We could have a canned response that is pasted in these threads to make the users consider more plausible options. Something like:
1 Like
I want to prop this up a little, and say that @Plexus’s reply a few posts above brought it home for me that picking “I […] got hacked” as a name could be read as giving legitimacy to the tendency that some folks have to call any unexpected behavior a hack.
Besides, I don’t believe that using a name like the ones that Sven suggests would prevent folks with more serious reasons for concern from being heard.
In short, I think that’s a good idea!
1 Like
If we make a good template like I suggested, some users will be able to see themselves whether it might be just a bug or mistake. This would decrease the work for moderators.
I think the original name “I think I got hacked”, or even “Have I been hacked?” (implying “no” answer!) would fit better, allowing to separate such discussions easier. We already have a reasonably working Category for questions.
Otherwise everyone would start posting there about every bug they found.
Good point.
1 Like
Love it.
Users involved in those threads (before and after it was moved to that category) will continue to get notifications without explicitly de-muting the entire category – right?
1 Like
I think this is a good idea as long as it doesn’t alienate people who just don’t understand their own system, or have genuine concerns. So far what I’ve seen just seems like trolling, main-character syndrome in terms of paranoia, and just a general lack of realistic threat modeling. Some posts that say well if it isn’t a silver bullet, why bother? That isn’t really a meaningful topic for example, dichotomy is never a good thought response when something isn’t how you want it to be. I think any reasonable person acting in good faith would understand that, so posts like that seem like 
-posting on the internet.
My concern is maintaining a professional image for the community, and by professional I mean just not sinking down to the level of -posters. If this is to be done, I can only suggest that the presentation of this is done so in a manner that doesn’t make the Qubes community seem unfriendly to new users. We’re imperfect humans, but we do have a responsibility to maintain a positive image.
1 Like
Yes, I think that is the case.
I have talked with other mods and it looks like we’re moving ahead with this idea.
Topic Template Draft
PLEASE READ BEFORE POSTING
While it is certainly possible that your Qubes computer was hacked, it’s often the case that these are just problems in the software that other users are experiencing. So, before posting, please search for the symptoms of your issue on the forum to see if someone has experienced them before. Also, check the list of known issues that currently affect Qubes OS. Many users found a solution like this.
If you still suspect your system might be hacked, bad news is that there is no reliable way to find out if it is true. However, good news is that Qubes provides a dedicated procedure to recover from a compromised system.
Before going down the path of such actions, it is worth stepping back and reflecting on your threat model. EFF’s Surveillance Self-Defense goes into further detail into thinking about who would want to hack you, why, how much resources they have, etc. And more generally, it is good to acknowledge the stress you are likely under because of how you are feeling, and how that might affect your decisionmaking, communications with others, etc.
Feedback / changes welcome (this is a wiki post)
2 Likes
I made an edit an added a couple of links.
3 Likes
i made edits & added link to EFF’s SSD article on threat modelling
3 Likes
As a developer of Whonix for more than a decade, I can confirm there’s a large number of laymen who do a very superficial analysis and then think they found a security issue or have been hacked.
The problem is that laymen think that simple stuff such as a duplicate desktop icon can be evidence for a hack. People more knowledgeable on computer security, malware know that this doesn’t make any sense whatsoever. So laymen have to be told that in a diplomatic way, that they do not possess the required skills to perform malware analysis.
You absolutely need a FAQ about it. And it needs to be on the website, not in the forums, for increased authority.
Kicksecure / Whonix forums I am using one or another link in these cases:
- Malware, Computer Viruses, Firmware Trojans and Antivirus Scanners chapter Valid Compromise Indicators versus Invalid Compromise Indicators in Kicksecure wiki
- Bug Reports, Software Development and Feature Requests chapter Support Request Policy in Whonix wiki
This usually resolves the issue.
4 Likes
I support the initiative.
2 Likes
These two links might indeed answer most questions and could be placed under the
warning.
If you would allow my comment, I would say this:
Please do not use the word “forum”. Forum, by definition, is the place where people talk as they please.
Please do not make more rule to force people playing by your rules.
Please do not discriminate people by number of (quality) post they made, or by “rank”, e.g. Moderator or Newbie.
Please be invisible. If you can provide quality answer to a question, please provide it without saying who you are. Please just delete what not meeting your definition of quality without the word “deleted” or talking about it.
Please make your product in such a way that people can use it without question, like a pencil.
Please write a book full of quality information so people do not have to look elsewhere asking silly questions, if you cannot make your product like a pencil.
Please remember what questions you have asked when you were kindergarten. Did your teacher display a banner: PLEASE READ BEFORE POSTING?
About Qubes security: Qubes is about giving you a false sense of security. If an Intel CPU is in your computer with ME enabled, you are done. Same goes with AMD and almost all recently manufactured computing devices too. Any three-letter-agency can send a “magic” packet to your IP address, and when it reaches your computer, no matter via Wifi, Bluetooth, Ethernet or whatever interface you use, your device becomes a reporting tool. And Qubes cannot stop it, you can be sure of that.
Qubes OS is a game, a good one. It can stop some thieves and small hackers. But unless you start making computer chips and build computer yourself, no software in the world can really protect you. People will think they got hacked, because they will get hacked one way or another. Instead of making a special room for them so you do not have to see and deal with them, please let them talk their mind, and help them instead with your expertise.
