I can't disable ipv6 on Debian Template
nishi...@gmail.com
I am surprised that there is no way to disable ipv6 on Debian template.
I reinstalled first the template using documentation https://www.qubes-os.org/doc/reinstall-template/
Then I added "net.ipv6.conf.all.disable_ipv6 = 1" in /etc/sysctl.conf, I did reboot the Template but it didn't change the outcome, I still had ipv6 ports opened using "netstat -antp"
I even added "sudo ip6tables -P INPUT DROP" in "/rw/config/rc.local", but I still got those distant servers listening when I check using commands like "sudo lsof -i6" or "netstat -antp" on my Debian Template.
What is rpcbind, avahi-dae and why you got this ipv6 bound to systemd on PID 1 ? Looks suspicious, I thought Ipv6 was disabled by default on Qubes.
Regards
johny...@sigaint.org
>
> I reinstalled first the template using documentation
> https://www.qubes-os.org/doc/reinstall-template/
>
> Then I added "net.ipv6.conf.all.disable_ipv6 = 1" in /etc/sysctl.conf, I
> did reboot the Template but it didn't change the outcome, I still had ipv6
> ports opened using "netstat -antp"
>
> I even added "sudo ip6tables -P INPUT DROP" in "/rw/config/rc.local", but
> I still got those distant servers listening when I check using commands
> like "sudo lsof -i6" or "netstat -antp" on my Debian Template.
potentially less vulnerable (less attack surface, yadda, yaada.) While
IPV6 isn't necessarily new, it still seems a bit "mysterious" to me. It's
certainly more complex, and complexity is no friend of security.
Why not just disable IPV6 ("ignore") in the Network Manager (in sys-net,
displayed on the taskbar in dom0, next to the Qubes Manager icon)?
If sys-net/NetworkManager has ipv6 disabled, no VM is going to get any
IPV6 packets through.
> What is rpcbind, avahi-dae
I also agree that avahi shouldn't be enabled. It is one of the first
things I disable in Qubes. It's a zeroconf/Bounjour thing. Not needed,
and more attack surface.
rpcbind is a portmapper thing, useful for NFS, and I'm not sure what else,
really. Another thing I also disable. (Probably like you, for security
reasons, I don't like seeing anything listening when I do a netstat.)
Also, this:
http://blog.level3.com/security/a-new-ddos-reflection-attack-portmapper-an-early-warning-to-the-industry/
I should note that due to a lot of hacking/harassment, I'm a bit more
paranoid than your typical user.
While it's probably innocent, seeing things like this enabled by default
in a system always make me a bit less trusting of such a system; has an
NSA-tampering feeling to it. :)
(Similar to audio/pulseaudio enabled in sys-net/sys-firewall, the apparmor
extra-profiles not being included in Tails for some bizarre reason, and
the like.)
exim4, I believe, was also enabled by default in fedora-23/debian-8, which
makes little sense. If you want a mail server, set up a mail server,
don't have them running in every VM by default.
(As I mentioned in another post, I think there's an outstanding ticket to
eliminate unnecessary systemctl services in the debian and fedora
templates.)
> and why you got this ipv6 bound to systemd on
> PID 1 ? Looks suspicious, I thought Ipv6 was disabled by default on Qubes.
and thus a bit of a risk for security. However, the dependency management
it provides is very powerful imho, and well worth it.
(I can't help but think the same startup dependency results couldn't have
been achieved with the "make" utility. Probably not quite as elegantly,
but without adding another new utility.)
You say you see ipv6 bound to systemd? Is it listening on a specific port
or anything?
Cheers
JJ
entr0py
https://wiki.debian.org/DebianIPv6#How_to_turn_off_IPv6
`netstat -anltp` shows ports that are (L)istening.
johny...@sigaint.org
>> Hello,
>>
>> I am surprised that there is no way to disable ipv6 on Debian template.
>>
>> I reinstalled first the template using documentation
>> https://www.qubes-os.org/doc/reinstall-template/
>>
>> Then I added "net.ipv6.conf.all.disable_ipv6 = 1" in /etc/sysctl.conf, I
>> did reboot the Template but it didn't change the outcome, I still had
>> ipv6 ports opened using "netstat -antp"
https://superuser.com/questions/575684/how-to-disable-ipv6-on-a-specific-interface-in-linux
In /etc/sysconfig/network:
NETWORKING_IPV6=no
IPV6_AUTOCONF=no
nishi...@gmail.com
Thank you guys for your help, but unfortunately I don't think there is a way to get rid of this process listening on tcp6 on init (systemd... d standing here for distant...). It is listed as 1 on PID, I don't think you can't remove it, it is a main process. So I am not interested in using Qubes anymore because I disapprove those bad policies on respect of privacy.
I don't want data to travel from my main template to Qubes servers without my consent and I don't like the fact someone might monitor what I am doing with my Debian template through ipv6. Really disappointing.
Tbh at first I liked the fact that Qubes doesn't allow to be installed inside another OS, it looked like a nice security feature, but now that I can't clear completely my hard disk from Qubes hard drive protection, this is really annoying as I can't reinstall another OS
on my hard drive.
Any help on how to uninstall completely Qubes by removing the hard drive protection would be appreciated. I didn't find a way to do it in documentation.
Regards
3n7r...@gmail.com
On Sunday, September 25, 2016 at 1:46:13 PM UTC, nishi...@gmail.com wrote:
> I am surprised that there is no way to disable ipv6 on Debian template.
I'm not going to download the Debian template to prove a point but I'm fairly confident you can disable IPv6. I have disabled IPv6 on both Whonix-Gateway and Whonix-Workstation, which are both based on Debian 8.
On Monday, September 26, 2016 at 8:21:54 PM UTC, nishi...@gmail.com wrote:
> Thank you guys for your help, but unfortunately I don't think there is a way to get rid of this process listening on tcp6 on init (systemd... d standing here for distant...). It is listed as 1 on PID, I don't think you can't remove it, it is a main process.
I don't know what process you're referring to. I don't see this process on either of my Whonix Templates or my Fedora-minimal template. Maybe a Debian user can comment? (AFAIK the "d" in systemd refers to daemon.)
>So I am not interested in using Qubes anymore because I disapprove those bad policies on respect of privacy.
> I don't want data to travel from my main template to Qubes servers without my consent and I don't like the fact someone might monitor what I am doing with my Debian template through ipv6. Really disappointing.
What traffic is going to Qubes servers? Are you running pcap? You can disable the Qubes repository if you're referring to updates.
> Tbh at first I liked the fact that Qubes doesn't allow to be installed inside another OS, it looked like a nice security feature, but now that I can't clear completely my hard disk from Qubes hard drive protection, this is really annoying as I can't reinstall another OS
> on my hard drive.
>
> Any help on how to uninstall completely Qubes by removing the hard drive protection would be appreciated. I didn't find a way to do it in documentation.
>
> Regards
What hard drive protection are you referring to? There's nothing Qubes can do to stop you from overwriting the partition tables. Any OS installer will gladly write all over a Qubes installation.
johny...@sigaint.org
> Thank you guys for your help, but unfortunately I don't think there is a
> way to get rid of this process listening on tcp6 on init (systemd... d
> standing here for distant...). It is listed as 1 on PID, I don't think you
> can't remove it, it is a main process. So I am not interested in using
> Qubes anymore because I disapprove those bad policies on respect of
> privacy.
when a connection arrives, similar to "inetd" in days of old).
What does "systemctl list-sockets" show? Any services that systemd is
providing a listener for should be listed here.
The configuration files that control such behavior could be shown with:
> sudo find /usr/lib/systemd /etc/systemd -name '*.socket'
This may also reveal useful information, but the above is probably
sufficient:
"sudo lsof -i -p 1"
Cheers
JJ
johny...@sigaint.org
> providing a listener for should be listed here.
current service with "systemctl stop blah.socket", and disable it in the
future (next reboot or VM restart) with "systemctl disable blah.socket".
There's always the potential that it could be re-enabled in the future by
installing another package dependent upon that service. (That's bitten me
a couple of times.)
To block that from potentially happening, use "systemctl mask blah.socket"
and the service will stay off regardless of new dependencies.
("systemctl unmask" undoes the blocking. Go figure.)
Oh yeah, to have those commands truly "stick," you should run them from
the template, not the AppVM.
Slight digression (from JJ, no way?!?!?): There's a few config things like
this (e.g. /etc/fstab) that I really think should be (by default) symlinks
to /rw/config, so they could be tweaked on an per-appVM basis. (At risk
of a compromised VM being able to have more lasting hack-related effects
after a restart.)
It's easy enough to do in the template/appvm yourself, of course. e.g.:
# cp /etc/fstab /rw/config/fstab && ln -s /rw/config/fstab /etc/fstab
in the TemplateVM. You could similarly do that with any systemctl config
files that you need different on a per-appVM basis.
Cheers
JJ
Unman
anyway, when I look at some of the later comments.
Still -
If you want to disable ipv6 on Debian, just pass in as kernel option:
qvm-prefs debian -s kernelopts ipv6.disable=1
This won't feed through to qubes based on the template, of course.
You have to set the preference for each qube.
unman
nishi...@gmail.com
Really ? No one to find also suspicious a wild init/1 tcp6 port listening on your templateVM, right out of the box ? This got to be real.
I am still interested in your solutions to quit Qubes OS and have another OS being able to run on my USB key and be installed, if you don't mind.
I am answering you on my phone just because it seems my old Qubes deleted partition doesn't like very much my USB key to runs over it, for some reason. And this is pissing me off.
So let me rephrase : how do you completely remove Qubes OS from your hard drive so that eventually it might still accept another OS install ? Fuck this shit.
Btw on any decent OS you can clear your own partitions on installation window and refresh your own disk without installing the OS. On Qubes you can't. You are supposed to run the install to do so. And it seems the install fucks your hardware next -.-
johny...@sigaint.org
> on your templateVM, right out of the box ? This got to be real.
> partition doesn't like very much my USB key to runs over it, for some
> reason. And this is pissing me off.
> drive so that eventually it might still accept another OS install ? Fuck
> this shit.
> window and refresh your own disk without installing the OS. On Qubes you
> can't. You are supposed to run the install to do so. And it seems the
> install fucks your hardware next -.-
Ummm, I think I'm tending to agree with Unman's suspicions:
> and I wonder if it's a troll anyway, when I look at some of the
> later comments.
Or someone who has an agenda against Qubes' goals.
Either that, or you're in way over your head technology-wise and don't
have the patience to work through it, even with a community trying to help
you.
I might suggest you go install Windows (or buy a tablet) and take out your
anger elsewhere.
Cheers
JJ
nishi...@gmail.com
But if you want to talk about what Qubes provides, I have my opinion on the subject : Qubes greatest innovation is kinda making business of privacy rights, you can either consider it as a very offensive hacking tool platform, a Kali Linux best ally, a weapon which imo can do more harm than good, either a noob trap. That's obviously not the way I want the Internet to evolve, if you don't mind. As if posting here with this very friendly PRISM data collection provided by Google would make Qubes community trustworthy. What a joke.
If M. Snowden would have used Qubes instead of Tails to make his revelations to everyone about global surveillance, he would probably be in jail right now. I guess vast majority of folks shocked about what his revelations showed would be really unhappy about that.
So for people really considering privacy rights in an opened and a good manner way, you have Tails, and when it's time to discuss about security by default on a fresh new system, you have OpenBSD. Rest is just business and making profits under a license you currently don't own. Richard Stallman would be proud.
Also when you can read on the Whonix FAQ https://www.whonix.org/wiki/FAQ#Why_aren.27t_you_using_OpenBSD.2C_it.27s_the_most_secure_OS_ever.21.21.211.21 this very arrogant statement "There is now Qubes OS, OpenBSD lacks such innovative security improvements, which claims.", you got another big joke right there.
What makes the Internet still a little bit secured right now is coming directly from MIT and Unixmen that developed OpenSSH. I guess showing more respect for an OS that has been compromised like 2 times in 20 years and which policies are what the Internet world needs might help. But yeah, you can think of the Internet as a battleground, I don't really mind, it's not the way I see it.
