Coming "home" to Qubes :-)

Today I finally put my Qubes disk into the old Thinkpad X230 that is my main base for running Qubes, and that just felt great!

The reason for straying to other OS-es like OSX, Kodachi, Septor and even Windows the past weeks have been a mix of doing video productions, learning more about privacy distros & tools for setting up a tiny privacy business on the ground.

I’ve also built up a server for the new venture(s) with a good workflow for the most common CMS-es, Matomo for analytics and a good, private setup from the ground up using Njalla. (No nefarious plans at all, I just want my stuff private by default!)

  • Booting back into Qubes now makes me able to do the following for my production phase:

  • Set up a standalone for ssh and root dev only thus making sure that I won’t mix this level of security & work up with say CMS dev

  • Use another Qube for panels, backup and other browser work for the server

  • Continue the work of growing “organic” users as contributors in the CMS-es, essentially separating them with IPs and a mix of VPNs such as Mullvad, RiseupVPN and free ProtonVPN. Each of these will also have portable passwords and other info in Bitwarden which will be accessed from within each Qube

After trying out Kodachi for a while I feel that I could have achieved the same using the default tools, but I’d totally mix some of this up sooner or later :wink:

That being said I’ll try to install Kodachi under Qubes too as well as see what tools I can migrate, that Sphere browser with tools for creating bases for fingerprinting seem to be a valuable tool as an example.

Also the complete layout with a dashboard and very complete tools for VPNs combined with Tor is great to work with, I could see myself running a Kodachi Qube for anything involving Tor rather than Whonix actually…

I guess it all comes down to the approach to compartmentalisation which is pure genius!

1 Like

Coming “home” to Qubes

1 Like

Hehehe…

But then again nothing is perfect, why does not ProtonVPN work within a Qube when running Mullvad on sys-net… While ping is running with no interrupts in a terminal in the same Qube…

Oh I’ll crack that one way or another! :slight_smile:

Are you sure you are anonymous and safe with Kodachi?

https://bitsex.net/english/2021/kodachi-linux-is-probably-not-secure/

I’m using this and other tools inside of Qubes or Virtualbox for separating traffic and fingerprinting only

Any root admin or development is going through trusted setups like Qubes and Mullvad, worst case a websited I’m running might get hacked the same way as it could if I would have used any standard device with poor security.

The reason for all this is that I’m growing “organic” users inside of Qubes that I want to be flagged, fingerprinted and seen by Big Data as separate users.

This is my long term strategy for having a fighting chance when/if things get really draconian, its not impossible that around 2025 or so biometrics will be a real gatekeeper for going online…

But this is a game where everything is moving, and if the eyes countries go to this length there will be other countries that won’t be outright blocked (tourists ++), and that is when I’ll have established, spoofed IDs :wink:

Avoiding being totally nuked when it comes to SEO is another reason for this, if fingerprinted IDs are not used in identifying SEO setups now it will certainly be the case later.

I will not give in to this totalitarian nightmare, and will fight in smart ways as long as I can! :slight_smile:

Yeah, that is why I’m using Firefox, Brave, Epic, Opera and hopefully a few more! :wink:

Ideally each “organic user” has its own setup, at least I’ll start out with 1-3 that are separated this way…

I’d really like to understand how “organic” users would help with “biometrics prerequisites for going online”

Can you describe some specific case(s)/example(s) when/how this is useful?

For me this is very personal hehe… I just hate & despise what my home country has devolved into, never went along unless I had to, like paying bus tickets with a card.

I do not want them to have any data on me, it makes me sick, takes focus away from useful things and also as we’ve seen from the US it might be used to catch you up in a dragnet even when completely innocent…

Take Face**** as an example, its close to impossible now to set up an anonymous profile, the big data they’ve collected clearly includes other social media profiles and for Europe and the US also probably phone numbers!

But if someone with a real sim card from the Philippines on a smart phone that already has a few social media accounts going on that opting into all the surveillance registers, no problem!

What if you need to go online anonymously at an airport, perhaps while someone has set up a dragnet for all nationals with your passport? That “person” would not be flagged :wink:

Could that “person” get a bus card even under heavy surveillance? Probably, since there will always be a need to accommodate for tourists or travellers of all sorts…

All of this can (for now at least) be done as a “grey hat” operation, of course the real “bad” people would do things like these with someone else’s real ID. Later on that might be the only option left for anyone not going along, but for now its possible to do this in ways that are practically to be seen on the level of breaking speed limits only.

Then the big one is ID for going online… IF that is implemented the only chance to access social media gulags and whatever service one might need to use anonymously might be these “tourists”

Of course there will always be some way of getting online, but what if all the Big Tech have cornered most markets and then start requiring real ID for use? Could happen very quickly, with some scare or a hot war as excuse…

This is not what I put a lot of actual work into, I kinda prototyped it in 2020 with the end result of being able to order food or even take a taxi here in Asia with no real data, including paying :slight_smile:

If/when things take a very dark turn later I’m also prepared & can get into it for real…

Another clear effect from researching this horrible, digital cage they’re building for anyone was that when I got to the point of being able to actually do what I need anonymously I felt that I finally had the upper hand on all of this horrible tech that I’ve warned against for decades!

Man that felt great! :wink: