Page MenuHomePhabricator
Feed Advanced Search

Thu, Jun 27

Patrick removed a project from T912: qubes integration tools missing: Whonix 15.
Thu, Jun 27, 10:53 AM · Whonix, Qubes
Patrick added a comment to T912: qubes integration tools missing.

Work for me too in new build https://forums.whonix.org/t/qubes-whonix-15-templatevms-debian-buster-based-4-0-1-201906232114-testers-wanted/7601

Thu, Jun 27, 10:53 AM · Whonix, Qubes

Jun 21 2019

marmarek added a comment to T912: qubes integration tools missing.

I cannot reproduce. I've installed qubes-template-whonix-15-4.0.1-201905241112, updated it with qubes testing repository enabled and I see all the actions available in thunar.
But I do see some warnings on thunar's stderr, like this:

(Thunar:27375): Gtk-WARNING **: 01:41:41.317: Refusing to add non-unique action 'uca-action-1507455450991127-4' to action group 'ThunarActions'

Looks like actions are added multiple times to /etc/xdg/Thunar/uca.xml, which is later copied to /home/user/.cnfig/Thunar/uca.xml. Relevant code in https://github.com/QubesOS/qubes-core-agent-linux/blob/master/debian/qubes-core-agent-thunar.postinst

Jun 21 2019, 3:50 AM · Whonix, Qubes

Jun 20 2019

Patrick updated subscribers of T912: qubes integration tools missing.

Any idea why these are missing? @marmarek

Jun 20 2019, 4:18 PM · Whonix, Qubes
Patrick added a comment to T912: qubes integration tools missing.
  • Copy to VM
  • Move to VM
  • Create Archive...
Jun 20 2019, 2:03 PM · Whonix, Qubes
Patrick updated the task description for T912: qubes integration tools missing.
Jun 20 2019, 1:56 PM · Whonix, Qubes

Jun 14 2019

Patrick added a comment to T912: qubes integration tools missing.

Might be fixed with upgrades / (over) next Qubes-Whonix images.

Jun 14 2019, 11:21 AM · Whonix, Qubes
Patrick created T912: qubes integration tools missing.
Jun 14 2019, 11:20 AM · Whonix, Qubes

Apr 14 2019

Patrick closed T888: change Qubes-Whonix default applications from KDE-ish to XFCE-ish as Resolved.
Apr 14 2019, 3:30 PM · Whonix, Debian version 10 codename Buster, Whonix 15, anon-meta-packages, qubes-template-whonix, Qubes

Apr 6 2019

Patrick closed T879: qvm-service infrastructure does not work with whonix-gw-14 template as Wontfix.

Reducing the number of lingering, unrealistic tickets, therefore closing.

Apr 6 2019, 8:46 PM · Qubes, onion-grater (Control Port Filter Proxy), Whonix
Patrick closed T811: document multiple Qubes TemplateVMs as Resolved.

https://www.whonix.org/wiki/Multiple_Whonix-Workstations#Multiple_Qubes-Whonix_TemplateVMs

Apr 6 2019, 8:38 PM · Whonix, Qubes, user documentation
Patrick lowered the priority of T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream from High to Normal.
Apr 6 2019, 8:22 PM · security, Qubes, Whonix
Patrick changed the status of T888: change Qubes-Whonix default applications from KDE-ish to XFCE-ish from Open to testing-in-next-build-required.

https://github.com/Whonix/anon-meta-packages/blob/master/debian/control

Apr 6 2019, 4:44 PM · Whonix, Debian version 10 codename Buster, Whonix 15, anon-meta-packages, qubes-template-whonix, Qubes

Feb 18 2019

Patrick closed T463: Qubes-Whonix-Workstation DispVM Support as Resolved.

Looks like nothing more to do here.

Feb 18 2019, 9:39 AM · Whonix, Qubes
Patrick closed T409: qubes-whonix-network.service doesn't provide helpful error message when !CONFIG_DUMMY as Invalid.

Since grsecurity is not a thing anymore, closing this as invalid.

