video about "How Qubes OS is different from ...? and it's design"
108 views
Skip to first unread message
Matteo
Nov 2, 2016, 5:03:41 PM11/2/16
to qubes...@googlegroups.com
Hello everyone, my name is Matteo, from Italy
I'd like to make a video about "How Qubes OS is different from ...? and
it's design"
I want keep it SIMPLE and understandable by ANYONE; my idea is some
graphs/images with power point.
let me know if you think it's a good idea so i will make it and wait
your approval to publish it (or edit if necessary)
WHY: because when Snowden tweeted about Qubes i noticed that many people
asked why not x? what about y?
-> to me it seems that people doesn't understand that this is not a
classic "hardened" distro with some tweeked settings (i think is not
useful / a solution)
WHY: because im long time user of "disposable windows xp in virtual box"
where i open any sort of things (and also cryptolocker received by email
just to show my uncle from what i saved him) and i think that Qubes is
the same concept but much better under many point of views
-> that is safe enough that i can intentionally open a virus in it
without any damage, i'd like that normal people understand how great
this project is (Qubes starts with the assumption that you _will_ get a
virus and the computer must continue to work)
WHY: because i really "hate" people who says "don't open suspect emails,
they could be virus" while never telling what "suspect" means, same for
usb keys "don't plug unknown usb, could contain a virus", (and also wifi
psw or use 3G no wifi because is dangerous '-_-, this is not FUD this is
just madness)
->I think that both actions are NORMAL USE OF A COMPUTER: mails are
designed to be opened/sent/received; usb keys are designed to be plugged
in computers and if it is dangerous to use something in a standard way,
well that is an OS problem (useless os) not a user problem and i think
that the only OS that fix these and other "problems" is Qubes
WHY: because people are lazy and doesn't read (or understand) the docs
like https://www.qubes-os.org/intro/
->I'd like to make a video that is SIMPLE, something that everyone can
understand because i think that Qubes OS is simple enough to be used by
everyone (maybe if you help with installation)
for example: if you tell them something like "if your neighbor gets a
virus you don't get it too right? seems obvious! they are different
computers! well Qubes is exactly the same: they are more virtual
separate computers in a single real one"
this is much more easier to understand than talking them about "VM; host
OS; Type 1 bare metal hypervisor called Xen; monolithic kernel" i think
that these details are _fundamental_ and they must be available to who
want understand how it works and trust it, but for the vast majority of
people that is just meaningless.
This is just an initial idea, i don't know the details yet, let me know
what you think.
I hope that if not with a video in some unknown way you can allow the
access to this project to common people because is really awesome!
Thanks for your time
Matteo
I'd like to make a video about "How Qubes OS is different from ...? and
it's design"
I want keep it SIMPLE and understandable by ANYONE; my idea is some
graphs/images with power point.
let me know if you think it's a good idea so i will make it and wait
your approval to publish it (or edit if necessary)
WHY: because when Snowden tweeted about Qubes i noticed that many people
asked why not x? what about y?
-> to me it seems that people doesn't understand that this is not a
classic "hardened" distro with some tweeked settings (i think is not
useful / a solution)
WHY: because im long time user of "disposable windows xp in virtual box"
where i open any sort of things (and also cryptolocker received by email
just to show my uncle from what i saved him) and i think that Qubes is
the same concept but much better under many point of views
-> that is safe enough that i can intentionally open a virus in it
without any damage, i'd like that normal people understand how great
this project is (Qubes starts with the assumption that you _will_ get a
virus and the computer must continue to work)
WHY: because i really "hate" people who says "don't open suspect emails,
they could be virus" while never telling what "suspect" means, same for
usb keys "don't plug unknown usb, could contain a virus", (and also wifi
psw or use 3G no wifi because is dangerous '-_-, this is not FUD this is
just madness)
->I think that both actions are NORMAL USE OF A COMPUTER: mails are
designed to be opened/sent/received; usb keys are designed to be plugged
in computers and if it is dangerous to use something in a standard way,
well that is an OS problem (useless os) not a user problem and i think
that the only OS that fix these and other "problems" is Qubes
WHY: because people are lazy and doesn't read (or understand) the docs
like https://www.qubes-os.org/intro/
->I'd like to make a video that is SIMPLE, something that everyone can
understand because i think that Qubes OS is simple enough to be used by
everyone (maybe if you help with installation)
for example: if you tell them something like "if your neighbor gets a
virus you don't get it too right? seems obvious! they are different
computers! well Qubes is exactly the same: they are more virtual
separate computers in a single real one"
this is much more easier to understand than talking them about "VM; host
OS; Type 1 bare metal hypervisor called Xen; monolithic kernel" i think
that these details are _fundamental_ and they must be available to who
want understand how it works and trust it, but for the vast majority of
people that is just meaningless.
