Actually, adding an app to “Applications shown in App menu” allows one to create a panel launcher shortcut for the app and this shortcut will continue to work after moving the app back to the “All available applications” column in settings. This makes the Apps menu less useful, since only the terminal is available there, but worth the trade-off when the panel shortcut remains available (at least in r4.3-rc4).
1 Like
Why… why one need application launcher whet one don’t know which qube will be running?
If one need that, if one don’t care which qube is running as long as application launch then it should run normal linux with containers not QubesOD.
EOT.
1 Like
this^. To have the option to one-click open a browser in a dispVM while removing the risk of ruining the disposable template by accidentally opening the browser from the templates menu (creating a persistent profile, for example).
adding a launch item (right-click panel > panel > add new items > launcher > add, then selecting properties > add) will force you to select a specific qube for the shortcut. So you will know the qube. For disposables there will be two entries, be sure to choose <dvm-template> (dvm) to launch the dispVM as the qube because selecting <dvm-template> will open the disposable template.
2 Likes
No, I don’t do this, generally. I simply compartmentalize everything such that, even if there is hidden malware on one/some of my qubes, the scope and extent of damage it can deal is always limited to the point where it can’t really hurt me that much. In qubes that contain sensitive personal data and the like, I never run any untrusted software to begin with, so I don’t have to worry about anything important getting compromised in that way. The only qubes which would realistically get infected by malware to begin with are qubes which are already treated as ‘untrusted’.
I think you can generally avoid getting infected by malware as long as you exercise common sense, but Qubes just adds that extra layer of protection where you can afford to mess up every now and then and it’s not the end of the world.
1 Like
You should add a quick launch button on your panel bar to launch a browser in a dispVM. That way there’s no chance you’ll accidentally open a browser in the template, because the process of launching it from the template will be totally different. It’s also just good for convenience to just have a one-click button always available for such a common task like that
2 Likes
Between playing with configuration and an urge to minimize data footprint, yes. For security, not really.
But even if it is for security it’s totally valid, hardening & gardening does not have to stop with just having data compartments. It’s still nice to have peace of mind for those compartments.
1 Like
Just to bang the KDE drum (again), I have customised menu with
disposable templates in a submenu, nested under templates , and have
shortcuts to launch terminal and browser in disposables.
Quick to set up and no chance of mistakenly launching the disposable
template.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
1 Like
I fully agree with you, except for one small point. When it comes to our authorities, they can no longer be trusted in Germany. Current debates include parliamentary consideration of expanding Federal Police surveillance powers in the Federal Police Act, which critics argue could broaden the use of state trojans and digital surveillance infrastructure.
1 Like