Obtaining genuine Qubos installer

[Mark Fernandes]

I want to get a genuine copy of Qubos, from here in the UK (United Kingdom).

The only way described on the Quebos website at present, appears to be to download the ISO.

I have the classic security problem described on the website, where not having a trust-worthy machine, means that I have a never-ending chain of trust issues for each machine that I use in the obtaining of the software.

I suggest that the hyper-linked web-page above, be updated to provide further guidance as to how to ensure you have a genuine copy of the Qubos software. Also, can anyone in this news group provide any such guidance for myself (and others?)

(Solely) some thoughts on how to help ensure possession of a genuine copy of Quebos:

1. If Quebos is distributed through PC magazine DVDs, users can purchase a few copies of a particular magazine having such a DVD, at random, from different stores, in widely different locations (different counties, etc.) Users can then compare the copies to make sure they are identical.
2. Purchase Quebos from a randomly chosen big PC store, that has perhaps 100 copies of the software on its shelves, on a day picked at random, by selecting one of the copies at random from the shelves.
3. If a user believes they are being tracked, what they can do, is schedule in their mind (or otherwise), to make such a purchase over the next few months, and then when they are doing some activity (for example visiting a friend in the city), they can just as an aside go and purchase a copy of the software.
4. Purchase the Quebos software from an online retailer, that uses special tamper-evident packaging, and then compare the copy obtained in this way, with software downloaded from the Quebos website.
5. Obtain software in several ways, then compare copies to make sure they're identical.

Thanks,

Mark Fernandes

#installation #installer #media #DVD #ISO #tamper #genuine #intercept #man-in-the-middle-attack #MITM

[Mark Fernandes]

On Thu, 5 Mar 2020 at 13:30, Mike Keehan <mi...@keehan.net> wrote:

On 3/5/20 12:31 PM, Mark Fernandes wrote:
> I want to get a genuine copy of Qubos, from here in the UK (United Kingdom).
>
> The only way described on the Quebos website at present, appears to be
> to download the ISO.
>
> I have the classic security problem described on the website

> <https://www.qubes-os.org/doc/install-security/>, where not having a

> trust-worthy machine, means that I have a never-ending chain of trust
> issues for each machine that I use in the obtaining of the software.
>
> I suggest that the hyper-linked web-page above, be updated to provide
> further guidance as to how to ensure you have a genuine copy of the

> Qubos software. *_Also, can anyone in this news group provide any such
> guidance for myself (and others?)_*

>
>
>
>     (Solely) some thoughts on how to help ensure possession of a genuine
>     copy of Quebos:
>

>      1. If Quebos is distributed through PC magazine DVDs, users can

>         purchase a few copies of a particular magazine having such a
>         DVD, at random, from different stores, in widely different
>         locations (different counties, etc.) Users can then compare the
>         copies to make sure they are identical.

>      2. Purchase Quebos from a randomly chosen big PC store, that has

>         perhaps 100 copies of the software on its shelves, on a day
>         picked at random, by selecting one of the copies at random from
>         the shelves.

>      3. If a user believes they are being tracked, what they can do, is

>         schedule in their mind (or otherwise), to make such a purchase
>         over the next few months, and then when they are doing some
>         activity (for example visiting a friend in the city), they can
>         just as an aside go and purchase a copy of the software.

>      4. Purchase the Quebos software from an online retailer, that uses
>         special tamper-evident packaging <https://www.jwproducts.co.uk>,

>         and then compare the copy obtained in this way, with software
>         downloaded from the Quebos website.

>      5. Obtain software in several ways, then compare copies to make

>         sure they're identical.
>
>
>
> Thanks,
>
>
> Mark Fernandes
>
>

Have you read the documentation at
https://www.qubes-os.org/doc/installation-guide/ ??

 

I previously skim read what appeared to be the relevant parts from the guide. Just now, I read from the beginning till the following text in the guide:

Once the ISO has been verified as authentic, you should...

The text after that point appears to be irrelevant.

The only thing relevant to this topic in the guide, appears to be the information on verifying signatures (which is of course standard practice). In reading information on the Quebos website, there was implicit mention that users may be operating under oppressive regimes/circumstances. With this in mind, I just feel that more guidance is needed on how to obtain authentic copies of the Quebos software. I've hinted at some ideas as to how to do this, in my starting post for this topic.

