Hello there.
Recently i experienced various amount of attack which intentionally tries to break the Qubes functionality, more specifically, trying to configure the system time(of the router, or vm, or etc… I’m not that bright about the CS or security).
I repetitively saw the libxenlight error when i attempted to install, execute, or run vm, especially OpenBSD netvm.
It applies to also mirage-firewall, but it does not occur when i place sys-firewall at the middle of the sys-net and mirage-fw(kinda snake oil, but i think it’s not a good sign).
It could be temporarily fixed when i use unattacked router, but it seems if i connect secure router to compromised router(in order to obtain internet connection), they have managed to mess up with clock and mirage-fw or openbsd netvm does not working.
By the mean ‘compromised router’ - i suppose they manually surveil the connected device of the router, then they let the device1 connected directly into the router work, BUT the device2, or VM, which recieves internet via device1, does not work.
For example :
Compromised router ↔ Graphene(work) ↔ openbsd netvm(not work)
Compromised router ↔ Openbsd netvm(work) ↔ mirage-firewall(not work)
Compromised router ↔ grapheneos(work) ↔ sys-net(not working, or WORK SUPPOSEDLY, i dunno why - because it’s compromised?) ↔ mirage-fw1(work, only this works) ↔ mirage-fw2(NOT WORK, regardless of the name or setting)
I’m currently being surveiled, both physical space and cyberspace(e.g. iphone) by korean NIS, maybe they can perform shoulder-serfing or eavesdropping, but regardless of the method, they seem to try to break the integrity and functionality of my setup.