disable split-gpg notifications?
47 views
Skip to first unread message
Michael Carbone
Nov 18, 2016, 9:49:17 AM11/18/16
to qubes-users
Is there an easy way to disable split-gpg notifications? They are just
screen noise, and in XFCE cover the time and systray by default.
From a security perspective without timestamps in the access logs
(https://github.com/QubesOS/qubes-issues/issues/1835) a malicious
pre-approved email client could just decrypt emails in mass when the
user is AFK to avoid notifying the user, so I see little security benefit.
Thanks,
Michael
--
Michael Carbone
Qubes OS | https://www.qubes-os.org
@QubesOS <https://www.twitter.com/QubesOS>
PGP fingerprint: D3D8 BEBF ECE8 91AC 46A7 30DE 63FC 4D26 84A7 33B4
screen noise, and in XFCE cover the time and systray by default.
From a security perspective without timestamps in the access logs
(https://github.com/QubesOS/qubes-issues/issues/1835) a malicious
pre-approved email client could just decrypt emails in mass when the
user is AFK to avoid notifying the user, so I see little security benefit.
Thanks,
Michael
--
Michael Carbone
Qubes OS | https://www.qubes-os.org
@QubesOS <https://www.twitter.com/QubesOS>
PGP fingerprint: D3D8 BEBF ECE8 91AC 46A7 30DE 63FC 4D26 84A7 33B4
Marek Marczykowski-Górecki
Nov 18, 2016, 12:34:38 PM11/18/16
to Michael Carbone, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Fri, Nov 18, 2016 at 02:49:00PM +0000, Michael Carbone wrote:
> Is there an easy way to disable split-gpg notifications? They are just
> screen noise, and in XFCE cover the time and systray by default.
The easy (hacky) way is to comment out notify-send in
/etc/qubes-rpc/qubes.Gpg.
> From a security perspective without timestamps in the access logs
> (https://github.com/QubesOS/qubes-issues/issues/1835) a malicious
> pre-approved email client could just decrypt emails in mass when the
> user is AFK to avoid notifying the user, so I see little security benefit.
That's true indeed. I wonder if blocking split-gpg while screenlocker is
engaged would make sense? Currently similar purpose have confirmation
with a 5min timeout.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJYLzuoAAoJENuP0xzK19csxtEH/2/tojTCpyLpLtukFvBmYIJb
zuKxQcKIXU7Iy7EHYR/VlvBApUT3IXhm5zIJw1pNBGOhCoLR2PNuX1B3Gpf3kV6U
grXzgWx84YI/FzOnAHEWoSly5393z3nh9zzygsRBjBEJCvBNU4WnIACyf+pA+j9D
QONA2655qhcoTveii2oAyQAsgARg080tcz1W5XG9ziBpOLGghfRkFkaTc7UW3WP/
Fhk0nK6+IsmvHRFSukilKcDhfI+7DZWTrUb6ZKsSogOka3ZqhWgjFXuxkLyosBMi
k3BZhZs+xDb6ApY40w/mBdNt+Iu9pjt/EugWh7CInmTPTvI1srBA/B72v2AG6+Q=
=sV3q
-----END PGP SIGNATURE-----
Hash: SHA256
On Fri, Nov 18, 2016 at 02:49:00PM +0000, Michael Carbone wrote:
> Is there an easy way to disable split-gpg notifications? They are just
> screen noise, and in XFCE cover the time and systray by default.
/etc/qubes-rpc/qubes.Gpg.