Thanks,

Mark Fernandes

[dhorf-hfre...@hashmail.org]

could you please try to at least spell the name right?
this is giving my inner monk a headache...

On Thu, Mar 05, 2020 at 02:40:18PM +0000, Mark Fernandes wrote:

> The only thing relevant to this topic in the guide, appears to be the
> information on verifying signatures (which is of course standard practice).

...

> authentic copies of the Quebos software. I've hinted at some ideas as to
> how to do this, in my starting post for this topic.

actualy, not the impression i am getting.
if you knew how to verify a signature and what that means, pretty
much all the "ideas" you listed would be obviously useless.

as in, to "verify the installer/iso", all you need is to verify the
signature: https://www.qubes-os.org/security/verifying-signatures/

that reduces the actual problem to "how to get/verify the qubes master
key", for which suggestions are on that page, and which in general
is a lot easier than trying to verify some multi-GB monster.

for a lot of additional confirmations of the master key, you can
use a searchengine, with/without tor, from different ISPs,
ask in different chats, look at presentation slides/videos ....

[Mike Keehan]

> /Once the ISO has been verified as authentic, you should.../

>
>
> The text after that point appears to be irrelevant.
>
> The only thing relevant to this topic in the guide, appears to be the
> information on verifying signatures (which is of course standard
> practice). In reading information on the Quebos website, there was
> implicit mention that users may be operating under oppressive
> regimes/circumstances. With this in mind, I just feel that more guidance
> is needed on how to obtain authentic copies of the Quebos software. I've
> hinted at some ideas as to how to do this, in my starting post for this
> topic.
>
>
> Thanks,
>
>
> Mark Fernandes
>

And did you thoroughly read the linked "our guide on verifying
signatures" page?

https://www.qubes-os.org/security/verifying-signatures/

It shows you how to verify that the ISO you download was actually
created by the Qubes OS team. (Quebos is not correct the spelling!).

Mike.

[Mark Fernandes]

Hello all,

Firstly, apologies for misspelling Qubes OS (the word is strange, which is probably why I've been getting confused..)

So if your computer has been compromised, the methods you suggest may be useless. It doesn't matter whether you use search engines, chat rooms, different ISPs, etc. to get the keys, in the scenario that some intruder has control of your machine so that they replace every single instance of the key you download with their own key matching the tampered-with software.

Another plausible scenario, is that of the Chinese government controlling the internet of their citizens, where such an entity (without taking control of a computer), makes sure that only compromised software and keys are available to their internet users in China.

I'd like to point out that I have verified signatures before, and am aware of their significance. Signatures also don't appear to be full-proof, in the sense that it seems two different files may produce the same signature. I concede that I don't know the full extent to which that is an issue. I'm posting to this newsgroup to get the views of others.

As to my thoughts on possible ways to ensure one obtains an authentic copy of the software, whilst I'm not a security specialist (by any means), my thoughts have been developed over several years in light of needing computer security when working as a self-employed individual, and I should add that I work in software development.

Thanks,

Mark Fernandes

   

[dhorf-hfre...@hashmail.org]

On Thu, Mar 05, 2020 at 03:30:26PM +0000, Mark Fernandes wrote:

> So if your computer has been compromised, the methods you suggest may be

if your computer has been compromised to the point where
you dont trust it to verify a signature, you need a new
computer to install qubes on.

once you have a computer you trust enough to install qubes on,
you can use it to verify the signature.

[Mark Fernandes]

Well that's an idea. But still what if the software you are being 'fed' is all tampered software, so that after replacing the computer, as soon as you use software, you are compromised again? 

Purchasing a new computer can also be expensive, and still in any case, you might find that any software pre-installed on it may have already been compromised.

Eg. suppose you are a person like Edward Snowden, and that you are a targeted individual. Then such intensive manipulation is perhaps entirely plausible.

Thanks,

Mark Fernandes

 

 

[dhorf-hfre...@hashmail.org]

On Thu, Mar 05, 2020 at 03:56:55PM +0000, Mark Fernandes wrote:
> Well that's an idea. But still what if the software you are being 'fed' is
> all tampered software, so that after replacing the computer, as soon as you
> use software, you are compromised again?
> Purchasing a new computer can also be expensive, and still in any case, you
> might find that any software pre-installed on it may have already been
> compromised.

welcome to "supply chain security is hard".
please have a seat next to that person posting here in the last days
how he doesnt trust chips from china...

the end result is still:
as long as you dont have a computer you trust, the whole rest
of this is pointless.
if you have a computer you trust, verifying a signature is a lot
more useful than variations of "i bought it in a shop while wearing
a fake beard, so it is certainly legit".
(which applies to the hardware too!)

and the point of using different sources of info on the master key
is that an attacker who wants to fool you has to intercept every
single one of them. if he misses even one, the game is off.
and getting the master key fingerprint from many different
directions/sources seems a lot more realistic than doing the same
for an iso image...

and you dont have to trust any one of these sources, but if you
add up enough of these untrusted sources, you can still trust
the end result as long as your threat model doesnt include every
single of the sources conspiring against you, or being compromised
by the same attacker...

> Eg. suppose you are a person like Edward Snowden, and that you are a
> targeted individual. Then such intensive manipulation is perhaps entirely
> plausible.

i am reasonably sure you are not ed snowden.
(if you are: sorry. i assumed ed snowden to know what a hash and
signature are.)

but here is another headache:
(warning: nerd-sniping and messing-with-tinfoilhats ahead)

you are of course right that checking hashsums or signatures isnt
100% safe. what if there are alien quantum computers involved.

lets run numbers, the "basic math" kind:
the qubes 4.0.3 iso is 38646317056 bits in size.
the signature is against a 256 bit hash (over 1056 bits of intermediate
hashes plus some metadata).

so there are about 2**38646316800 different iso images of the same size
that will match this signature. or 2**38646316000 to match the intermediate
hashes so you wouldnt have to bother faking the sigfile.
thats close enough to "infinitely many" for me to not actualy calculate it.
(hint: thats several times the estimated number of atoms in the universe)

wait. who said the evil iso has to be the same size?! no one.
so, aeh, there are infinite amounts of infinite piles of iso
images that all match this signature!

but probably even edward snowden is ok with a reasonably sized signature.
because else we might as well just toss this whole internet
and computer thing out the window.


(and do i double down now or wait for the likely next round to mention that
the qubes master key might be considered compromised because the qubes
team never planned for having a senior member leave the team... *coughs* ;)


please dont get me wrong, critical thinking is good, but its also
important to stay somewhat reasonable about your threat model, because
once you get stuck worrying about class 4+ picotech perversions, you
wont get much done anymore...

[Chris Laprise]

On 3/5/20 7:31 AM, Mark Fernandes wrote:
> I want to get a genuine copy of Qubos, from here in the UK (United Kingdom).
>
> The only way described on the Quebos website at present, appears to be
> to download the ISO.
>
> I have the classic security problem described on the website

> <https://www.qubes-os.org/doc/install-security/>, where not having a

> trust-worthy machine, means that I have a never-ending chain of trust
> issues for each machine that I use in the obtaining of the software.

Many of us work with a threat model that assumes at least some computers
available by retail are not compromised "out of the box", or else if
compromised then not at the BIOS/UEFI firmware level. For this model,
verifying the Qubes ISO with gpg is acceptable.

You can also qualify the model somewhat and say that an attacker cannot
successfully infect all of your (hopefully diverse) computers, so that
makes checking a signature on several different computers a form of
reassurance.

OTOH, you may have decided to discard the above threat model because of
some intent or capability known to you. In that case, I think the Qubes
community has only two answers: Find a trusted service that can flash a
known good/uncompromised firmware suite onto one of your machines, or
find a system vendor like Insurgo or NitroKey that sell re-flashed
systems and uses anti-interception measures (like tamper-evident
packaging and signatures) in addition to offering Qubes pre-installed.

--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886

[Mark Fernandes]

I know what signatures and hashes are. I've just never needed to be so bothered with them for my activities.  I studied Computer Science at degree level....

I was recently hacked and this is why I'm so concerned about my security. I'd rather over-kill than under-kill at the moment, because later on, I'd rather not have to worry about security.

Given that the operating system is such a fundamental aspect of conducting computing activities, I hardly consider it painless at all, to compare ISO images. I have no idea where you get the idea that doing so is difficult?

From what you have elaborated concerning signatures, you just give further reason to have concerns over trusting signatures. With sufficient computing power, sufficient time, it just seems absolutely reasonable to be able to re-hack an OS image so that it produces the same signature but also contains a security vulnerability. Or am I not enough informed (which I admit might be the case)?

By the way, I consider that I am being completely reasonable with my threat model, whilst also employing critical thinking. How hard is it to go to a large PC store, and pick at random one Linux distribution, to take home, to better ensure you have system integrity? As said above, the OS is very important, and it's not as though people tend to install their OS frequently.

I don't know what you mean about picotech, but I'm guessing you're probably referring to hardware or devices happening on the picometre level? I haven't said anything about such threats..... but if they are reasonably plausible (which may be the case), then perhaps certain individuals should consider them. The diversification of work is oriented to all the different aspects of it... security work is just another kind of work that sometimes needs attention. If you can't do something securely, sometimes, you should just not do it at all, and perhaps do something else, something altogether different, etc.

Thanks,

Mark Fernandes

[dhorf-hfre...@hashmail.org]

On Thu, Mar 05, 2020 at 01:21:47PM -0500, Chris Laprise wrote:

> You can also qualify the model somewhat and say that an attacker cannot
> successfully infect all of your (hopefully diverse) computers, so that makes

the diversity bit is important.
and if its mainly about validating a download, even the most
outdated/underpowered device should work.

> OTOH, you may have decided to discard the above threat model because of some
> intent or capability known to you. In that case, I think the Qubes community

http://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html

> system vendor like Insurgo or NitroKey that sell re-flashed systems and uses
> anti-interception measures (like tamper-evident packaging and signatures) in

i trust a randomly-bought chromebook more than any overpriced device
that has "we are so secure/paranoid we walk funny" as its main selling
point.

[Mark Fernandes]

On Thu, 5 Mar 2020 at 18:21, Chris Laprise <tas...@posteo.net> wrote:

On 3/5/20 7:31 AM, Mark Fernandes wrote:
> I want to get a genuine copy of Qubos, from here in the UK (United Kingdom).
>
> The only way described on the Quebos website at present, appears to be
> to download the ISO.
>
> I have the classic security problem described on the website
> <https://www.qubes-os.org/doc/install-security/>, where not having a
> trust-worthy machine, means that I have a never-ending chain of trust
> issues for each machine that I use in the obtaining of the software.

Many of us work with a threat model that assumes at least some computers
available by retail are not compromised "out of the box", or else if
compromised then not at the BIOS/UEFI firmware level. For this model,
verifying the Qubes ISO with gpg is acceptable.

Hello Chris,

I've only heard of gpg as a binary running over an operating system. Is it available as something you can run directly off boot-able media?

In any case, you still need to ensure that gpg hasn't been compromised. If it has to run off an OS, that OS needs to have not been compromised. If you need to download gpg, the OS which you use for downloading gpg has to be not compromised. The website doesn't appear to address these issues. The security Qubes OS offers may be great. But getting from a position where you don't have Qubes OS at all, to having Qubes OS installed, appears to be a serious security concern.

You can also qualify the model somewhat and say that an attacker cannot
successfully infect all of your (hopefully diverse) computers, so that
makes checking a signature on several different computers a form of
reassurance.

OTOH, you may have decided to discard the above threat model because of
some intent or capability known to you. In that case, I think the Qubes
community has only two answers: Find a trusted service that can flash a
known good/uncompromised firmware suite onto one of your machines, or
find a system vendor like Insurgo or NitroKey that sell re-flashed
systems and uses anti-interception measures (like tamper-evident
packaging and signatures) in addition to offering Qubes pre-installed. 

--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB  4AB3 1DC4 D106 F07F 1886

👍 Thanks for these tips. They are valuable.

Mark Fernandes

[Anil]

> i trust a randomly-bought chromebook more than any overpriced device
> that has "we are so secure/paranoid we walk funny" as its main selling
> point.
>

The details of what you have been saying over the course of these
emails (most of them) make sense to me in certain (perhaps most)
contexts, but everything has context and you don't know everything and
their contexts. Since you reply anonymously to people who are not
anonymous, there is an asymmetry. For example, when I raise some issue
or ask some question on this forum, I give at least some part of the
context (because I have to), but you don't tell (can't tell, because
of the need for anonymity, which may be very valid), so I don't know
where you are coming from. You know only partially where I am coming
from and what is my context, but seem to be assuming a lot more. But
your impression seems to be that your suggestions are universally
valid. I could argue that they are not, but then I will have to give
more context than I can or should. Such a situation results in
vitriolic debates and comments without necessarily understanding the
other person's context and perspective. It doesn't become clear what
it is your main point or lesson for the user (in general or to a
specific user).