Feb 18 2019, 9:37 AM · grsecurity, Qubes, Whonix
Patrick updated the task description for T466: Qubes sys-whonix does not do its job as Qubes FirewallVM.
Feb 18 2019, 9:30 AM · iptables, whonix-gw-firewall, Whonix, Qubes

Feb 16 2019

Patrick closed T894: Tor Browser in whonix-ws-14 based VMs sometimes blocks JavaScript on first start as Resolved.
Feb 16 2019, 1:56 PM · Whonix 15, Whonix 14, Qubes, tb-updater, Whonix
Patrick claimed T894: Tor Browser in whonix-ws-14 based VMs sometimes blocks JavaScript on first start.

I also noticed the file "~/.tb/first-boot-home-population.done" which suggests that whonix does something on first boot

Feb 16 2019, 1:54 PM · Whonix 15, Whonix 14, Qubes, tb-updater, Whonix
Patrick triaged T894: Tor Browser in whonix-ws-14 based VMs sometimes blocks JavaScript on first start as Normal priority.
Feb 16 2019, 9:50 AM · Whonix 15, Whonix 14, Qubes, tb-updater, Whonix

Feb 15 2019

marmarek added a comment to T709: port Whonix package build process to Qubes package build process.

To build a package with qubes-builder, you need to add Makefile.builder file with just one line: DEBIAN_BUILD_DIRS := debian. This will tell qubes-builder that given repository contains Debian package.
Alternatively, if that would be too much of a problem, it should be easy to add an option that do auto detection (probably just looks for debian directory).

Feb 15 2019, 12:20 AM · security, Qubes, build, Whonix

Feb 14 2019

Patrick added projects to T709: port Whonix package build process to Qubes package build process: build, Qubes, security.
Feb 14 2019, 8:01 PM · security, Qubes, build, Whonix

Jan 12 2019

Patrick triaged T888: change Qubes-Whonix default applications from KDE-ish to XFCE-ish as Normal priority.
Jan 12 2019, 7:50 AM · Whonix, Debian version 10 codename Buster, Whonix 15, anon-meta-packages, qubes-template-whonix, Qubes

Dec 9 2018

Patrick lowered the priority of T389: make sure Qubes-Whonix has no access to clocksource=xen from High to Normal.
Dec 9 2018, 6:53 AM · mgmt, research, security, Qubes, Whonix
Patrick lowered the priority of T879: qvm-service infrastructure does not work with whonix-gw-14 template from Normal to Wishlist.
Dec 9 2018, 5:52 AM · Qubes, onion-grater (Control Port Filter Proxy), Whonix

Dec 7 2018

Patrick removed a project from T530: CPU-induced latency Covert Channel Countermeasures: Whonix 15.
Dec 7 2018, 12:06 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
Patrick removed a project from T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes): Whonix 15.
Dec 7 2018, 12:06 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick assigned T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes) to troubadour.
Dec 7 2018, 12:06 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick removed a project from T466: Qubes sys-whonix does not do its job as Qubes FirewallVM: Whonix 15.
Dec 7 2018, 12:04 PM · iptables, whonix-gw-firewall, Whonix, Qubes
Patrick closed T545: apt-get Qubes instructions as Resolved.
Dec 7 2018, 11:57 AM · Whonix, Whonix 15, user documentation, Qubes
Patrick removed a project from T397: prevent dom0 telling Qubes-Whonix VMs the time by using the mgmt stack for that / disable Qubes dom0 /etc/qubes-rpc/qubes.SetDateTime: Whonix 15.
Dec 7 2018, 11:57 AM · mgmt, Whonix, Qubes, security, bug
Patrick removed a project from T387: Qubes-Whonix-Gateway as ClockVM: Whonix 15.
Dec 7 2018, 11:57 AM · enhancement, security, sdwdate, Whonix, Qubes

Nov 12 2018

Patrick closed T373: Qubes templates: graphical updater (Apper) broken as Resolved.

Apper no longer installed by default.