> From a security perspective without timestamps in the access logs
> (https://github.com/QubesOS/qubes-issues/issues/1835) a malicious
> pre-approved email client could just decrypt emails in mass when the
> user is AFK to avoid notifying the user, so I see little security benefit.
engaged would make sense? Currently similar purpose have confirmation
with a 5min timeout.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJYLzuoAAoJENuP0xzK19csxtEH/2/tojTCpyLpLtukFvBmYIJb
zuKxQcKIXU7Iy7EHYR/VlvBApUT3IXhm5zIJw1pNBGOhCoLR2PNuX1B3Gpf3kV6U
grXzgWx84YI/FzOnAHEWoSly5393z3nh9zzygsRBjBEJCvBNU4WnIACyf+pA+j9D
QONA2655qhcoTveii2oAyQAsgARg080tcz1W5XG9ziBpOLGghfRkFkaTc7UW3WP/
Fhk0nK6+IsmvHRFSukilKcDhfI+7DZWTrUb6ZKsSogOka3ZqhWgjFXuxkLyosBMi
k3BZhZs+xDb6ApY40w/mBdNt+Iu9pjt/EugWh7CInmTPTvI1srBA/B72v2AG6+Q=
=sV3q
-----END PGP SIGNATURE-----
Michael Carbone
Nov 18, 2016, 12:39:39 PM11/18/16
to qubes-users
Marek Marczykowski-Górecki:
>> From a security perspective without timestamps in the access logs
>> (https://github.com/QubesOS/qubes-issues/issues/1835) a malicious
>> pre-approved email client could just decrypt emails in mass when the
>> user is AFK to avoid notifying the user, so I see little security benefit.
>
> That's true indeed. I wonder if blocking split-gpg while screenlocker is
> engaged would make sense? Currently similar purpose have confirmation
> with a 5min timeout.
I think that's an excellent idea.
> On Fri, Nov 18, 2016 at 02:49:00PM +0000, Michael Carbone wrote:
>> Is there an easy way to disable split-gpg notifications? They are just
>> screen noise, and in XFCE cover the time and systray by default.
>
> The easy (hacky) way is to comment out notify-send in
> /etc/qubes-rpc/qubes.Gpg.
thanks.
>> Is there an easy way to disable split-gpg notifications? They are just
>> screen noise, and in XFCE cover the time and systray by default.
>
> The easy (hacky) way is to comment out notify-send in
> /etc/qubes-rpc/qubes.Gpg.
>> From a security perspective without timestamps in the access logs
>> (https://github.com/QubesOS/qubes-issues/issues/1835) a malicious
>> pre-approved email client could just decrypt emails in mass when the
>> user is AFK to avoid notifying the user, so I see little security benefit.
>
> That's true indeed. I wonder if blocking split-gpg while screenlocker is
> engaged would make sense? Currently similar purpose have confirmation
> with a 5min timeout.
Andrew David Wong
Nov 19, 2016, 7:29:38 AM11/19/16
to Michael Carbone, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 2016-11-18 09:39, Michael Carbone wrote:
> Marek Marczykowski-Górecki:
>> On Fri, Nov 18, 2016 at 02:49:00PM +0000, Michael Carbone wrote:
>>> Is there an easy way to disable split-gpg notifications? They are just
>>> screen noise, and in XFCE cover the time and systray by default.
>>
>> The easy (hacky) way is to comment out notify-send in
>> /etc/qubes-rpc/qubes.Gpg.
>
> thanks.
>
>>> From a security perspective without timestamps in the access logs
>>> (https://github.com/QubesOS/qubes-issues/issues/1835) a malicious
>>> pre-approved email client could just decrypt emails in mass when the
>>> user is AFK to avoid notifying the user, so I see little security benefit.
>>
>> That's true indeed. I wonder if blocking split-gpg while screenlocker is
>> engaged would make sense? Currently similar purpose have confirmation
>> with a 5min timeout.
>
> I think that's an excellent idea.