This is just an initial idea, i don't know the details yet, let me know
what you think.
I hope that if not with a video in some unknown way you can allow the
access to this project to common people because is really awesome!
Thanks for your time
Matteo
Jean-Philippe Ouellet
Nov 2, 2016, 6:48:00 PM11/2/16
to Matteo, qubes-devel
Jean-Philippe Ouellet
Nov 2, 2016, 6:56:04 PM11/2/16
to Matteo, qubes-devel
On Wed, Nov 2, 2016 at 6:47 PM, Jean-Philippe Ouellet <j...@vt.edu> wrote:
> You mean like these?
>
> https://www.qubes-os.org/video-tours/
Note that I didn't mean this to be dismissive, rather just ensuring
> You mean like these?
>
> https://www.qubes-os.org/video-tours/
you are aware of prior art for inspiration / comparison / whatever, as
you may wish to prioritize effort towards aspects of Qubes less
covered by the existing videos.
The more people using Qubes the better IMO, and positive
community-driven marketing as you propose may well advance that goal.
:)
Andrew David Wong
Nov 3, 2016, 1:02:14 AM11/3/16
to Matteo, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 2016-11-02 14:03, Matteo wrote:
> Hello everyone, my name is Matteo, from Italy
>
> I'd like to make a video about "How Qubes OS is different from ...? and
> it's design"
> I want keep it SIMPLE and understandable by ANYONE; my idea is some
> graphs/images with power point.
> let me know if you think it's a good idea so i will make it and wait
> your approval to publish it (or edit if necessary)
>
> [...]
I think this is a great idea! There are currently a couple of Video
Tours of Qubes, as Jean-Philippe pointed out:
https://www.qubes-os.org/video-tours/
However, I don't think any of them quite match the description of your
proposed project. If you do create such a video, and it meets our quality
standards, we will happily feature it on the page linked above, as well
as share it from our social media channels.
The most important thing in this kind of video will be accuracy. You
will want to make sure that you're accurately portraying both Qubes and
the other things to which you're comparing Qubes. It might be a good
idea to share a draft of the script you plan to use before actually
making the video, so that the community can provide feedback.
Thank you for doing this!
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYGsTJAAoJENtN07w5UDAwTKgP/0GY7Q1NmLhEkF8KcBLNyx2o
hw+GvhncJol4yEn9WDeEv5AlPTHmYICqCD0meZ1MliZfUSZHG93/6Ku1xz4JGOpt
9muEe8epN1ikTVGpWGOZBs4mi5yX1I1gMdEhvDI6mDZJWCzce580sLGa0Dgdp5HW
P6gNQlu3xsh3PVv+Uu7FFEMH1fcTnKIVtgDu6U1JggAmf8APKbOk606J+Zby+Wck
zdNPc9jKsW/jXtoln/w0gAi2TdU5tUkq9mta2RvlOam2cdk3uvanaJBrXBVxrA5m
cqnFdNnTeuXIwnsvYZZRzUTMmX5Hx5xNQbviwUDJ+mAuuu+1wf28JqPpbtG1MnhX
Ww4HiyklOHJXzNBY+5nSurAWQza9lIQRGfrwHR5W5lwpO+Mz4DYtwIjyXrxF0e4+
E9QadaZt2eUWGrNI2y3yyPQgE5xo024zKuZ9sg5xkPdeU7DIHFDcF/hZ6Srnzy23
vecXq/I11RxFmDxDfjH/xpWkVjo/k50KSXfMQj9XLQwouirzHq6YCOQKHiwTogWB
s7ooe0vMszkqxavaj+vjeHG3mAM2y3lPr2uRnNWgcHbo0OuGM8d9VwncyXdCj7BP
nSawz1/gjYf9Yce+jkwfwxxcjW7Wc3BowIBYRQeR3V6NZYwsMZdzRM4J0IumkjOP
s4mXSOgZpI/ZLHIXMRDs
=ucyu
-----END PGP SIGNATURE-----
Hash: SHA512
On 2016-11-02 14:03, Matteo wrote:
> Hello everyone, my name is Matteo, from Italy
>
> I'd like to make a video about "How Qubes OS is different from ...? and
> it's design"
> I want keep it SIMPLE and understandable by ANYONE; my idea is some
> graphs/images with power point.
> let me know if you think it's a good idea so i will make it and wait
> your approval to publish it (or edit if necessary)
>
>
> This is just an initial idea, i don't know the details yet, let me know
> what you think.
> I hope that if not with a video in some unknown way you can allow the
> access to this project to common people because is really awesome!
> Thanks for your time
> Matteo
>
Hi Matteo,
> This is just an initial idea, i don't know the details yet, let me know
> what you think.
> I hope that if not with a video in some unknown way you can allow the
> access to this project to common people because is really awesome!