You have people concerned about building inoffensive fortresses or shields, to make sure Internet stays what it was at the very beginning (a space to provide educational content, to share ideas in a peaceful way) and you have people that use it as if it was a weapon. What a shame. So long Qubes.
raah...@gmail.com
You have to change kernel parameters a diff way I believe. try this method from whonix instructions. https://www.whonix.org/wiki/Qubes/Install
to list the parameters use qvm-prefs -l debian-8 kernelopts
To change them do qvm-prefs -s debian-8 kernelopts "nopat ipv6.disable=1"
Then restart template and vms.
raah...@gmail.com
johny...@sigaint.org
https://github.com/QubesOS/qubes-issues/issues/1928
As compared to all the other stuff the Qubes devs have on their plates, I
assume it's a relatively low priority, since Debian-8 is a bit of an
"addon" as compared to Fedora-23, and its easy enough for someone to fix
in the template themselves.
The "listening" services are less of a concern, since the firewall
wouldn't permit any incoming connections to be passed through to start
with. It's the "phone home" style services, like time sync, Samba name
lookups on microsoft servers, and such, that are more concerning, and
privacy-busting.
I was not pleased to see the Debian vm, by default, connecting to some
microsoft servers for Samba name resolution, lol. Especially when I never
use any SMB style naming, nor programs, to start with.
Cheers
JJ
johny...@sigaint.org
> wouldn't permit any incoming connections to be passed through to start
> with. It's the "phone home" style services, like time sync, Samba name
> lookups on microsoft servers, and such, that are more concerning, and
> privacy-busting.
is actively monitored by the powers that be, to keep tabs on us
security-minded Linux geeks.
There's been enough major security bugs in NTP, that one must wonder if
they're akin to the heartbleed/rng/SSL/etc. compromises that don't
necessarily look like innocent mistakes.
Qubes is good at trying to get dom0 to push the time to the VM's by its
own means. And if you set the ClockVM to sys-whonix, say, you remove, or
at least greatly reduce, the ability of TPTB to track your setting your
clock. :)
However, as mentioned, the default of using NTP time syncing is enabled by
default in the Debian-8 template, which defeats that protection for Debian
Appvms, unless you disable it in the template. Just an oversight, I'm
sure. (No sarcasm, for once.)
My PC's RT clock might drift by a few seconds each week, if that; I'm not
sure why time synchronization has to be so damn frequent and aggressive.
A red flag for the paranoid. :)
I have a RS232 GPS dongle that spits out the time with 1-second accuracy
(or atomic-clock level accuracy, if you use the 1-second clock-tick signal
available on one of the chips, which I have done, lol).
I plan on hooking that up to my Qubes setup in the near future, and
disabling network-based clock sync all together.
(Until Qubes 4.0 comes out, forces me to upgrade to a newer motherboard
with no RS232 support. :) )
Might be a good open-sourced hardware project. I think I've seen some out
there already, although not necessarily integrated smoothly into Qubes.
Just one more hole to make sure we plug.
JJ
johny...@sigaint.org
laptops that haven't been touched in years, and their clocks were accurate
within a minute.
So there's no need for synchronizing your time so frequently.
I just read that NTP apparently adjust the frequency of polling based upon
how fast your clock seems to be drifting, which is admirable.
http://www.ntp.org/ntpfaq/NTP-s-algo.htm
But the poll interface ranges from 64 to 1024 seconds; even at the high
end, that seems unnecessarily frequent from the very small amount of clock
drift I've experienced.
But flipping to a GPS-based source instantly eliminates those concerns.
Question: for what purpose do we require super-accurate clocks in the
first place? There are some rolling password algorithms based upon time,
and certificates handling will get cranky if you're months or years off,
but other than that, what is the necessity of keeping a PC within seconds
of the correct time?
(On tails, when it starts up, it does a time synchronization, claiming
it's required for Tor purposes. Anyone know the nature of that?)
JJ
Jeremy Rand
Roughtime. Both are quite a bit more secure than NTP, although tlsdate
doesn't work with TLS 1.3, and Roughtime is still a proof of concept.