Side comments:
- What's with the phrases/acronyms that sound like homophobic slurs?
There are languages where 'breaking the knees' is a metaphoric and
literal threat that has historically been carried out quite frequently
(and literally, mostly against marginalized people). And people whose
knees have been broken (for some banal whistleblowing or breaking of
some funny rule), usually 'walk funny'
- 'Ed Snowden' is not the only kind of extreme case of the need for
security. Again, I could give more context and specific contexts ...
Very banal ones.

Solution: Only partial one is possible. Don't assume you know all
possible contexts (without involving aliens or picometric perversions
and the like) about what the Qubes OS users may be using it (or those
devices you refer to) for. You can't plan for all that (borrowing your
words) and you can't have definitive and totally confident answers for
all (even banally) possible problems. I feel strange making this
suggestion to someone who seems to be a Qubes OS developer, because
Qubes OS is based on a philosophy that is very similar to what I am
saying here.

Regards,

अनिल एकलव्य
(Anil Eklavya)

[unman]

What is your threat model?
What do you trust?
Download multiple live distros on different machines, not traceable to you,
some via Tor. Cross validate the iso images. Boot on assorted machines, and
use assorted gpg to verify assorted Qubes images.
I would suggest you validate gpg code for yourself and compile a binary
to use, but why trust the compiler? (Ken Thompson)
At some stage you hit bottom - if you dont, your security concerns are
not serious.

[Anil]

> devices you refer to) for. You can't plan for all that (borrowing your
> words) and you can't have definitive and totally confident answers for
> all (even banally) possible problems. I feel strange making this
> suggestion to someone who seems to be a Qubes OS developer, because
> Qubes OS is based on a philosophy that is very similar to what I am
> saying here.
>

Even the biggest Linux (or OS) loophole that Qubes OS addresses, and
the main attraction of Qubes OS is so very banal: GUI isolation. And
when people (yes, like me) raised questions about the security of
Linux, they received answers in tones very similar to yours and with
similar reasoning.

That's one of the biggest (banal) mysteries to me: How could so many
people for such a long time overlook such a huge loophole in an OS
that was Open Source and based on the Linus's Law? The partial answer
is, and I know this personally, that many people (too many) actually
knew of this loophole, but didn't disclose or acknowledge it. There
were students writing keyloggers based on this loophole, but there was
an informal code (Omertà like: not the Hindi film, but the original
one).

[Anil]

> What is your threat model?

My threat model (to the extent it may be practical to address) is that
I can't assume any kind of physical security (of devices in
particular) and I can't rely on passwords or passphrases or software
based 2FA. More than that I can't reveal.

> What do you trust?

Practically speaking, I have to trust a solution that address the
above threat model, although theoretically I can't be sure it can
solve the problems completely (even without involving aliens etc.),
but I am willing to be content with that.

--

[Mark Fernandes]

On Fri, 6 Mar 2020 at 14:19, Anil <anile...@gmail.com> wrote:

... 

 

My threat model (to the extent it may be practical to address) is that
I can't assume any kind of physical security (of devices in
particular) and I can't rely on passwords or passphrases or software
based 2FA. More than that I can't reveal.

> What do you trust?

Practically speaking, I have to trust a solution that address the

above threat model, ...

--
अनिल एकलव्य
(Anil Eklavya)

Hello Anil,

After my security overhaul (being done because I was recently hacked), I plan on publishing an article on how I've changed my security practices and what thoughts I have on maintaining security in general. Probably will publish it on LinkedIn. The article should address your threat model (at least to some extent).

Kind regards,

Mark Fernandes

[Chris Laprise]

On 3/5/20 1:45 PM, Mark Fernandes wrote:
>
> On Thu, 5 Mar 2020 at 18:21, Chris Laprise <tas...@posteo.net
> <mailto:tas...@posteo.net>> wrote:
>
> On 3/5/20 7:31 AM, Mark Fernandes wrote:
> > I want to get a genuine copy of Qubos, from here in the UK
> (United Kingdom).
> >
> > The only way described on the Quebos website at present, appears
> to be
> > to download the ISO.
> >
> > I have the classic security problem described on the website
> > <https://www.qubes-os.org/doc/install-security/>, where not having a
> > trust-worthy machine, means that I have a never-ending chain of
> trust
> > issues for each machine that I use in the obtaining of the software.
>
> Many of us work with a threat model that assumes at least some
> computers
> available by retail are not compromised "out of the box", or else if
> compromised then not at the BIOS/UEFI firmware level. For this model,
> verifying the Qubes ISO with gpg is acceptable.
>
>
> Hello Chris,
>
> I've only heard of gpg as a binary running over an operating system. Is
> it available as something you can run directly off boot-able media?