> Thanks for your time
> Matteo
>
I think this is a great idea! There are currently a couple of Video
Tours of Qubes, as Jean-Philippe pointed out:
https://www.qubes-os.org/video-tours/
However, I don't think any of them quite match the description of your
proposed project. If you do create such a video, and it meets our quality
standards, we will happily feature it on the page linked above, as well
as share it from our social media channels.
The most important thing in this kind of video will be accuracy. You
will want to make sure that you're accurately portraying both Qubes and
the other things to which you're comparing Qubes. It might be a good
idea to share a draft of the script you plan to use before actually
making the video, so that the community can provide feedback.
Thank you for doing this!
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYGsTJAAoJENtN07w5UDAwTKgP/0GY7Q1NmLhEkF8KcBLNyx2o
hw+GvhncJol4yEn9WDeEv5AlPTHmYICqCD0meZ1MliZfUSZHG93/6Ku1xz4JGOpt
9muEe8epN1ikTVGpWGOZBs4mi5yX1I1gMdEhvDI6mDZJWCzce580sLGa0Dgdp5HW
P6gNQlu3xsh3PVv+Uu7FFEMH1fcTnKIVtgDu6U1JggAmf8APKbOk606J+Zby+Wck
zdNPc9jKsW/jXtoln/w0gAi2TdU5tUkq9mta2RvlOam2cdk3uvanaJBrXBVxrA5m
cqnFdNnTeuXIwnsvYZZRzUTMmX5Hx5xNQbviwUDJ+mAuuu+1wf28JqPpbtG1MnhX
Ww4HiyklOHJXzNBY+5nSurAWQza9lIQRGfrwHR5W5lwpO+Mz4DYtwIjyXrxF0e4+
E9QadaZt2eUWGrNI2y3yyPQgE5xo024zKuZ9sg5xkPdeU7DIHFDcF/hZ6Srnzy23
vecXq/I11RxFmDxDfjH/xpWkVjo/k50KSXfMQj9XLQwouirzHq6YCOQKHiwTogWB
s7ooe0vMszkqxavaj+vjeHG3mAM2y3lPr2uRnNWgcHbo0OuGM8d9VwncyXdCj7BP
nSawz1/gjYf9Yce+jkwfwxxcjW7Wc3BowIBYRQeR3V6NZYwsMZdzRM4J0IumkjOP
s4mXSOgZpI/ZLHIXMRDs
=ucyu
-----END PGP SIGNATURE-----
Matteo
Nov 29, 2016, 1:52:56 PM11/29/16
to qubes...@googlegroups.com
Some time ago i sent an email about an idea of video presentation here
is an initial text idea
if someone have time to read it to find if it is good, find mistakes
(typo and eventually wrong conclusions), find if i am missing something
important, going too much off topic, ...
known "bugs":
-completly missing template concept and read only file system/home dir
persistency should i add it or it is too complex for an introduction video?
-the first part "what is a virus" is not strictly qubes related but i
think it is very important:
you can't say it's safer from virus without explaining people what a
virus is, also because normal people usually see a "bad guy" with a mask
and a notebook, random green strings falling on the screen, 400lb
hackers, (that kind of nosense images)
it's also important that people understand why they need a secure os and
the best way it's tell them what it is a virus and what it can do.
-maybe i should remove some parts like "this has been created when i was
at highschool" ok, it's useful to understand how insecure is it but has
nothing to do with qubes
i still remember when we got internet at home (56k modem) and who
isntalled it said "keep the cable unplugged, plug it only when you need
it". i got so many dialers in win 98: connection stop working, the modem
start composing a number (you hear that beeps from modem), you see
nothing strange on screen. so what i did? unplug so it fail to compose,
plug again, click connect, and continue from where i was interrupted!
in that old days i never asked myself "omg i got a virus! and it can do
EVERYTHING with my commputer! and unpluggind the cable doen't remove the
virus"
so please think that you are talking to someone that doesn't understand
anything about security.
some notes: you will see that when i say virus i mostly refer to
keylogger and cryptolocker, that's because people know them.
i hope that is clear and simple enough.
Let me know!
Matteo
This is what i'd like to say in the video "how qubes is different from
... and why you should use it"
Video speech follows:
--------------------------
This is a presentation about how Qubes OS differ from other OSes and why
it is more secure.
This doesn't want to be a complex presentation, it is something that
everyone will understand, so there are no complex terms.
the most complex one will be "os" that means operaing system (like
windows, linux, qubes)
and "virtual machine" that means a virtual computer inside a real one:
so the virtual computer will have it's own virtual hard disk, virtual
ram, and every other needed component is virtual. when i say virtual i
mean simulated/emulated (like the playstation or gameboy emulator), so
that if you are inside that virtual computer seems just a computer; this
is from a technical point of view.
in this presentation we will call them "computers" because is what they are.
as a qubes os user for you two virtual machines means two windows with a
different colour quite simple!
so if you have a green program and a red program you will see them like
you see them on usual computers (except for the colors) but the
difference is that each colout has it's own full computer, so red and
green are two different computers.