Cheers,
-Jeremy
Unman
VMs.
You need to change the option individually for each qube where you want
to disable IP6.
unman
Unman
date/time. You can easily test this by manually setting to the wrong
time, and watching the Tor fail.
Tor also checks your local date/time against the consensus status
document, and will warn you if it's off. If it's too far, you won't get
tunnels.
Connecting to Hidden services , I think, requires that local date/time
be within 60 mins of the service provider.
Tails has a mechanism to set local time. Whonix has a similar mechanism,
also available in Whonix-Qubes.
unman
Unman
johny...@sigaint.org
> date/time. You can easily test this by manually setting to the wrong
> time, and watching the Tor fail.
>
> Tor also checks your local date/time against the consensus status
> document, and will warn you if it's off. If it's too far, you won't get
> tunnels.
>
> Connecting to Hidden services , I think, requires that local date/time
> be within 60 mins of the service provider.
>
> Tails has a mechanism to set local time. Whonix has a similar mechanism,
> also available in Whonix-Qubes.
time, I'm just wondering, protocol-wise, *why*? TCP/IP doesn't care.
Is the time rolled into some security hash to prevent replay attacks or
something? (If so, that'd be easy to fake.)
Or is it for timeout purposes, to give up on a sluggish route (in the case
of Tor) and choose another one (or something to that effect)? If so, do
you really need second accuracy for that?
Just curious as to why there's a need for all this time syncing.
JJ
raah...@gmail.com
I pointed out how to change the parameters. You do the command from dom0 for the template you want ipv6 disabled. Basically The same method whonix instructs on how to install apparmor on debian template. This is how I disable ipv6.
raah...@gmail.com
you can verify this from a terminal in one of the proxies or vms based on that template with lsof or netstat and see no more ipv6 connections.
nishi...@gmail.com
Could a Qubes developer pay attention on this ticket, please ?
I can't reinstall any other OS than Qubes on my HDD. When I put in a USB key, it doesn't boot on it, it switches directly to the GRUB menu.
I am sure at 100% it comes from some sort of disk protection that Qubes put on my disk. I am also sure that those USB keys would work on any other HDDs, as they are properly burnt.
I tried to reinstall Qubes without disk encryption. It didn't change the outcome.
How do I remove this disk block so I can use USB keys to install another OS than Qubes ?
If you wanna make hostages, then say it on your web page because right now my disk is unusable and it's Qubes responsibility at 100%.
I'll wait here until someone tells me how to completely erase Qubes from my disk (USB PROTECTION INCLUDED) so that EVENTUALLY I could switch to another OS and FUCKING MOVE ON, FOR GOD'S SAKE.
raah...@gmail.com
I thought you were asking how to disable ipv6. I don't know much about usb keys, I doubt qubes locked your pc, check in bios maybe? Maybe someone else can chime in.
nishi...@gmail.com
I won't wait another week with my HDD disabled by this OS.
Come on, please, why would someone doubt on something that is so obvious ? I used 3 different USB keys and different iso images. Every USB keys fails on booting while isos have been properly burnt to USBs on a fresh new install. Can't install any other OS, my hard drive is locked. This is so disgusting.
Some explanations on how to completely erase Qubes OS and his disk USB protection out of your hard disk would be really helpful, as I can't use currently my computer..
Jeremy Rand
FWIW, I've booted from USB drives while Qubes was installed internally
before. I'm under the impression that lots of people here have done so.
So perhaps you might want to consider the likely possibility that there
is something different about your setup compared to mine (and everyone
else's whose setup works fine), rather than this being a deliberate
attempt by Qubes developers to "make [sic] hostages".
Then again, based on your other posts in this thread, it's likely that
I'm wasting time trying to reason with someone who has an entirely
different agenda than getting an actual bug fixed. I won't be bothering
to engage further if additional posts support that conclusion.
Cheers,
-Jeremy
Andrew David Wong
Hash: SHA512
On 2016-09-30 14:14, nishi...@gmail.com wrote:
> Hi,
>
> Could a Qubes developer pay attention on this ticket, please ?