Gpg is usually available in live DVD or live USB distros. Its also
incorporated into 'Heads', a firmware boot verification system that's
compatible with Qubes.

>
> In any case, you still need to ensure that gpg hasn't been compromised.
> If it has to run off an OS, that OS needs to have not been compromised.
> If you need to download gpg, the OS which you use for downloading gpg
> has to be not compromised. The website doesn't appear to address these
> issues. The security Qubes OS offers may be great. But getting from a
> position where you don't have Qubes OS at all, to having Qubes OS
> installed, appears to be a serious security concern.

There is a definite chicken-and-egg aspect to this issue. That's bc what
we're dealing with at some level is a failure of Computer Science and
industry to advance computer security in an objective and democratic
manner. It is mostly a VC culture, even in university settings, and
selling bling to the masses now sets the tone for everything else.
That's why things that would have been shocking (like shutting Linux out
of recent TCG updates & making devices that can't really be
switched-off) in the 90s-mid 2000s are now commonplace, and the
"victims" like Linux Foundation don't care anymore bc they are comprised
of megacorps with staff who go home to their iDevices and surveillance
tchotskies.

So computing culture became a worst-case scenario and projects like
Qubes are back-eddies in its wake. Your/our problem can't be solved in a
fundamental way without PC-type hardware that is open source. I think
Qubes has expressed a willingness to help make that happen, since they
are open to the idea of porting Qubes to OpenPOWER architecture.

In the meantime, we have to use hedges and stop-gaps. One is to verify
ROM (e.g. DVD) media on multiple systems, just as one would try to
verify a single gpg key from multiple pathways. Another is to use Qubes,
which reduces the number of components you have to trust down to a
minimum. Also consider what makes a good hardware distributor. Yet
another is to realize the biggest adversaries are not omnipotent and
can't control everything simultaneously; i.e. do random spot checks,
maintain your sanity.

Finally, we need to be able to question things in philosophical terms
because that is the basis of relatable information in modernity. If we
only think about the mechanics, then we remain locked onto the same path
of transistorized irrationality that has begun to weigh on you. For
example, a philosophical approach to your question should recognize
early that its a quandary (or "turtles all the way down") if we keep
accepting the old parameters (i.e. what industry wants to keep selling
us); there are even situations when its illogical to use computers (even
though the above mentioned failed culture still insists its necessary to
do so).

[awokd]

Chris Laprise:

[Snip most of Chris's well-written response; where is the thumbs up
button on my email client?]

> That's why things that would have been shocking (like shutting Linux out
> of recent TCG updates

Hadn't heard this one, but my first thought was wondering what they were
trying to hide. Do you have a link handy? Searches coming up empty.

--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots

[tetra...@danwin1210.me]

On Thu, Mar 05, 2020 at 06:33:38PM +0000, Mark Fernandes wrote:
>By the way, I consider that I am being completely reasonable with my
>threat
>model, whilst also employing critical thinking. How hard is it to go to a
>large PC store, and pick at random one Linux distribution, to take home, to
>better ensure you have system integrity?

Sounds like the solution is pretty easy: go to a large PC store, buy a
PC and pick a random Linux distribution off the shelf, then use all that
to do your verifying.

[Mark Fernandes]

Hello all,

Finally finished my Wikibooks End-user Computer Security book that at least partly covers the topic of how to obtain software (such as the Qubes OS software) securely.

The book makes specific mention of Qubes, and is accessible at https://en.wikibooks.org/wiki/End-user_Computer_Security. Its subtitle is:

 

 'Inexpensive security for   ⦾ individuals,  ⦾ sole traders,  and   ⦾ small businesses'. 

 

 

The book is more based in ongoing, never-ending, democratic collaborative research, than a treatise on an established subject. Particularly because of such, you may wish to contribute to the work, even if that be just through peer review.

All feedback regarding the book is welcomed.

Kind regards,

Mark Fernandes