Also please understand that when we talk about computers usually things
are true and is also true it's opposite (ex: https protects your data
from being intercepted, but under some very specific conditions it can
fail).
In this presentation we suppose that things like https simply works, if
you want to have a more detailed (and advanced) point of view check the
second part.
To show you how qubes is more secure we will intentionally open a virus
on windows and on qubes and analyze the differences and its impact on
both oses.
we will also show the limits of antivirus solutions.
Lets start by saying that a virus is a program, a program like
calculator, paint, word, skype, ... so it can do the same things that
any program that you know does, the three main differences are that:
1-it's evil and unwanted
2-it doesn't show a window (so you don't notice it's presence)
3-when you run it for the first time it copy somewhere and run
automatically every time you start your os (ex: windows)
otherwise it would be enough reboot the pc to remove virus (reboot close
any running program)
another important thing to say is how you get a virus and there are two
ways to get one:
1-you "intentionally" open it (double click on it) maybe because you
think that is a photo or documentt, or a game, while it's (also) a virus.
2-you are victim of a zero day: an unknown security problem with a
program that you use, (usually the browser). this second it's much much
much rare.
in fact almost always you don't "get hacked" you open the virus yourself.
before we open the virus let's see how current oses wokrs and how qubes
works:
current os are monolithic, they are a single big block with everything
inside it, and every program that you run has access to all your files.
Qubes is different:
if i tell you that when your neighbor gets a virus you don't get the
same virus too because of him. what do you say? probably you will say:
that's obvious! they are different computers!
this is what qubes os does in simple words! it provide you many
different and isolated computers inside your real one (they are called
virtual machines). So if you get a virus on one you don't get it also on
the others.
now you might ask and what if one day i open a virus in that virtual
computer, another day i open another virus in another different virtual
computer, ... until i have opened a virus in every single virtual
computer that i have?
if you do that you are 100% compromised but as you said you must open
many virus to get 100% compromised not only one! and because of this
qubes is better than conventional oses.
before we continue it's important to uderstand why qubes give you some
virtual machines:
the idea is that you have a virtual machine for each task, for example:
-one for opening emails
-one for going to random websites
-one to opening only the bank website
-...
if you want to better understand this concept check the other videos.
qubes os has many other great features that makes it better than just a
bunch of virtual machines and to better understand them we will open a
virus on both and see what happens.
now let's open this keylogger and let's see what it can do.
...
as you can see the virus, also if it is not running as admin, can have
full access to the keyboard and so steal anything you write.
and the fact that you use a password manager doesn't help you, the fact
that your password manager is password protected doesn't help too.
this is quite important because how you can see virus can subvert the
way program works and all the programs are designed to correctly work
only if you do not have any virus! (truecrypt for example says that
clearly!)
the password manager password is designed to protect you in case your pc
is stolen not in case you get a virus!.
and things can also go worse: a virus can encrypt your files (so you
notice immediatly that you got a viurs, because you see a pop up that
ask for money) or it could steal them and you don't even think you got one.
a virus can listen from your microphone, watch you from camera (if skype
can do it when you call someone, a virus can too).
now let's do the same on qubes. there is immediatly a problem: in which
virtual machine we open the virus?
we will open it in the "random web browsing" virtual machine, since is
where you open almost any untrusted thing:
-links
-websites more or less trusted
-new programs that you just downloaded to see if they are useful
...
ok the virus is opened what it has gained? access to this computer?
that's not useful! there is nothing here!!
no personal files, no passwords, nothing useful!
and if it encrypt all it can find well it will encrypt nothing! and you
will not pay!
now suppose that instead of this vm we open the virus in the "vault" vm
where you have stored all your passwords. now think for a moment:
we are intentionally opening it there but in real use how would you get
a virus there? you never "use" that computer (vm) you only write by hand
passwords the first time and then you only copy & paste to other vm when
you need to login, how would you get a virus in that vm, is almost
impossible!
but we will open it there now, seems dangerous!
ok we have a keylogger where we store the paswords what it can do? read
all our passwords! and then?!?! nothing because it can't send what it
got to some bad guy, there is no internet in that vm! so it has access
but it can't steal them! that computer is safe also with a virus inside!
now suppose that we open a virus in the "email" vm what it can do?
steal all your emails and your email password (only one password) it
can't steal personal documents photos, passwords, use your webcam ...
because they are not there!
and if your mails are encrypted it can't even steal your mails! because
the key is not there. unlike conventional os where it will have full
access and steal mail, passwords, files, encryption keys that protect
your mails...)
qubes has a special vm to open email attachment or anything you want: a
disposable vm.
