Can my pc be compromised and if so can I just create a new net-vm and firewall-vm and if so how when I can’t clone them ?
23 views
Skip to first unread message
annee...@gmail.com
Aug 5, 2020, 3:46:42 AM8/5/20
to qubes-users
I’m a victim of stalking.
Lately my 3. new mobile in about a year 1 day after using it suddenly said that it’s new sim card was blocked. And sadly I restarted the phone although I thought the reason for this was that it had been compromised and probably should had set it back to factory settings.
I was at my parents house at he time and the phone haven’t been any other place at the time.
Afterwards I found a sign of a installed and deleted app on my mothers Ipad.
I have read on the web that it is possible to use software like for example an Ipad app to get access to mobile phones and mobile broadband.
As my new pc also only have been there and I have Qubes OS installed on it and I have been using my own mobile broadband modem together with it, I wonder if my pc also can be infected and if so could it be that only the firewall-vm and the net-vm is compromised or could it be the whole system... ?
Can I just delete the firewall-vm and the net-vm and create new ones afterwards and shall I just create them in the same way when creating new app-vm’s or standalone-vm’s or how shall I create them when I can’t clone them ?
Lately my 3. new mobile in about a year 1 day after using it suddenly said that it’s new sim card was blocked. And sadly I restarted the phone although I thought the reason for this was that it had been compromised and probably should had set it back to factory settings.
I was at my parents house at he time and the phone haven’t been any other place at the time.
Afterwards I found a sign of a installed and deleted app on my mothers Ipad.
I have read on the web that it is possible to use software like for example an Ipad app to get access to mobile phones and mobile broadband.
As my new pc also only have been there and I have Qubes OS installed on it and I have been using my own mobile broadband modem together with it, I wonder if my pc also can be infected and if so could it be that only the firewall-vm and the net-vm is compromised or could it be the whole system... ?
Can I just delete the firewall-vm and the net-vm and create new ones afterwards and shall I just create them in the same way when creating new app-vm’s or standalone-vm’s or how shall I create them when I can’t clone them ?
Chris Laprise
Aug 5, 2020, 7:40:21 AM8/5/20
to qubes-users
On 8/5/20 3:46 AM, annee...@gmail.com wrote:
> I’m a victim of stalking.
>
> Lately my 3. new mobile in about a year 1 day after using it suddenly said that it’s new sim card was blocked. And sadly I restarted the phone although I thought the reason for this was that it had been compromised and probably should had set it back to factory settings.
>
> I was at my parents house at he time and the phone haven’t been any other place at the time.
>
> Afterwards I found a sign of a installed and deleted app on my mothers Ipad.
>
> I have read on the web that it is possible to use software like for example an Ipad app to get access to mobile phones and mobile broadband.
>
> As my new pc also only have been there and I have Qubes OS installed on it and I have been using my own mobile broadband modem together with it, I wonder if my pc also can be infected and if so could it be that only the firewall-vm and the net-vm is compromised or could it be the whole system... ?
Are you confident the Qubes boot partition is safe? That is the
> I’m a victim of stalking.
>
> Lately my 3. new mobile in about a year 1 day after using it suddenly said that it’s new sim card was blocked. And sadly I restarted the phone although I thought the reason for this was that it had been compromised and probably should had set it back to factory settings.
>
> I was at my parents house at he time and the phone haven’t been any other place at the time.
>
> Afterwards I found a sign of a installed and deleted app on my mothers Ipad.
>
> I have read on the web that it is possible to use software like for example an Ipad app to get access to mobile phones and mobile broadband.
>
> As my new pc also only have been there and I have Qubes OS installed on it and I have been using my own mobile broadband modem together with it, I wonder if my pc also can be infected and if so could it be that only the firewall-vm and the net-vm is compromised or could it be the whole system... ?
vulnerable spot in terms of someone getting physical access to your
machine. A few things can help keep boot safe:
1. Anti-evil maid
2. Heads
3. Putting an ATA lock password on your internal boot drive
The third option is not considered very strong, but its still a
deterrent of sorts and its easier to setup than the first two.
>
> Can I just delete the firewall-vm and the net-vm and create new ones afterwards and shall I just create them in the same way when creating new app-vm’s or standalone-vm’s or how shall I create them when I can’t clone them ?
you wipe/replace sys-net its easy to do the same for sys-firewall 'just
in case'.
To do it for sys-net, here is the one-step method in dom0:
sudo blkdiscard /dev/qubes_dom0/vm-sys-net-private
Be careful, as 'blkdiscard' is basically a bulk erase command. There are
other ways to do it, such as creating a new replacement for sys-net, but
they involve multiple steps and are frankly a bit frustrating to
describe and use.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
Chris Laprise
Aug 5, 2020, 7:49:07 AM8/5/20
to qubes-users
sys-net' from the command line will do this without fuss. Then do the
'blkdiscard' step.
After the 'blkdiscard' you can start the wiped sys-net with 'qvm-start
sys-net'. You will need to re-enter any Wifi passwords that you were using.
Reply all
Reply to author
Forward
0 new messages