https://www.youtube.com/channel/UCOslhuBKMmHrk_iHc0rgYuw

[Steve Coleman]

On Fri, May 8, 2020 at 7:13 PM Catacombs <ggg...@gmail.com> wrote:

A Journalist or a Human Rights investigator, I think are more comfortable with ease of use, not secure. 

 

There is always a trade-off between security and usability for sure. One trade-off for the non geek users is to enable networking in the software template so that you can run the "Software" application to pick and choose your required desktop applications.  The journalist may not know how to use DNF at the command line but the Software installer will clearly let them pick and choose from several decent word processors. If only the Software application used the same proxy method to search the repository for packages then turning on the networking would not be necessary. The average desktop user would have a much easier time installing what they need.

The main thing for them to *not do* is to run any applications in the template VM itself. Never test things in the template unless you absolutely need to pre-configure something, and if so, do it with networking turned off if you have that choice. Clearly this is not easy for a non-geek, but it can be made a little easier.

So, I bet this has been talked about before.  As I was doing the upgrade to Fedora 31, I realized a Journalist is not likely to be very happy doing that.  After that, I had to search to find a Text Editor, (Gedit is what I used)  A Journalist would expect that the things

LibreOffice is what you want for journalists.

Then I tried to watch a Video.   Gee guys, a Journalist just expects this stuff to work.  I , on the other hand, am concerned our mythical investigator not realizing the possible security implications of opening what kind of app, when.

If you enable rpmfusion repos you will be able to access more video codecs, but again that is a security trade-off.

What you can do is have one template with all the DRMed codecs providing for one or two AppVMs or DVMs that can run the videos, while keeping the remaining AppVMs for investigations more secure without all the extra risky additions. You just have to train them how to open the video URLs in one of the special VMs.

Tech people do not think like Journalists of Human Rights Workers, nor vice versa.

Perhaps not, but very likely we are trainable.  

[Catacombs]

Which side are you. Techi Geek type? Or some type Investigator?

[dono...@unseen.is]

There are some that are both tech and investigators. I personally found Qubes to be a solution I wish I had found long before I did. In fact, for me it was easier to move from Windows (and DOS before that) to Linux as my primary work environment via Qubes rather than just a standalone linux box or VM because it provided two solutions in one  - move away from Windows and provide multiple more secure and isolated environments for my work. The technology landscape and associated threat vectors are very fluid and Qubes is part of the foundation for dealing with that. I even go so far as to suggest that Qubes should actually be the default OS for any computer user, but that is unrealistic of course.

I cringe at the occasional post that suggests or implies that Qubes is difficult. My background is almost exclusively M$ with the odd *nix appliance thrown in, hardly the foundation for moving essentially cold-turkey to Qubes that, for me, is based on an unfamiliar hypervisor and linux vms. It is a tool, albeit one that is a bit specialized to emphasize security. And like any tool, you have to learn how to use it to maximize its intended purpose. It's not rocket surgery or brain science, but it's also not a toaster. That said, I personally feel that moving to LibreOffice and Thunderbird in the Windows environment many years ago made the transition much easier and more familiar. My prior profession also required that I maintain some level of proficiency at the command/terminal prompt. That can be a big hurdle for people considering the transition to Qubes from Windows. That said, I still struggle with some tasks in Linux for which I have not developed any "muscle memory" for - yet. But it gets easier daily.

I see a lot of posters attempting to use Qubes in much the same manner as they might a standalone box and sometimes with less than sterling results. All of that adds to the knowledge base of Qubes, but everything that I have read tells me that being a reasonably secure OS on a computer in a connected, information-centric production environment (as in, making a living) is the primary purpose for its creation. It serves that purpose well in my view. It'll likely not be a gaming box, a screaming video or CAD rendering beast or even support bleeding-edge hardware.

Qubes is a serious tool in the very serious and uncompromising world where the bar for what is considered dangerous information is lowered on a daily basis.

[Mark Fernandes]

On Saturday, 9 May 2020 22:03:15 UTC+1, Steve Coleman wrote:

On Fri, May 8, 2020 at 7:13 PM Catacombs <ggg...@gmail.com> wrote:

A Journalist or a Human Rights investigator, I think are more comfortable with ease of use, not secure. 

 

There is always a trade-off between security and usability for sure.  .....

I'll just throw-in my two-cents slightly-tangential opinion regarding Qube's usability.

I often say about my Chromebook, is that it might not be able to do as much as you can with a conventional PC, but what it does do, it does well. I think that kind of mindset is important when thinking about Qubes. If it's hard to do networking, or play videos, then maybe that should be tolerated, in light of it being able to do its other functions pretty well. Sometimes we have to work or think around problems, rather than thinking things like, I need to use my 3D-optimised hardware under Qubes, so Qubes must be further developed to cater for that.

Anyway, that's just my contributed opinion.

Kind regards,

Mark Fernandes

[Chris Laprise]

Since protecting otherwise naive users is the topic, I would suggest
making a much simpler choice which is to use Debian. That will get you
codec support without messing with repo configs, and the user will have
an OS that is thoroughly tested and stabilized (i.e. meant for
production environments) and properly protected against MITM during
updates the way Fedora is not.

>
> What you can do is have one template with all the DRMed codecs providing
> for one or two AppVMs or DVMs that can run the videos, while keeping the
> remaining AppVMs for investigations more secure without all the extra
> risky additions. You just have to train them how to open the video URLs
> in one of the special VMs.
>
>
> Tech people do not think like Journalists of Human Rights Workers,
> nor vice versa.
>
>
> Perhaps not, but very likely we are trainable.

--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886

[Chris Laprise]

I tend to agree with this assessment of Qubes. I think more techies
adopt it bc they understand what Qubes is doing for them under the hood.
But otherwise its still a pretty friendly environment that presents its
biggest challenges at install time.

Two of the biggest Qubes pitfalls are the template upgrade snafus (as
originally described) and lack of access to AppVM internal configuration
which is never presented in the menu by default.

>
> I see a lot of posters attempting to use Qubes in much the same manner
> as they might a standalone box and sometimes with less than sterling
> results. All of that adds to the knowledge base of Qubes, but everything
> that I have read tells me that being a reasonably secure OS on a
> computer in a connected, information-centric production environment (as
> in, making a living) is the primary purpose for its creation. It serves
> that purpose well in my view. It'll likely not be a gaming box, a
> screaming video or CAD rendering beast or even support bleeding-edge
> hardware.
>
> Qubes is a serious tool in the very serious and uncompromising world
> where the bar for what is considered dangerous information is lowered on
> a daily basis.