that is a special computer that is used only once annd than is throwed
away. so it always start without virus and will delete anything when you
close it. in this way you can open email attachments, links, ... in a
clean computer and everything is deleted on close.
so if someone send you a virus by email (quite common) and you open it
in that vm it will only be able to stel the copy of itself because the
computer is empty! and when you close it the virus is gone!.
as you can see getting a virus is more difficult because every email
link and attachment is not opened in the email vm and also if you get
one, it can do only a very limited damage.
now you might say "but i have an antivirus!", i think that antivirus are
not the solution and they are not perfect.
antivirus has two main ways to protect you:
-block known virus (read: old virus)
-block unknown virus because they have bad behavior
think for example when you add a password to a file to protect it, now
think when a virus encrypt your files to ask you money. the action is
the same the purpose is different, antivirus and more in general
computers are stupid, and they have no ethics they just follow instructions.
if i tell you go out and jump of a bridge you will not do it you will
say thats not a good idea! if you tell you a computer delete all the
files, personal files, configuration files it will not say "mmm seems a
virus" it will just follow the instructions.
so antivirus will fail because they have no ethics and is not easy to
differentiate between good and bad behavior.
another problem is that:
1-someone make a virus
2-you get a virus
3-antivirus is updated and your virus is detected/removed
as you can see the timeline there is a delay between when you get it and
when it is removed. and that makes you think that everything works!
before cryptolockers everyone was happy:
-virus writers because they coul steal your data
-antiviurs because they sell
-you because (maybe one week after you got it) the antivirus deleted a virus
cryptolocker changed this, they don't hide they show you a pop up "pay
me" and so you can see that antivirus doesn't work very well.
that said i think that antivirus are important because they force the
bad guy to change/innovate/edit the virus, without an antivirus bad guy
could vrite a virus once and use it for 10 years and meanwhile improve
it and add other bad features.
antivirus force them to keep it simple and force them to revwrite it
every time.
the same is true for cheaters in games and anti cheat.
one last important thing: you don't have to choose between qubes and
antivirus (or any other nice security program that you know) you can
have both! qubes support also windows not only linux.
The problem with conventional oses is that they are insecure in fact
people suggest you "don't open suspicius links, emails, email
attachments, programs,..." but they never say what suspicius means.
if something is suspicius you are intelligent enough to not click it,
for example if you receive an email like this:
free virus!! to get infected please follow the instructions:
1-download this attachment or click the link that will offer you to
download the file
2-when is downloaded open it
3-done
but what if you receive something like this (personalized for your
country, and in better english):
hello, this is the tax office of your government
from a check seems you haven't payed your taxes, you must pay 10000€
because you don't pay taxes. if you think that it's our mistake please
compile and send the attached module.
attached you also find our check result.
i bet you will download the "pdf" (or click the link that allows you
download it) and then open it!
the problem isn't you! it's the os that is insecure!!! mails are
designed to be opened! so instead of being constantly worried about
opening an email get qubes os and open every single email!
the "pdf" problem happens because windows settings are insecure by default:
it has as default option "hidde known extensions" so .pdf (document) and
.exe (program) are not visible and you can't see the difference between
pdf and application (applications has own icon!).
the fact that you can tweek that option yes, helps, but if it's designed
in that way for each setting that you tweek to improve the security
there are others that you might miss, so its better to get something
like qubes wich is is secure by design
the same is true for usb drives pepole say "don't insert random usb
found on ground" but it's a mistake! usb drives are designed to be
plugged in a computer and if that found usb might be suspicius the one
that your friend gave you isn't and he might have a virus on his pc and
usb. again the problem isn't you, the user, it's the os that can't
protect you from such a basic task like plugging an usb drive
also note that webcam & mic are disabled by default (not attached to a
virtual machine)
on my pc i have added a physical switch but is important to say that on
qubes by default if you open a virus it can't listen your conversation
nor spy you from your webcam!
------
quick faq:
-are you teaching criminals? why you sugget how to make a phishing email?
there is nothing new in there, the only one who can be teached is you
-if all the programs are designed to work correctly only if they are
without virus how qubes can solve it?
it doesn't in fact also if you (only) use the virtual machines we must
not forget that there is a real computer behind everything and there is
also a special place that manage all these vm, is called dom0 and since
getting a virus there would be a 100% compromise you must never use it,
virtual machines are there to be used!
and since the authors know that people make mistakes there is no
internet in dom0 and there is no easy way to copy a file (virus) in
there to open it.
it's also important to note that it offer some protection against a zeroday:
while a single zeroday in a normal os is game over (pc fully
compromised); in qubes you need at least two:
one to hack into a vm and the other to hack from the vm in dom0, and you
can't just use the same twice because they are different tasks. so it
has (at least) doubled the difficulty.
-can i have the keylogger? where can i download it?
you can't it's home made and i don't want it to be used for evil purpose.
