hcl for qubes 4.0 or 4.0.1 is it good?
55 views
Skip to first unread message
gabia...@gmail.com
Jan 31, 2019, 5:32:03 AM1/31/19
to qubes-users
nJoy Titan 600, 600W Real Power, PFC Activ, 80 Plus Bronze
Seagate Barracuda, 2TB, 3,5'', 256MB
ASUS PRIME H270-PLUS, LGA1151, H270, TPM, M.2
Intel Core™ i5-7400, 3.00Ghz, Kaby Lake, 6MB, Socket 1151, BOX
Corsair Vengeance LPX 8GB DIMM, DDR4, 2400 MHz, CL 16, 1.2V, X2
Seagate Barracuda, 2TB, 3,5'', 256MB
ASUS PRIME H270-PLUS, LGA1151, H270, TPM, M.2
Intel Core™ i5-7400, 3.00Ghz, Kaby Lake, 6MB, Socket 1151, BOX
Corsair Vengeance LPX 8GB DIMM, DDR4, 2400 MHz, CL 16, 1.2V, X2
Foppe de Haan
Jan 31, 2019, 5:37:32 AM1/31/19
to qubes-users
Panini Panini
Jan 31, 2019, 5:45:29 AM1/31/19
to qubes-users
Zrubi
Jan 31, 2019, 5:50:20 AM1/31/19
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 1/31/19 11:45 AM, Panini Panini wrote:
> 16GB RAM doesnt work fine? and a ssd with 500gb instead of hdd will
> be more good?
16GB is fine, but the more is the better ;)
SSD is a must.
- --
Zrubi
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEmAe1Y2qfQjTIsHwdVjGlenYHFQ0FAlxS0t8ACgkQVjGlenYH
FQ3upBAApx/izY/jRjiIDxTlPlQLyJlZ8ixQ3bhE2alRPTsNsjoqRGDYUs9LIPtN
6zUxocd+OKWQha5YD83L4X5bVx32UPYveihg32eDXXfCQLSl5vqPt/76kMcODi2a
vPZOan28TqGHPBybKbo41sGEKvOdsfZASJryRkfsp1j7DMEVprsTuQHMKrtLjyvb
+OCkBdvtUv3DUap6Y2vxEhCAklSE8XsO+GHFBpim1mJliHRw9sv0NcXDb1SrkVhi
vAROGSv5qVfucelQfUSpZhBMyl0ivuWaVjqEDwWloGMFXtzA0WZgVKfMUpVGQ83Y
hEaByR9DTe4WtrWBUx7Zpcme2oBGOmFmEiDG3NBWtrt7V7vf8V222hNl/d6M0aX4
RauWy6+2BoNj5Cig7O4tfyZ8be3+xKpSRh97vhoW041jvVQyhuYkOM3S93VTgDDd
WfvlWZZZfGa8YzONNCSE7k/kFEVPQnyB9TkY343xLhQT8af7zeYyesKCm+3aVhtR
x/e58QeKmx1yBxIWM5Ww50jqXqiQDuZHB96Grzr3Hz4Y7FmEbpgCd+g5B4wIuKX+
iDfYTIEtEdIUjXwFcYRC5q4v8mamiU26X7VoQ6WGw0WK+jN2BAy6xnEHh14Ads/+
ncZOzv7p//SxfkdZ0e36X6GsVgDFV8Tslzx7p31tuKmbL+JX7AM=
=J6+L
-----END PGP SIGNATURE-----
Hash: SHA256
On 1/31/19 11:45 AM, Panini Panini wrote:
> 16GB RAM doesnt work fine? and a ssd with 500gb instead of hdd will
> be more good?
SSD is a must.