>
> I can't reinstall any other OS than Qubes on my HDD. When I put in a USB key, it doesn't boot on it, it switches directly to the GRUB menu.
>
> I am sure at 100% it comes from some sort of disk protection that Qubes put on my disk. I am also sure that those USB keys would work on any other HDDs, as they are properly burnt.
>
> I tried to reinstall Qubes without disk encryption. It didn't change the outcome.
>
> How do I remove this disk block so I can use USB keys to install another OS than Qubes ?
# dd if=/dev/zero of=/dev/sdX
where sdX is your disk. (Make sure not to select just a single partition on the disk, but rather the whole disk.)
There are also other methods, like ATA Secure Erase (hdparm). Have a read:
https://wiki.archlinux.org/index.php/Securely_wipe_disk
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX8AvxAAoJENtN07w5UDAwPh0P/j8kfG6mxNgaeR+4vp4d9Rzh
0PX5mIFKl84hZM7V1+AQ8cVVC4bp282FicDSNrlWiO8z8/U1Xza67Hpy0YFCxwvZ
eQ0zrBXszV88/LGM9N74NOo+u4SE7P+vq7hDREnVPOanntpSXpo1M1ZvDiLdpU0C
anl+Q6vBbV0aumqs8oxe1mvGpNXjPAghrB0qAkut8sYwahuXoy2l/Gfs9x9GuC4s
0QXm4Gw+dlgcKSADBx9Z5bd5UlE9I8L7ecXaqXElv/tGpocmh9K0WT7/zH2cDrVk
Jk8R9fo0lyzUPu4Uw2rz7N93Namjwx1+FktAiurW/rfF9EotyBgBAorEJGvQVikG
gaAuSjvPEGLPecZYx0VN/xw07LpzqdVWt7TpBlPst24BSowlm3+M7jk7Dlxpsp2J
ZSzeF6XebzdF66z73iWpwoyK3ZQ0tyW1UAKkUAFgyyy5H0LItMsstovTm3MngZ+G
AZloc7mCTM21wxd2dTzYXkYzj9xl/n82g9Btj9cMrw9eIH8ncOk16y0AoobIFIYT
LMqqSkHbXHljI6KbT2o6kgOGgBQklsgoRZR7K9iknUzI1vO25v9RE0cAeNx5/S8J
2IoIkR7G95aC9wSE2QptRZ0CltbO6sXodlkgoP2rzkl7BZVZZRoFB38D+ul/L9bT
8EBPm7PKAwlt+2fhEvVf
=fXAx
-----END PGP SIGNATURE-----
nishi...@gmail.com
How are you ? Thank you for your time, I appreciate your help. I don't know if I went full paranoid mode but I just wanted to apologize having been so aggressive. It's not the way I behave myself in real, I am really the opposite kind, being sensitive and trying to stay polite with people. I clearly failed there so I just wanted to let you know that I truly respect Qubes development team and that I am sorry having letting myself ending up being nasty...
What bothers me is that I really love the American culture and I don't understand why on the political part NSA is making a war nowadays on the entire world on privacy rights. Well, as anyone I have been really shocked by 9/11 terrorist attacks. Even though I understand the US politics reacted because they have been hurt on a power symbol, I really want these paranoid policies by NSA against every privacy rights of citizen to end. Human dignity is based on privacy respect. I can tell you about it, I lost a huge part of my dignity in psychiatry, going there for wrong reasons (got fascists perverts in my family).
And I mean, who doesn't love the US ? If I had to move to a desert island and only take 5 of my favorite movies ever, I would probably take 3 American one's : "Mulholland Drive", "Forrest Gump" and "Changeling". What's fascinating is that all those 3 outstanding movies express in a very different way the same universal feeling : love. I feel so grateful to the US when I watch them because actually my life sucks, got no friends, no family left. I feel like receiving a bit of love I missed. Well, all that being said, thank you for your support. I'll try your solutions when I'll wake up :)
nishi...@gmail.com
I thought I was betrayed. I have been betrayed a lot by relatives but that doesn't mean I'm supposed to react like a dumbass and think of conspiracy if I got one port listening... Sadly my imagination went crazy mode. I guess you can call it a defense mechanism, but nevertheless, I am sorry about that.
My boot problem is in fact related to "sudo dd if=/file.iso of=/dev/sdX" ends up burning a UDF partition that refuses to boot. I tried your advices except the ArchLinux one, but I guess I just have to keep trying. Also I read somewhere I need to enter "bs=512" to burn more little fragments than the original size to avoid boot problem with UDF. This might fix my issue, I will try tomorrow.
Fun part is that I want to go back to Windows only very briefly, to install my mouse drivers and fix its sensitivity being too fast, as Linux drivers are really painful to install for this model (I did it on Debian, it took me a lot of efforts to make it work).
Then I think I will probably join back in the future Qubes, as indeed it is a very innovative OS. It's just I am interested on trying BSD systems. I found a great guide to learn Korn shell scripting, watched all videos https://m.youtube.com/playlist?list=PLCAFDE9B81B30388E
It was very interesting and very well made, allows you to understand better how command line work and the logics behind programs !
In fact I just want to learn to use a different Unix-based system than Linux and try there what I have learnt on this great tutorial. It's easier when your mouse isn't on steroids ^^
Jeremy Rand
Cheers,
-Jeremy
raah...@gmail.com
fedora is the default man. but its easy to disable on debian and all the other processes. I understand your assumption though, its common sense.
raah...@gmail.com
I personally use fedora as my default sys-net and firewall still for those reasons as well.
nishi...@gmail.com
But right now as I don't want either to go back to my old crappy mouse, either to continue with this high DPI uncontrollable skating mouse, unfortunately I am completely locked. Since ~10 days :(
This is really strange I never encountered problems on Qubes by the past to use the "dd" command to burn an iso. I tried to add "bs=512" but I still can't boot on my USB, so that I could install those mouse drivers to lower down DPI, then uninstall Windows and continue on my way to try a BSD Unix system..
raah...@gmail.com
I don't understand what you mean. Did you try the system settings, and mouse settings from the start menu?
nishi...@gmail.com
Problem is driver from manufacturer to Linux users is really bad as ofc they don't sell it for that usage. So unless someone would know how to properly burn a udf USB iso, I guess I'll have to reinstall baremetal Debian and take an afternoon to compile sources and make it work, once again...
raah...@gmail.com
> It isn't a configuration problem but a driver related one. I made the mistake to set up this mouse with a minimum DPI value that is too high. Anyway it has by default a high DPI value that does not fit a browsing / workstation profile. I bought it for gaming purpose, but I stopped playing video games.
>
> Problem is driver from manufacturer to Linux users is really bad as ofc they don't sell it for that usage. So unless someone would know how to properly burn a udf USB iso, I guess I'll have to reinstall baremetal Debian and take an afternoon to compile sources and make it work, once again...
if it works in a baremetal debian, it should work in a debian based sys-usb.
nishi...@gmail.com
So I just installed Ubuntu and they worked fine, took me 5mn to install and lower down DPI :)
Well so once again, really sorry having went on this full paranoid mode and talking shit about Qubes, thinking my HDD was hijacked or smth wtf.. So stupid and bad mannered from me... Unfortunately it comes from a previous rootkit experience on Windows so I suppose now when I see something kinda suspicious like an USB refusing to boot, I react like this, which isn't adapted at all.
I hope it's cool and that I didn't hurt anyone. Even though this ipv6 port listening surprised me, I will keep using Qubes as it is a great OS and the work done here by developpers is just awesome. Documentation is also clear and well written. I also like the fact it comes with Debian + Xfce, which is imo the best destktop manager on Linux. Simple, elegant, and still greatly customizable : ) I find it better than the current Ubuntu default desktop manager I just discovered, but I guess everyone has its own preferences ^^
But yea first I really want to try out Unix BSD as when you are running Linux since few months you might want to discover where everything started : )
Bye and thank you again for your help on closing ipv6 on Debian, I hope it might help someone else not willing to have it enabled (for now... as we will all have to use it within time !)