-is it a super advanced virus?
absolutly not and i have made it while i was at high school, this should
make you think about how secure your os is.
-what if you send me and i don't open it?
you are safe! but you will open it, there are so many ways to trick
people in clicking things that they souldn't, i prefeer to not publish
them because some aren't even used by bad guys, and are unknown also at
university (tip: found in one state sopnsored attack, and then never again)
that's why you need a secure os!
-can it be hacked?
i think yes, but not by me (contrary to windows)
-if both can be hacked why should i use it?
just because both can be hacked doesn't mean that they are equal, qubes
it's much harder and this is why you should use it.
i usually see this kind of question in politics: "by improving x we have
found a way to save 50 M€" and other say "yes but it's not 100 M€" that
kind of answer is always true but you should note that it's much better
than the current state.
------
advanced faq:
-what if a virus uses, for example, acoustical covert channels to
exfiltrate data to other computers?
appvm hasn't mic input, only output by default so it's a one way
communication and as i said above just because it might not be "nsa
proof" doen't mean that you should not use it. in fact i think that it
is able to stop almost any common virus that i see on the web. and
probably some not so advanced state sponsored malware. also this covert
channel can be applied on other oses too so i don't get the point of
such question.
is an initial text idea
if someone have time to read it to find if it is good, find mistakes
(typo and eventually wrong conclusions), find if i am missing something
important, going too much off topic, ...
known "bugs":
-completly missing template concept and read only file system/home dir
persistency should i add it or it is too complex for an introduction video?
-the first part "what is a virus" is not strictly qubes related but i
think it is very important:
you can't say it's safer from virus without explaining people what a
virus is, also because normal people usually see a "bad guy" with a mask
and a notebook, random green strings falling on the screen, 400lb
hackers, (that kind of nosense images)
it's also important that people understand why they need a secure os and
the best way it's tell them what it is a virus and what it can do.
-maybe i should remove some parts like "this has been created when i was
at highschool" ok, it's useful to understand how insecure is it but has
nothing to do with qubes
i still remember when we got internet at home (56k modem) and who
isntalled it said "keep the cable unplugged, plug it only when you need
it". i got so many dialers in win 98: connection stop working, the modem
start composing a number (you hear that beeps from modem), you see
nothing strange on screen. so what i did? unplug so it fail to compose,
plug again, click connect, and continue from where i was interrupted!
in that old days i never asked myself "omg i got a virus! and it can do
EVERYTHING with my commputer! and unpluggind the cable doen't remove the
virus"
so please think that you are talking to someone that doesn't understand
anything about security.
some notes: you will see that when i say virus i mostly refer to
keylogger and cryptolocker, that's because people know them.
i hope that is clear and simple enough.
Let me know!
Matteo
This is what i'd like to say in the video "how qubes is different from
... and why you should use it"
Video speech follows:
--------------------------
This is a presentation about how Qubes OS differ from other OSes and why
it is more secure.
This doesn't want to be a complex presentation, it is something that
everyone will understand, so there are no complex terms.
the most complex one will be "os" that means operaing system (like
windows, linux, qubes)
and "virtual machine" that means a virtual computer inside a real one:
so the virtual computer will have it's own virtual hard disk, virtual
ram, and every other needed component is virtual. when i say virtual i
mean simulated/emulated (like the playstation or gameboy emulator), so
that if you are inside that virtual computer seems just a computer; this
is from a technical point of view.
in this presentation we will call them "computers" because is what they are.
as a qubes os user for you two virtual machines means two windows with a
different colour quite simple!
so if you have a green program and a red program you will see them like
you see them on usual computers (except for the colors) but the
difference is that each colout has it's own full computer, so red and
green are two different computers.
Also please understand that when we talk about computers usually things
are true and is also true it's opposite (ex: https protects your data
from being intercepted, but under some very specific conditions it can
fail).
In this presentation we suppose that things like https simply works, if
you want to have a more detailed (and advanced) point of view check the
second part.
To show you how qubes is more secure we will intentionally open a virus
on windows and on qubes and analyze the differences and its impact on
both oses.
we will also show the limits of antivirus solutions.
Lets start by saying that a virus is a program, a program like
calculator, paint, word, skype, ... so it can do the same things that
any program that you know does, the three main differences are that:
1-it's evil and unwanted
2-it doesn't show a window (so you don't notice it's presence)
3-when you run it for the first time it copy somewhere and run
automatically every time you start your os (ex: windows)
otherwise it would be enough reboot the pc to remove virus (reboot close
any running program)
another important thing to say is how you get a virus and there are two
ways to get one:
1-you "intentionally" open it (double click on it) maybe because you
think that is a photo or documentt, or a game, while it's (also) a virus.
2-you are victim of a zero day: an unknown security problem with a
program that you use, (usually the browser). this second it's much much
much rare.
in fact almost always you don't "get hacked" you open the virus yourself.
before we open the virus let's see how current oses wokrs and how qubes
works:
current os are monolithic, they are a single big block with everything
inside it, and every program that you run has access to all your files.
Qubes is different:
if i tell you that when your neighbor gets a virus you don't get the
same virus too because of him. what do you say? probably you will say:
that's obvious! they are different computers!
this is what qubes os does in simple words! it provide you many
different and isolated computers inside your real one (they are called
virtual machines). So if you get a virus on one you don't get it also on
the others.
now you might ask and what if one day i open a virus in that virtual
computer, another day i open another virus in another different virtual
computer, ... until i have opened a virus in every single virtual
computer that i have?
if you do that you are 100% compromised but as you said you must open
many virus to get 100% compromised not only one! and because of this
qubes is better than conventional oses.
before we continue it's important to uderstand why qubes give you some
virtual machines:
the idea is that you have a virtual machine for each task, for example:
-one for opening emails
-one for going to random websites
-one to opening only the bank website
-...
if you want to better understand this concept check the other videos.
qubes os has many other great features that makes it better than just a
bunch of virtual machines and to better understand them we will open a
virus on both and see what happens.
now let's open this keylogger and let's see what it can do.
...
as you can see the virus, also if it is not running as admin, can have
full access to the keyboard and so steal anything you write.
and the fact that you use a password manager doesn't help you, the fact
that your password manager is password protected doesn't help too.
this is quite important because how you can see virus can subvert the
way program works and all the programs are designed to correctly work
only if you do not have any virus! (truecrypt for example says that
clearly!)
the password manager password is designed to protect you in case your pc
is stolen not in case you get a virus!.
and things can also go worse: a virus can encrypt your files (so you
notice immediatly that you got a viurs, because you see a pop up that
ask for money) or it could steal them and you don't even think you got one.
a virus can listen from your microphone, watch you from camera (if skype
can do it when you call someone, a virus can too).
now let's do the same on qubes. there is immediatly a problem: in which
virtual machine we open the virus?
we will open it in the "random web browsing" virtual machine, since is
where you open almost any untrusted thing:
-links
-websites more or less trusted
-new programs that you just downloaded to see if they are useful
...
ok the virus is opened what it has gained? access to this computer?
that's not useful! there is nothing here!!
no personal files, no passwords, nothing useful!
and if it encrypt all it can find well it will encrypt nothing! and you
will not pay!
now suppose that instead of this vm we open the virus in the "vault" vm
where you have stored all your passwords. now think for a moment:
we are intentionally opening it there but in real use how would you get
a virus there? you never "use" that computer (vm) you only write by hand
passwords the first time and then you only copy & paste to other vm when
you need to login, how would you get a virus in that vm, is almost
impossible!
but we will open it there now, seems dangerous!
ok we have a keylogger where we store the paswords what it can do? read
all our passwords! and then?!?! nothing because it can't send what it
got to some bad guy, there is no internet in that vm! so it has access
but it can't steal them! that computer is safe also with a virus inside!
now suppose that we open a virus in the "email" vm what it can do?
steal all your emails and your email password (only one password) it
can't steal personal documents photos, passwords, use your webcam ...
because they are not there!
and if your mails are encrypted it can't even steal your mails! because
the key is not there. unlike conventional os where it will have full
access and steal mail, passwords, files, encryption keys that protect
your mails...)
qubes has a special vm to open email attachment or anything you want: a
disposable vm.
that is a special computer that is used only once annd than is throwed
away. so it always start without virus and will delete anything when you
close it. in this way you can open email attachments, links, ... in a
clean computer and everything is deleted on close.
so if someone send you a virus by email (quite common) and you open it
in that vm it will only be able to stel the copy of itself because the
computer is empty! and when you close it the virus is gone!.
as you can see getting a virus is more difficult because every email
link and attachment is not opened in the email vm and also if you get
one, it can do only a very limited damage.
now you might say "but i have an antivirus!", i think that antivirus are
not the solution and they are not perfect.
antivirus has two main ways to protect you:
-block known virus (read: old virus)
-block unknown virus because they have bad behavior
think for example when you add a password to a file to protect it, now
think when a virus encrypt your files to ask you money. the action is
the same the purpose is different, antivirus and more in general
computers are stupid, and they have no ethics they just follow instructions.
if i tell you go out and jump of a bridge you will not do it you will
say thats not a good idea! if you tell you a computer delete all the
files, personal files, configuration files it will not say "mmm seems a
virus" it will just follow the instructions.
so antivirus will fail because they have no ethics and is not easy to
differentiate between good and bad behavior.
another problem is that:
1-someone make a virus
2-you get a virus
3-antivirus is updated and your virus is detected/removed
as you can see the timeline there is a delay between when you get it and
when it is removed. and that makes you think that everything works!
before cryptolockers everyone was happy:
-virus writers because they coul steal your data
-antiviurs because they sell
-you because (maybe one week after you got it) the antivirus deleted a virus
cryptolocker changed this, they don't hide they show you a pop up "pay
me" and so you can see that antivirus doesn't work very well.
that said i think that antivirus are important because they force the
bad guy to change/innovate/edit the virus, without an antivirus bad guy
could vrite a virus once and use it for 10 years and meanwhile improve
it and add other bad features.
antivirus force them to keep it simple and force them to revwrite it
every time.
the same is true for cheaters in games and anti cheat.
one last important thing: you don't have to choose between qubes and
antivirus (or any other nice security program that you know) you can
have both! qubes support also windows not only linux.
The problem with conventional oses is that they are insecure in fact
people suggest you "don't open suspicius links, emails, email
attachments, programs,..." but they never say what suspicius means.
if something is suspicius you are intelligent enough to not click it,
for example if you receive an email like this:
free virus!! to get infected please follow the instructions:
1-download this attachment or click the link that will offer you to
download the file
2-when is downloaded open it
3-done
but what if you receive something like this (personalized for your
country, and in better english):
hello, this is the tax office of your government
from a check seems you haven't payed your taxes, you must pay 10000€
because you don't pay taxes. if you think that it's our mistake please
compile and send the attached module.
attached you also find our check result.
i bet you will download the "pdf" (or click the link that allows you
download it) and then open it!
the problem isn't you! it's the os that is insecure!!! mails are
designed to be opened! so instead of being constantly worried about
opening an email get qubes os and open every single email!
the "pdf" problem happens because windows settings are insecure by default:
it has as default option "hidde known extensions" so .pdf (document) and
.exe (program) are not visible and you can't see the difference between
pdf and application (applications has own icon!).
the fact that you can tweek that option yes, helps, but if it's designed
in that way for each setting that you tweek to improve the security
there are others that you might miss, so its better to get something
like qubes wich is is secure by design
the same is true for usb drives pepole say "don't insert random usb
found on ground" but it's a mistake! usb drives are designed to be
plugged in a computer and if that found usb might be suspicius the one
that your friend gave you isn't and he might have a virus on his pc and
usb. again the problem isn't you, the user, it's the os that can't
protect you from such a basic task like plugging an usb drive
also note that webcam & mic are disabled by default (not attached to a
virtual machine)
on my pc i have added a physical switch but is important to say that on
qubes by default if you open a virus it can't listen your conversation
nor spy you from your webcam!
------
quick faq:
-are you teaching criminals? why you sugget how to make a phishing email?
there is nothing new in there, the only one who can be teached is you
-if all the programs are designed to work correctly only if they are
without virus how qubes can solve it?
it doesn't in fact also if you (only) use the virtual machines we must
not forget that there is a real computer behind everything and there is
also a special place that manage all these vm, is called dom0 and since
getting a virus there would be a 100% compromise you must never use it,
virtual machines are there to be used!
and since the authors know that people make mistakes there is no
internet in dom0 and there is no easy way to copy a file (virus) in
there to open it.
it's also important to note that it offer some protection against a zeroday:
while a single zeroday in a normal os is game over (pc fully
compromised); in qubes you need at least two:
one to hack into a vm and the other to hack from the vm in dom0, and you
can't just use the same twice because they are different tasks. so it
has (at least) doubled the difficulty.
-can i have the keylogger? where can i download it?
you can't it's home made and i don't want it to be used for evil purpose.
-is it a super advanced virus?
absolutly not and i have made it while i was at high school, this should
make you think about how secure your os is.
-what if you send me and i don't open it?
you are safe! but you will open it, there are so many ways to trick
people in clicking things that they souldn't, i prefeer to not publish
them because some aren't even used by bad guys, and are unknown also at
university (tip: found in one state sopnsored attack, and then never again)
that's why you need a secure os!
-can it be hacked?
i think yes, but not by me (contrary to windows)
-if both can be hacked why should i use it?
just because both can be hacked doesn't mean that they are equal, qubes
it's much harder and this is why you should use it.
i usually see this kind of question in politics: "by improving x we have
found a way to save 50 M€" and other say "yes but it's not 100 M€" that
kind of answer is always true but you should note that it's much better
than the current state.
------
advanced faq:
-what if a virus uses, for example, acoustical covert channels to
exfiltrate data to other computers?
appvm hasn't mic input, only output by default so it's a one way
communication and as i said above just because it might not be "nsa
proof" doen't mean that you should not use it. in fact i think that it
is able to stop almost any common virus that i see on the web. and
probably some not so advanced state sponsored malware. also this covert
channel can be applied on other oses too so i don't get the point of
such question.
Reply all
Reply to author
Forward
0 new messages