- --
Zrubi
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEmAe1Y2qfQjTIsHwdVjGlenYHFQ0FAlxS0t8ACgkQVjGlenYH
FQ3upBAApx/izY/jRjiIDxTlPlQLyJlZ8ixQ3bhE2alRPTsNsjoqRGDYUs9LIPtN
6zUxocd+OKWQha5YD83L4X5bVx32UPYveihg32eDXXfCQLSl5vqPt/76kMcODi2a
vPZOan28TqGHPBybKbo41sGEKvOdsfZASJryRkfsp1j7DMEVprsTuQHMKrtLjyvb
+OCkBdvtUv3DUap6Y2vxEhCAklSE8XsO+GHFBpim1mJliHRw9sv0NcXDb1SrkVhi
vAROGSv5qVfucelQfUSpZhBMyl0ivuWaVjqEDwWloGMFXtzA0WZgVKfMUpVGQ83Y
hEaByR9DTe4WtrWBUx7Zpcme2oBGOmFmEiDG3NBWtrt7V7vf8V222hNl/d6M0aX4
RauWy6+2BoNj5Cig7O4tfyZ8be3+xKpSRh97vhoW041jvVQyhuYkOM3S93VTgDDd
WfvlWZZZfGa8YzONNCSE7k/kFEVPQnyB9TkY343xLhQT8af7zeYyesKCm+3aVhtR
x/e58QeKmx1yBxIWM5Ww50jqXqiQDuZHB96Grzr3Hz4Y7FmEbpgCd+g5B4wIuKX+
iDfYTIEtEdIUjXwFcYRC5q4v8mamiU26X7VoQ6WGw0WK+jN2BAy6xnEHh14Ads/+
ncZOzv7p//SxfkdZ0e36X6GsVgDFV8Tslzx7p31tuKmbL+JX7AM=
=J6+L
-----END PGP SIGNATURE-----
Panini Panini
Jan 31, 2019, 5:53:45 AM1/31/19
to qubes-users
joi, 31 ianuarie 2019, 02:32:03 UTC-8, Panini Panini a scris:
Foppe de Haan
Jan 31, 2019, 6:34:24 AM1/31/19
to qubes-users
unman
Jan 31, 2019, 9:32:54 AM1/31/19
to qubes...@googlegroups.com
SSD is better, but not a must.
Zrubi
Jan 31, 2019, 1:12:15 PM1/31/19
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
On 1/31/19 3:32 PM, unman wrote:
> I know many people using Qubes 4 with 12GB and HDD, without
> issues. SSD is better, but not a must.
Technically you are right.
> I know many people using Qubes 4 with 12GB and HDD, without
> issues. SSD is better, but not a must.
In practice, the user experience (HDD vs SSD) is not even comparable.
The price difference is is also not an issue, totally worth it.
I would say: today, a newly built desktop PC without SSD is a bad
decision. Even if running a conventional OS.
- --
Zrubi
-----BEGIN PGP SIGNATURE-----
FQ1yRw//QTFl0okHoR54aqSj88RZKEIbJ1Jn5UCYF3so48uabCgNJaWvtbyRreWj
1dGUV+OsmtVjAC9XP+WA8LPTmraIdjvicrDdY7ulWKxvqRvvxOj7aFxLCOmF4vHU
3Wf/xDY5pu83lHorAafx30qLuWeyXVF2P1bhYNGmrzmcNCkRojicPJwcp5fTs5BX
FDTt8cdq5TrOLU7mAPo4gffSIZBr3Q32Nx/csGhvI/C9Rk7yZYvl+pm7jVxEh+cJ
E1O5TK5jfzXzP3EfgU0FXLFowJRo0Dew/McooFWEJWRpmMr+vHGxBc0reXkRXvQC
nLnj71sfMFNbHbvDTENMOp4zCkVSpvJjXooO6wrGztFWavK9EOt/OiX0NhoUcu2r
CDqLjVHT/YU2IGEbBeHmWhfUFD6eD1cieXOj9XORosjL2Lqss+ffKRzeFuiYBe9q
6pJon2yBaEVw7XE7oLPIR2WoFZnZD9TS00FnqT/qpvB7e+M2sl6dz6fywYN5qDof
eYYes110Hl1jPmElThD14iGqxWY66V9s+6ByD5xF3oyN5UdFZnjKVsxWc4zcioh1
zshRYCeGaasMRoKilWr5eFSrj+LtJpVdo3tkJT+1wz85O5ywO8vOwn9lFOts+0a6
2YFM4aXzU5iRJDB8X4TY8w7wtjGDRLYHd+DBhBd9Gmv9v3bFDcM=
=3i2s
-----END PGP SIGNATURE-----
Stuart Perkins
Jan 31, 2019, 2:06:15 PM1/31/19
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
On Thu, 31 Jan 2019 19:12:09 +0100
Zrubi <ma...@zrubi.hu> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA256
>
>On 1/31/19 3:32 PM, unman wrote:
>> I know many people using Qubes 4 with 12GB and HDD, without
>> issues. SSD is better, but not a must.