Thank you.
The very first big, red, scary warning box at the top of the installation guide says:
Warning: Qubes has no control over what happens on your computer before you install it. No software can provide security if it is installed on compromised hardware. Do not install Qubes on a computer you don’t trust. See installation security for more information.
How is it a “false sense of security” when we warn you before you even start the installation process?
(Note: I am not saying your speculative claims about hardware security are correct or incorrect. Rather, I am pointing out that if you believe your hardware cannot be trusted, then this warning applies.)
6 Likes
That is true, I have been warned. Others should have been warned too. But why do you want to create a separated category so you do not have to read posts of those who feel they got hacked in the first place? Instead of explaining it calmly to them how to distinguish a software bug from symptoms of being hacked, you are telling people: “You have been warned, so shut up!” Or did I miss your point?
There are many community members that are very skilled and patient in explaining how to distinguish a software bug from symptoms. For those nothing will change but the category name.
There are however also many …
-
members that will get infected by the paranoia and blow up the thread with their own delusions, be resistant to counseling and make a general mess of the thread often to the point that mods have to shut it down.
-
members that are not interested in reading / explaining for the 500rd time how to distinguish a software bug from symptoms.
-
new or interested users that get confused and have a hard time distinguishing between good and bad arguments.
These threads often take a lot of energy away from the other threads and strongly reduce the signal-to-noise ratio. Hence this idea of isolating such threads into an area were those wishing to engage can do so while others can safely ignore it without missing anything important.
I get your philosophy and share it. It is better to answer bad ideas with good arguments and moderation always feels a little bit like censoring. The flip side is that answering a flood of bad ideas all the time can get very tiring. That’s why we want to make it an opt-in sport. Makes sense?
Also when I made the proposal I myself wasn’t a member of the moderation team yet. Obviously mods can’t just mute a category and forget about it. So I won’t personally be ignoring these threads but still think it will help from a signal-to-noise perspective for most other members.
7 Likes
That would be ideal, but I don’t think that is possible without an almost miracle. Elaborated at length here why that is:
Good documentation is useful in theory to have something to link to. Often will be ignored even if pointing users to it but still good to have.
I think this warning might be insufficient. The user might just have purchased new hardware. Why would it be compromised? Why shouldn’t it be trusted?
What I would suggest is for Qubes to publish a user understandable threat model. The user would want to know “Does Qubes protect form advanced adversaries?”
I don’t think any software project says yes about themselfes.
On the other hand, Qubes slogan “A reasonably secure operating system” seems on point. All software and hardware projects are light years away from very secure or perfectly secure computing. For one, we don’t own our own hardware factories and even if we did, we couldn’t understand all the blueprints and source code to build all the hardware and software without trusting other people. So I don’t see how perfect secure computing would ever be possible.
Someone wondering why is it “only” “A reasonably secure operating system” instead of a perfectly secure operating system, well, that requires some digging. It has been explained at length in many places. The challenge is making this information easily found (and maybe easily understandable). Also why interesting, this information isn’t terribly actionable by users.
This is what Whonix writes on the topic
Technical Introduction chapter Does Whonix ™ / Tor Provide Protection from Advanced Adversaries? in Whonix wiki
5 Likes
Hello, I have not been active on here in awhile, but I have enjoyed reading this discussion. Whether my words add anything to the discussion or not, I cannot resist sharing some of my thoughts on it. There will be some quotes used, and a bit of how I operate when it comes to the thoughts or questions about being “hacked”.
I frequent some forums or circles that are loaded with paranoia, and questions as to whether someone or something can be trusted. I definitely fall under the layman category on tech and stuff, but that can be a positive. In these circles mentioned, there is a lot of finger pointing or labeling others as feds. If you stay anon or wear masks, you’re a fed. If you use real names and expose your face, you’re a fed. So I operate under the premise that everyone is a fed. I say nothing that I would not say directly to a feds face.
I apply this same practice to the hacked thing. I assume ALL hardware and software are hacked or ran by “feds”. I keep nothing on any device that I am not willing to show or lose. Anything important or secret is kept on paper and can be destroyed in seconds. And if “they” gain access to this, it means they have had to get through me, and at that point, none of it really matters.
Paranoia? “Just because you’re paranoid doesn’t mean they aren’t after you.” I also operate under the “Two is one and one is none” concept. I have backup devices and I am willing to destroy one and move on, if I feel the need or one is suspected of being compromised. “Don’t let yourself get attached to anything you are not willing to walk out on in 30 seconds flat if you feel the heat around the corner.”
Now, with all that said, “A reasonably secure operating system” is all I need for my system, and Qubes definitely meets that requirement, especially when bundled with Whonix. The “feds” and similar types have access, but until they’re willing to “bring it”? I’m not concerned by that type of “hack”. For those lower level thugs with their card fraud and such? Qubes and Whonix, along with my practices have that pretty well covered.
One last thing I will mention to possibly keep my words in line with this thread is this. I think the proposed sub-category is a good idea. And for those that think they got hacked, operate as though you have been at all times, and it will no longer matter.
1 Like