Nov 12 2018, 8:47 AM · Qubes, usability, enhancement, Whonix
Patrick placed T373: Qubes templates: graphical updater (Apper) broken up for grabs.
Nov 12 2018, 8:43 AM · Qubes, usability, enhancement, Whonix

Sep 20 2018

Patrick added a subtask for T387: Qubes-Whonix-Gateway as ClockVM: T856: whonix TemplateVM time fetching qrexec service.
Sep 20 2018, 11:45 AM · enhancement, security, sdwdate, Whonix, Qubes

Aug 7 2018

Patrick renamed T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes) from make sdwdate-gui Qubes friendly to make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).
Aug 7 2018, 6:45 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick renamed T397: prevent dom0 telling Qubes-Whonix VMs the time by using the mgmt stack for that / disable Qubes dom0 /etc/qubes-rpc/qubes.SetDateTime from prevent dom0 telling Qubes-Whonix VMs the time by using the mgmt stack for that to prevent dom0 telling Qubes-Whonix VMs the time by using the mgmt stack for that / disable Qubes dom0 /etc/qubes-rpc/qubes.SetDateTime.
Aug 7 2018, 6:43 PM · mgmt, Whonix, Qubes, security, bug
Patrick updated the task description for T389: make sure Qubes-Whonix has no access to clocksource=xen.
Aug 7 2018, 6:37 PM · mgmt, research, security, Qubes, Whonix

Aug 3 2018

Patrick added a project to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream: security.
Aug 3 2018, 11:22 AM · security, Qubes, Whonix
Patrick added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Done. Asked about Xen too but they may not be familiar with its innards. You may want to contact the Xen devs directly using my message as a template.
https://lists.nongnu.org/archive/html/qemu-devel/2018-08/msg00368.html

Aug 3 2018, 11:21 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Playing devil's advocate here: Ted Ts'o [0] expresses strong skepticism about the efficacy of RNGs that rely on CPU jitter. summary: CPU jitter may not be random as thought to someone who designed the CPU cache and know how its internals "tick" [1]. So while these RNGs may not harm, another solution for RNG-less platforms may be a good idea.

Aug 3 2018, 6:10 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

An interesting implementation to work around early boot entropy scarcity with havegedis to include it in the initrd. May be hackish but could be easier for Marmarek than writing something at the EFI level.

Aug 3 2018, 5:53 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Done. Asked about Xen too but they may not be familiar with its innards. You may want to contact the Xen devs directly using my message as a template.

Aug 3 2018, 5:34 AM · security, Qubes, Whonix

Aug 2 2018

HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

I think its worth asking the hypervisor devs if this applies for the platforms we care about.

Aug 2 2018, 5:33 AM · security, Qubes, Whonix

Jul 31 2018

Patrick added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

jitterentropy-rng should solve this

Jul 31 2018, 6:38 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

jitterentropy-rng should solve this and is a mainline Linux solution that works the same way haveged does. Please see: https://phabricator.whonix.org/T817

Jul 31 2018, 4:23 AM · security, Qubes, Whonix

Jul 24 2018

Patrick closed T788: Qubes-Whonix 14 SaltStack state files required as Resolved.
Jul 24 2018, 11:40 AM · Whonix, Qubes, Whonix 14
Patrick closed T792: make sure qubes-core-admin-addon-whonix gets installed as Resolved.
Jul 24 2018, 11:39 AM · Whonix, Whonix 14, Qubes
Patrick closed T791: qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs as Resolved.
Jul 24 2018, 11:38 AM · Whonix, Qubes, Whonix 14

Jul 21 2018

Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Created way to find out name of gateway from witin VM - qubesdb-read /qubes-gateway-name for it.

Jul 21 2018, 11:38 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jul 18 2018

marmarek added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

The easiest way would be to have a new entry for qubesdb-read, in addition to qubes-gateway which holds the IP address.
Something like qubesdb-read /qubes-gateway-name.

Jul 18 2018, 12:12 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jul 17 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

For the time being, the vm's whonix gateway is hard coded in two files, the one watching and sending sdwdate satus and the one sending the shutdown notification.

Jul 17 2018, 11:14 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

What happens in case of multiple Whonix-Gateway ProxyVMs? I.e. in case of sys-whonix, sys-whonix-two, etc.? How would anon-whonix-two know it has to connect to sys-whonix-two?

Jul 17 2018, 9:19 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jul 15 2018

Patrick updated the task description for T811: document multiple Qubes TemplateVMs.
Jul 15 2018, 12:18 PM · Whonix, Qubes, user documentation
Patrick triaged T811: document multiple Qubes TemplateVMs as Normal priority.
Jul 15 2018, 12:16 PM · Whonix, Qubes, user documentation

Jul 7 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Have run the fuzzer unit test simultaneously in sys-whonix and five anon-vm.

Jul 7 2018, 10:26 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jul 5 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Update, after my post in the forum.
https://forums.whonix.org/t/testers-wanted-blocking-networking-until-sdwdate-finished-status-of-sdwdate-gui/5372/3

Jul 5 2018, 9:35 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jun 13 2018

Patrick updated the task description for T788: Qubes-Whonix 14 SaltStack state files required.
Jun 13 2018, 9:33 AM · Whonix, Qubes, Whonix 14

Jun 7 2018

Patrick updated the task description for T791: qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs.
Jun 7 2018, 4:37 AM · Whonix, Qubes, Whonix 14

May 30 2018

Patrick added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

That's technically too late during boot process. See ticket discussion
above.

May 30 2018, 10:29 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Perhaps Qubes guys can have the entropybroker package communicate over the qrexec protocol to seed entropy from a reliable source like Dom0 to the other domains.

May 30 2018, 5:52 AM · security, Qubes, Whonix

May 22 2018

Patrick added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Asked. Unfortunately not so.

May 22 2018, 4:32 AM · security, Qubes, Whonix

May 18 2018

HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

You can probably use virtio-rng since Qubes now runs on HVM mode and uses QEMU

May 18 2018, 3:20 PM · security, Qubes, Whonix

May 9 2018

Patrick renamed T792: make sure qubes-core-admin-addon-whonix gets installed from qubes-template-whonix-gw should depend on qubes-core-admin-addon-whonix to make sure qubes-core-admin-addon-whonix gets installed.
May 9 2018, 12:39 PM · Whonix, Whonix 14, Qubes

May 8 2018

Patrick renamed T791: qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs from qvm-features-request whonix-ws 1 to qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs.
May 8 2018, 9:48 PM · Whonix, Qubes, Whonix 14

May 5 2018

Patrick updated the task description for T792: make sure qubes-core-admin-addon-whonix gets installed.
May 5 2018, 3:32 PM · Whonix, Whonix 14, Qubes
Patrick updated the task description for T791: qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs.
May 5 2018, 3:27 PM · Whonix, Qubes, Whonix 14

Apr 28 2018

Patrick triaged T792: make sure qubes-core-admin-addon-whonix gets installed as Normal priority.
Apr 28 2018, 10:03 AM · Whonix, Whonix 14, Qubes
Patrick triaged T791: qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs as Normal priority.
Apr 28 2018, 9:58 AM · Whonix, Qubes, Whonix 14

Apr 12 2018

Patrick triaged T788: Qubes-Whonix 14 SaltStack state files required as High priority.
Apr 12 2018, 3:05 PM · Whonix, Qubes, Whonix 14

Apr 6 2018

Patrick closed T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix as Resolved.
In T641#15836, @unman wrote:

Installation of pulseaudio-qubes is now included in the 13-14 upgrade guide under Qubes-Whonix instructions.

Apr 6 2018, 8:34 AM · Whonix 14, Whonix, anon-meta-packages, Qubes

Apr 4 2018

unman added a comment to T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix.

@Patrick
Installation of pulseaudio-qubes is now included in the 13-14 upgrade guide under Qubes-Whonix instructions.

Apr 4 2018, 5:27 PM · Whonix 14, Whonix, anon-meta-packages, Qubes

Mar 7 2018

Patrick renamed T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix from install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix to Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix.
Mar 7 2018, 1:46 AM · Whonix 14, Whonix, anon-meta-packages, Qubes

Mar 4 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

A new Tor controller GUI.

Mar 4 2018, 11:03 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 16 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Added the relevant icon in show_message (after resizing the sdwdate icons from mediawiki, the original are huge).

Feb 16 2018, 11:18 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 15 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Some progress here.

Feb 15 2018, 12:55 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 4 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

If possible: it should only show Tor restart gui / anon-connection-wizard if these are installed. Otherwise not show such a menu entry.

Feb 4 2018, 11:02 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Have pushed an updated version with Restart Tor and Anon Connection Wizard commands from the menu, so you can have an idea of the look and feel. This is of course not written in stone. The standalone restart-tor-gui was updated for testing. https://github.com/troubadoour/restart-tor-gui

Feb 4 2018, 9:10 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Implemented some defensive code against qubes-dband qubes-qrexec-agent just in case. Now if one or both of those services stop, it just ensures that the sdwdate-gui programs don't crash, and that's it.