>
Ticket: https://github.com/QubesOS/qubes-issues/issues/2443
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYMEWqAAoJENtN07w5UDAwzMsQAMcCQDNd17+adBDMCVLqnTEm
DvDWu8LKOHmAMaOjK4LLIP34XOt4p/0MZd+wk78DsClx/CZqsATxNXspKKXaksUn
5XoDrh5dyuwTYfqcuPhwguMEI2gtbhaNKg4ayJ0jlqO1W50uVowE10ARIQnfmjiN
j5qKKGHOj+ZrGKzSrNjFH4iURGLzPvIBKuv9/LXRcLyJj1isDxEBBRyZyNOSKxkS
QoNnq6ATDWC4j0itPxwg32S2YnOniE1c1EVbrfprDeB85XRkVbQFeO2CpzEuGFGa
srZUBaGdqi2UZgUecW39oQe27qWCpI3pk/RPwPU/zNuzUId06BYkP6q1bJyl/9Fw
0eOiPqVhMVpIr7aCXfJh6uro+zI0/jTdEGhYjdGc1gm6MiVaYbSeaJncXvNG9u/z
IBXF1+YVonDVxbZuHczy+J/Ae6g6l5hRlKHa4hDTgQphR/IaklXGsuUYvu/dfKFd
/aFyWeexxzuE+B7IKTu6RUhO7JySM93U8OYRYd4tircCPA30zf8NlOll0NEd3M+C
kkD+hRXCqifsWmSDlm9X3rOpX7PPs7lI52mJTlzgLOQdDYEbOtUOcP4JKrujMzJt
HeqADkTyP4pjiqAnoFSNc12kDOrBwukJvqK0wReisUnuqT0q2TTcBhM6mU55bTOB
uW1AzgDOeR+zHjyivNCk
=pMpg
-----END PGP SIGNATURE-----
Hash: SHA512
On 2016-11-18 09:39, Michael Carbone wrote:
> Marek Marczykowski-Górecki:
>> On Fri, Nov 18, 2016 at 02:49:00PM +0000, Michael Carbone wrote:
>>> Is there an easy way to disable split-gpg notifications? They are just
>>> screen noise, and in XFCE cover the time and systray by default.
>>
>> The easy (hacky) way is to comment out notify-send in
>> /etc/qubes-rpc/qubes.Gpg.
>
> thanks.
>
>>> From a security perspective without timestamps in the access logs
>>> (https://github.com/QubesOS/qubes-issues/issues/1835) a malicious
>>> pre-approved email client could just decrypt emails in mass when the
>>> user is AFK to avoid notifying the user, so I see little security benefit.
>>
>> That's true indeed. I wonder if blocking split-gpg while screenlocker is
>> engaged would make sense? Currently similar purpose have confirmation
>> with a 5min timeout.
>
> I think that's an excellent idea.
>
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYMEWqAAoJENtN07w5UDAwzMsQAMcCQDNd17+adBDMCVLqnTEm
DvDWu8LKOHmAMaOjK4LLIP34XOt4p/0MZd+wk78DsClx/CZqsATxNXspKKXaksUn
5XoDrh5dyuwTYfqcuPhwguMEI2gtbhaNKg4ayJ0jlqO1W50uVowE10ARIQnfmjiN
j5qKKGHOj+ZrGKzSrNjFH4iURGLzPvIBKuv9/LXRcLyJj1isDxEBBRyZyNOSKxkS
QoNnq6ATDWC4j0itPxwg32S2YnOniE1c1EVbrfprDeB85XRkVbQFeO2CpzEuGFGa
srZUBaGdqi2UZgUecW39oQe27qWCpI3pk/RPwPU/zNuzUId06BYkP6q1bJyl/9Fw
0eOiPqVhMVpIr7aCXfJh6uro+zI0/jTdEGhYjdGc1gm6MiVaYbSeaJncXvNG9u/z
IBXF1+YVonDVxbZuHczy+J/Ae6g6l5hRlKHa4hDTgQphR/IaklXGsuUYvu/dfKFd
/aFyWeexxzuE+B7IKTu6RUhO7JySM93U8OYRYd4tircCPA30zf8NlOll0NEd3M+C
kkD+hRXCqifsWmSDlm9X3rOpX7PPs7lI52mJTlzgLOQdDYEbOtUOcP4JKrujMzJt
HeqADkTyP4pjiqAnoFSNc12kDOrBwukJvqK0wReisUnuqT0q2TTcBhM6mU55bTOB
uW1AzgDOeR+zHjyivNCk
=pMpg
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages