How to get trusted iso?

[cooloutac]

I know I can't buy one, so how do I get an a fresh iso if my machine is compromised? Obviously, someone more prudent would of kept their original iso on dedicated usb stick. But I was too cheap.

So what happens if that was not done, or how can someone get a trusted iso for the first time in the first place? Is just checking key signatures and using dd on a compromised machine enough? I imagine that would be dangerous.

Thanks for any suggestions.

[Chris Laprise]

On 05/01/2017 02:33 PM, cooloutac wrote:
> I know I can't buy one, so how do I get an a fresh iso if my machine
> is compromised? Obviously, someone more prudent would of kept their
> original iso on dedicated usb stick. But I was too cheap.

I'll go out on a limb and say that Qubes is more about defending against
oncoming threats.

Pre-existing compromise creates a dilemma for the user, who can
pragmatically try to minimize further compromise by degrees. For
instance, burn a DVD and then verify it on multiple machines (incl.
different architectures). This is not unlike trying to validate the
authenticity of a PGP key using different network channels (not quite
"out of band" but possibly effective).

>
> So what happens if that was not done, or how can someone get a
> trusted iso for the first time in the first place? Is just checking
> key signatures and using dd on a compromised machine enough? I
> imagine that would be dangerous.
>
> Thanks for any suggestions.

Since you will probably want to start with Qubes on a non-compromised
machine, I suggest to download and verify using that.

--

Chris Laprise, tas...@openmailbox.org
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886

[cooloutac]

yes good idea, someone else had suggested to me to verify multiple iso's which is also a good idea. Does Qubes ever plan on selling iso sticks?

[Chris Laprise]

On 05/01/2017 03:43 PM, cooloutac wrote:
> Does Qubes ever plan on selling iso sticks?

I would like to know. And I've suggested this in the past, but with
DVD-Rs which I think are preferable to USB sticks (even the ones with
hardware write-protect switches).

[cooloutac]

ah yes very true but I don't even have a cdrom on my system but I would get one for it.

[cooloutac]

this post makes me think about healthcare debate lol. last to universal healthcare is also last to end slavery. not a coincidence.

But ya i'll go out on a limb and say most of us are using Qubes cause we were already compromised before, and we are using it still believing we will be compromised in the future.

If there is no way to get a trusted iso there is no point in using Qubes.

[Jean-Philippe Ouellet]

I am not aware of any mechanism by which to have a 100% guarantee, but
then... do you really need one?

At some point, you just have to say "well... good enough". Even if you
were to buy install media, as you suggest, how are you sure your
physical mail wasn't intercepted?

I believe the "create read-only media and verify it on diverse
machines" approach should be sufficient. Breaking it should require
either some rather versatile exploit for something along the
(hopefully diverse) set of components involved in reading & verifying
the media from the multiple systems you use to check it, or for all of
those machines to be independently targeted, possibly with advance
knowledge of the DVD you're about to try to verify. IMO that's
sufficiently unlikely to be worth worrying about.

[cooloutac]

I think the least likely thing to happen is my physical mail gets intercepted. (unless by the gov't or police)

Far more likely criminals and peeping toms have all my machines compromised and have advance knowledge i'm going to download Qubes. Also far more likely my hardware is compromised as well. I never blame the gov't, cause they usually don't try to destroy computers or steal money from people.

So if I build a new machine and can't buy a Qubes iso, i'll be ordering windows 10 and i'm not going to bother installing Qubes.