Feb 4 2018, 4:48 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick edited projects for T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes), added: Whonix 15; removed Whonix 16.
Feb 4 2018, 3:16 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 3 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Implemented some defensive code against qubes-dband qubes-qrexec-agent just in case. Now if one or both of those services stop, it just ensures that the sdwdate-gui programs don't crash, and that's it.

Feb 3 2018, 11:15 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 2 2018

Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Only small issues for now.

Feb 2 2018, 3:47 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

sdwdate-gui-qubes will be shortly ready for packaging.
There are files for the gateway, files for the workstations, none for non-qubes environment. At this stage, for review, it would be easier to make a standalone package before merging in sdwdate-gui.

It was actually easier to merge directly, if only for the new user sdwdate-gui created in postint.

Feb 2 2018, 1:47 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 1 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

sdwdate-gui-qubes will be shortly ready for packaging.

Feb 1 2018, 12:22 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 29 2018

marmarek added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Json handling looks fine. Not sure about using the data loaded from there - for example if self.message require sanitization. AFAIR some Qt widgets support html formatting, so it may be undesirable to allow that.

Jan 29 2018, 3:44 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Relevant code excerpt sdwdate.

Jan 29 2018, 3:37 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 26 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Probably no. But I,m not an expert in security or attacks.
pickle load deserialize an object, in our case a DICTionary. Anything not in that form would raise an exception.

How do you ensure that? Normally pickle.load would gladly deserialize any object, even if that results in executing code inside of it. See https://docs.python.org/3/library/pickle.html
Better use json or such if really a structure (rather than a single value) is needed.

Jan 26 2018, 9:11 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

What happens if a workstation is killed, and then later restarted?

Jan 26 2018, 8:52 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
marmarek added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Probably no. But I,m not an expert in security or attacks.
pickle load deserialize an object, in our case a DICTionary. Anything not in that form would raise an exception.

Jan 26 2018, 6:49 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Probably no. But I,m not an expert in security or attacks.

Jan 26 2018, 5:12 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 25 2018

Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Then //pickle.load status-file

Jan 25 2018, 2:35 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Update.
The submenu commands are implemented. Looks nice and handy.

Jan 25 2018, 2:32 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

The submenu commands are implemented. Looks nice and handy.

Jan 25 2018, 12:21 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 22 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

>>! In T534#15414, @marmarek wrote:

Jan 22 2018, 10:52 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

troubadour

For now, the qrexec commands are issued from the workstations sdwdate-gui,
for practical reasons, the main one being that it's easy to restart sdwdate from there.
Obviously they'll have to be in sdwdate.

Patrick

Possibly, yes. Necessarily, maybe not. Keeping all the "if Qubes then"
logic outside of sdwdate may also be an option.

That would help a lot. There are not that many "if Qubes then" in sdwdate -- actually we also check if we are not in sys-whonix --, but when it comes to run the qrexec command in sdwdate, the problem begins. Have tried all sort of things to get the call, Popen or even os.system command working in sdwdate, to no avail, although call works in many other places.

Jan 22 2018, 10:42 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
marmarek added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Obviously they'll have to be in sdwdate. They are some issues regarding the format of the argument in qrexec-client-vm sys-whonix whonix.test+"[argument]" when it reaches the target vm. It's sanitized, no problem there, it can be parsed, but it's truncated at 51 bytes, which limits what we can pass.

Jan 22 2018, 3:11 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Awesome progress! :)

Jan 22 2018, 2:53 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 20 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Some progress on this one. A summary without literature.

Jan 20 2018, 11:30 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 16 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Playing with tags.

Jan 16 2018, 1:12 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Dec 18 2017

Patrick closed T698: check Qubes-Whonix compatilbity with Qubes 4.0 as Resolved.

apt-get apt-transport-tor broken in Qubes R4 non-networked TemplateVMs #3403
https://github.com/QubesOS/qubes-issues/issues/3403

Dec 18 2017, 8:57 PM · Whonix 14, Whonix, Qubes

Dec 14 2017

entr0py added a comment to T732: whonix-gw-14 template fails to boot on Qubes 3.2.

Qubes R4 templates can not be started on Qubes 3.2

Dec 14 2017, 9:26 PM · Qubes, Whonix 14, Whonix