Qubes Bluetooth (mouse)
Patrick Schless
Thanks,
Patrick
wyory
usable inside that AppVM. This probably isn't very useful in most cases.
Here's what Joanna said last time this came up:
Joanna Rutkowska:
> On 03/12/14 22:27, danf...@gmail.com wrote:
>> Hello,
>>
>> Is there any simple step-by-step way to get my laptop's built in
>> bluetooth working for mouse and headphones, to use in dom0 across all
>> VMs?
>>
>
> We don't really want BT stack in Dom0...
>
>> I don't know much about the security side of things, but I'm happy to
>> blindly ignore any "in my local neighbourhood" kind of attacks if
>> that was the only issue.
>>
>
> Why not use Windows then? Or Mac? :)
>
>> Or should I be avoiding Qubes if I can't figure this stuff out
>> myself? ;)
>>
>> I'm just an amateur Linux user mildly interested in increased
>> security/privacy.
>>
>> Side musing: Have the developers considered allowing *optional*
>> support for things that have security issues, in the spirit of
>> compromise...?
>
> Qubes OS is an open platform, you can configure it however you like,
> disabling potentially all security feature, if you really want. The user
> is the ultimate boss.
>
>> For instance, I absolutely do choose convenience and
>> even necessity over security (to the tune of bluetooth, full graphics
>> card support for game dev work), yet wouldn't there still be
>> something to be gained by using Qubes even with those security holes?
>> When the choice is Qubes with these holes vs just any regular Linux
>> distro.
>>
>
> Modern Windows and OSX offer a "reasonable compromise" of security, I
heard.
>
> joanna.
>
Patrick Schless:
Alex Dubois
Alex
Development or a qrexec agent to push mouse event to Dom0 could be done.
You would however have the risk of your stack being attacked and blind mouse instructions pushed to Dom0 to weaken it (similar to xsrf in a web app) also you cannot protect yourself in the same way as you are not pushing data from Dom0 to your less secure domain.
But it would be more secure than bluetooth straight in dom0
>
> --
> You received this message because you are subscribed to the Google Groups "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users...@googlegroups.com.
> To post to this group, send email to qubes...@googlegroups.com.
> Visit this group at http://groups.google.com/group/qubes-users.
> For more options, visit https://groups.google.com/d/optout.
el...@tutanota.com
Have not figured out Bluetooth yet, but can now confirm..
Logitech's "Unifying" tech (from way back in the day) works like a charm. It is the least amount of effort you will ever do in Qubes, for the most happiness. (That usually means there is some security vulnerability somewhere)..
Plug in the usb unifying thingy and.. it works.
Being not very technical, this could be a security flaw. But if your attack surface if not within 25 feet, go for it. Tested and working on a mx master. Right click and scroll wheel work, not sure about the other buttons, but don't get your hopes up.
Iestyn Best
I am using a bluetooth mouse (Mad Catz M.O.U.S 9) via the sys-usb VM where it is passing through the functionality via some form of Qubes input passthrough to the rest of the system.
This seems to be working fine for me. The general functions of the mouse all seem to work fine; ie. movement, left/right/middle clicks, back/forward buttons and scrolling.
The one thing I haven't figured out, and haven't really looked into at the moment, is that it doesn't auto connect at start up. Each time I boot the computer I have to open a console for sys-usb and power on the bluetooth and then connect the mouse.
Just thought I would share my experience even though I thought it would be something that would cause more trouble.
Something I would like to look into in the future is the possibility of bluetooth headset. Could we get this connected to the sys-usb and have the audio, and possibly mic, passed through via some form of qubes audio mixer.
Regards,
Iestyn Best
grzegorz....@gmail.com
http://www.ebay.com/itm/Dual-Mode-Bluetooth-4-0-USB-Dongle-Low-Energy-Broadcom-BCM20702-Adapter-PS4-/161959114629?hash=item25b583f785:g:Oz4AAOSwGotWptXm
This is a Bluetooth dongle that uses the USB Audio device class instead of USB Bluetooth which makes it compatible with any OS that supports USB Audio. You can just plug it in and attach it to a VM for full Bluetooth functionality without compromising the security of your Qubes installation.
afv...@gmail.com
Vít Šesták
Without that, you can run your sound from one VM (not necessarily sys-usb), but it would send sound from that one VM only, not globally. I've configured one VM to route sound through another VM via PulseAudio over network. If you are interested, I can tell you more details. This still does not resolve Bluetooth audio fully (you cannot connect dom0 to it, as there is no network and there shouldn't be one) and it probably adds some attack surface via the PulseAudio protocol etc., but it at least doesn't require you to have one SoundEintopfVM where you run all audio-related tasks.
Some older discussion thread related to sound output from AppVM: https://groups.google.com/forum/m/#!topic/qubes-users/DFPGkGmAnjI
Regards,
Vít Šesták 'v6ak'