>
>Technically you are right.
>
>In practice, the user experience (HDD vs SSD) is not even comparable.
>The price difference is is also not an issue, totally worth it.
>
>I would say: today, a newly built desktop PC without SSD is a bad
>decision. Even if running a conventional OS.
>
Obviously, we are dealing with competing needs here. The overall need for security AND the need for "speed". Obviously, Qubes is a fairly resource intensive approach to security, which is acceptable as far as I'm concerned.
Zrubi <ma...@zrubi.hu> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA256
>
>On 1/31/19 3:32 PM, unman wrote:
>> I know many people using Qubes 4 with 12GB and HDD, without
>> issues. SSD is better, but not a must.
>
>Technically you are right.
>
>In practice, the user experience (HDD vs SSD) is not even comparable.
>The price difference is is also not an issue, totally worth it.
>
>I would say: today, a newly built desktop PC without SSD is a bad
>decision. Even if running a conventional OS.
>
I am still using Qubes 3.2 for now. I have a mixed machine...Lenovo T520 (coreboot...ME disabled...one of the last ones where this is easy), 160G SSD 2TB HDD, 16GB Ram. It works quite well.
I'm about to move to Qubes 4...
The SSD is encrypted and boot/main OS/dom0 drive, with the templates on the encrypted SSD but with some VM images kept on the HDD due to size. I have almost filled up the HDD, so I'm a bit of a disk hog.
Even though the HDD is not itself encrypted, critical data is kept in encrypted containers on the appVM's with the key on a memory card. Scripts in Dom0 mount the block device of the memory card to an appVM, then call a script on the appVM to mount the block device and decrypt the container using the key, then mount the container locally and unmount the key device. All I do is remove the key card and stop the appVM's (or just unmount the encrypted containers) for the first level of "security"...when I'm away from my desk for a while, and don't trust the screen lock to be adequate (haha...does anyone trust it, even though they finally updated it for XFCE4?).
A full shutdown then requires a valid decryption phrase just to boot up AND the key card to get to the important stuff...plus my machine is rarely out of my sight.
It may seem a bit overkill to some, but since I work with HR data a lot and sometimes have local copies of sensitive information (I try not to, but sometimes tools on my machine make my work MUCH more efficient than just using what my client has available),
The stories of a stolen laptop compromising PI data (Personal Identification...SSN's etc...) abound. I consider this a minimal security scheme primarily due to the information I have access to and the possibility...no matter how remote...of me being lax at the wrong time and someone walking off with my laptop.
I also VPN to my home system where I run an openVPN server whenever I gather e-mails via pop access with my local client (especially the gmail ones, since gmail likes to block access from unknown ip's...which is a royal pain for a road warrior) or do certain other stuff. I have the VPN setup on my mail appVM and on sys-firewall, and can run it for just the e-mails or for everything (except tor) as desired.
I plan to continue with this scheme when I go to Qubes 4, except I may also encrypt the HDD...I just need to find enough space to put everything in the meantime. :)
Stuart
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEg3cTCwPFs8wewas+M1E7j4SmKVQFAlxTRyAACgkQM1E7j4Sm
KVTOcQf/fodRbzgDBvCBx3Jde8RzyoZI8Eq9eBO+X5nsm+VQT1/dR4M5PRL/VO+t
dECwen3uNJ6KWGFrZdGsSiV7+BrXhHUl9fb1Xpw+7IWSVsnVav+rPlWiw1pfju60
QlQVlx1lYyJPoTgxGm8yTSPCuEVz2wGG3/K2LANhVWVsHBzyXzT5474EPhQlVI0G
zBZymmxqFWVMhWr8N1lyK6E6hbWjlrDV7IKCFGxV874lFhuZeJKJ2AkZTIoWaCuP
PamOIhWEkGCHCv8so6XLLMPW7UwpbPRakJ41yGfUd/H0aZFdOks4P+wZoOrARz1j
cK7UBH1T0v2r3uhv8+A8qxze8AoQCg==
=F4qb
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages