Qubes ready to install for Journalist-Human Rights workers

Once again, I am thinking about a Journalists/Human Rights worker version of Qubes.

I am guessing such a person is a computer amateur, who can be frustrated by having to search for, read instructions for more than five minutes.

Plus most of the information likely to be provided to the world, is not a Professional Journalist, but an ordinary person.

First, a Journalist type may not be really familiar with how truly bad some Operating Systems are about protecting users. They can say the words malware, needs anti-virus, Ransom-ware. But they really don’t realize how some Operating Systems, and some ISP’s, webpages have stacked the odds against users. So they may not be willing to spend the effort to use any Operating System correctly.

The things I feel a Qubes Journalist users immediately needs, that is not set up, is a means to verify Downloaded Software by way of PGP. And to begin to use encrypted emails. The Qubes for this software, Split-PGP, and software Thunderbird, Key Handler. The documentation for this should be installed inside the Qube which will do the Encryption/Decryption.

I again logged into my McDonalds, and when I clicked to go to a discussion on the forum, I got a; “Certificate is correct, Peer is blocking WebPage, contact webmaster.” Which for me. I know how to get around, I can start my VPN, and get the page on the Qubes OS Forum. If I did not have a VPN installed, I know to choose Tor. I can do research of how to use Qubes. A complete Newbie would feel pretty frustrated.

We could add a documentation note about using Tor. What is quickly needed for a Journalist user is a VPN. Which, to make it easy to set up for a newbie, A Qube already created to insert a VPN into. Since the recommendation is to use OpenVPN, I can see it useful for OpenVPN to be already installed. The documentation to be already in the Qube. Leaving one to insert the particular VPN information to be typed in. The other day I spent some hours trying to set up VPN, although I knowinglyl used information from earlier Qubes OS (4.0) thinking the OS would be the same. Hmm. I suspect a Journalist might use the wrong set of instructions. I think this is another place where a place to more easily start a VPN.

I was looking for an GUI to copy from one Qube to another. That is an organized protocol to copy a, say a message, copy it to a Qube to open it, read it, perhaps the Qube software to identify any attempt to do something I would not think appropriate. Try to remove what the journalist needs to remember to accomplish some things. And the tool accomplish this without risk to user.

Personally, I am a bit accustomed to having an Internet Monitor that informs me how fast the connection is going, and how much is coming in and going out. I am not anxious to violate Dom0.

A printed, short list, of how to do this, for an semi-experienced user.

A page of Qubes, Never do this. (which is a bit funny. The first thing is to never attach a Template to the internet, but if I am going to build a VPN.)

I wanted to instigate some others to contribute some ideas.

3 Likes

Move this to the #general-discussion since it’s Qubes-related.

2 Likes

When I read such ideas, I always feel like:

  • I need the knowledge, but not willing to learn.
  • I need to travel by car, but not willing to learn how to drive, and I really don’t care about those funny signs next to the road.
  • I need a sword, which is cuts everything to pieces, but never hurts me.

Nothing comes free in this world - as - at least - you need to invest your time.

IT Security is not easy… and the landscape is changing day by day.
Guarding your privacy is hard - if not impossible.

in short: learning is the key. And I really don’t believe ‘Qubes for dummies’ would be a quick reading, surely not a next-next-finish type ‘install’

Moreover, how I would describe Qubes OS:

“Qubes allows you to be the weakest link, even if you are an IT security expert”

4 Likes
2 Likes

kk

I don’t really know where to start with most of this. It seems like a shotgun approach for asking a question. Perhapse you should bulletize your specific questions so we can answer them one at a time?

Personally, I am a bit accustomed to having an Internet Monitor that informs me how fast the connection is going, and how much is coming in and going out.

Considering that the user may be a n00b when it comes to IT security it would be a good idea to give them real-time feedback on what traffic is going through the network. This way they might see that they made a mistake and that some data might be leaking. This would be important.

One thing I have done in the past is to run Etherape in sys-net attached to the internal interface so I could monitor all the connections in/out of the system via sys-net.
There is also a seperate panel that can be opened that just gives you the IP for every recent connection before it ages out of the list. I said the ‘internal interface’ so that they won’t see all the wan network activity that might just overwhelm them. KISS.

A novice will just see the local connections to all destinations being made in real-time as they are working in Qubes. It may be too much information but they can get used to what is “normal” traffic and then pull the plug if anything “suspicious” occurs. You will of course have to define what is normal for their specific use-case.

It’s rather simple to install etherape and add it to the sys-net menu, or even set it up to autostart. I have not played with VPN’s doing this but you would definitely see anything that is not inside the VPN tunnel. That might be good enough to catch any major mistakes.

Another way might be to just write a python script that monitors that same interface, have it whitelist all your expected traffic, and then display just what is not expected. I did this once to monitor a VM that was running Boinc as I did not trust some unknown software it downloaded to not be phoneing home. I also had a learning mode where it would add IPs to the sys-firewall whitelist for that VM. In lockdown mode (default deny in sys-firewall) I could just listen for ICMP messages comming back to that VM from sys-firewall for anything that was blocked there. A pop-up could give a nice user warning that some data was trying to escape. Whatever VM you need to be monitored could alert the user when something is blocked on its way out the door. In a more general case that script might run on the internal interface of sys-firewall or equivalent to catch anything that is blocked from any AppVM.

1 Like

Take a look into this, based on qubes in the workstation part, you can use the whole solution or with some tweaking you can use it in your own way

3 Likes

Yes and no.
You need invest your time to learn the right tools.
If your tools require inadequately huge time investment to learn to do even simpliest things, your tools are broken.
Our security tools are broken for decades, and when we try to point this out, geek elitists always try to get into argument “but I learned it so should You”
No, the tools are still broken.

The only REAL knowlede worth to be persistent is common OPSEC. If tools stay in the way of OPSEC or make it inconvenient to achieve, the tools are broken. Technical knowledge is ephemeral, the tools are ephemeral, the right processes are here to stay, and the ability of tools to support those procedures is the only thing that are worth improving technically.

In certain way Qubes is somewhat “less broken”. But there is NO FSCKING EXCUSE that it requires a 90’s type linux geek level of tech knowledge to operate. It is a shame, a problem, and a challenge to be resolved.

3 Likes

I think this is a great goal, not just for at risk populations, but for expanding the Qubes user base. A focus on ease of installation and simplifying the interface / work flow would make Qubes more appealing to those willing to give it a try, but aren’t developer’s, enthusiasts or able to spend a lot of time as their own IT support.

I’m not a developer, more an enthusiast, but do have experience with OCM on SAP gigs. One key challenge was bridging the gap between developers and end users, and horror stories have shown that the most successful projects are typically driven by operations, not IT. In the end, the application had to support the overall business process, and this of course involved end users being able to use the system without it interfering with their work.

I have a deep respect for developers, but its a world unto itself and requires its own experience and expertise. Same for journalists or any area of expertise.

Some sort of “turn key” solution, that’s affordable, easy to install and easy to use would be ideal. Of course, much depends on the goals of Qubes, not to mention available resource.

1 Like

I just very recently started up with qubes. On the whole I agree with Jim; we’re not where we want to be if we want a LOT of people to use this system (and I do).

What you get, provided your use case matches the typical one, is almost turn key, for bright non-computer people. They have to learn a more complex work flow than they had before, but IMHO it is learnable by smart non-geeks.

If you want to change things, like for example to separate your ethernet controller from your wifi, can be done through the manager GUI but you have to understand it at a high level, so that’s sort of a “bright, computer person who doesn’t necessarily know Linux” level–in other word a bit of a geek, but not this sort of geek. A “computer person” has the mind set to think through the task logically, intuit how the pieces fit together, and knows that he should switch all app vm qubes to the appropriate firewaller; and the GUI will help him do that. Unfortunately, few people in the real world are like this. In fact even the first level I described above is unfortunately probably beyond most people, because of their position on the bell curve.

Once you get to the command line, you’re starting to head into “not just a geek, but a linux geek” levels, but the “typical” user should never have to do this unless they really need to tinker. Ideally a GUI would take care of most things a non-linux geek would want to do.

[In my case, of course, I started playing with minimal templates almost immediately and thanks to a few posts I found here mostly got through it without having to ask for help; though I still did a few times. And that’s leaving aside installation issues I ultimately had to solve by buying new hardware; then issues with the new hardware it took the bleeding-edge latest version to solve.]

2 Likes

I’ve been reading this nonsense for years now, alongside “When will
Qubes be ready for ordinary users?”
Qubes is ready for ordinary users right now - it has been for a long
time.
I work with ordinary (some extraordinary) people who use Qubes
successfully. They don’t have any level of tech knowledge.
They need an introduction, and emphasis on what Qubes can do for them.
They sometimes need support - but they would need support using Windows or
Mac.
Often they do better when they do not focus on the implementation: templates,
AppVMs, disposables.
No doubt there are cultural differences at play but the users in this
Forum and the mailing lists are not representative of all.

I never presume to speak for the Qubes team.
When I comment in the Forum or in the mailing lists I speak for myself.
4 Likes

YMMV, but the common consensus that it is not. If I remember all the obstacles I had – just every one of them would be a total blocker for a non-tech person. I would like to introduce Qubes as a workhorse for our company workstations, but as of now it is just a pipe dream.

What exactly was the obstacles?

1 Like

First, you need kernel-latest on most modern hardware for the system to work. Then disable rhgb because it is broken. Then be veeery careful when enabling sys-usb, half of the time this procedure gets you locked out. Etc etc.

Sounds like you didn’t follow the recommendations, I at least didn’t experience the same issues on the X230.

1 Like

It is a laptop and it is 10 years old. Such a “recommendation” is not for everyone either.

I assume it is a money issue.

Apple, Google and Microsoft have design departments which have multiple (multiple, multiple, multiple) amounts of money, each. I believe Apple’s machines mount their system readonly and macOS runs rootless, nowadays. That’s a start, but of course it does not protect against “Please stick this USB-stick into your computer and run the ‘Photo-App’ which pops up”.

Microsoft Windows actually educates people to click “resume”, “yes, yes”, “go away popup windows”. That kind of makes things difficult, even with Defender and all of that.

Fully agreed. If your life is at stake, you might want to use a non-persitant Tails-OS. That does not protect you against microfones hidden in your home, though. Or a partner which gets blackmailed or threatend by the secret police.

Nothing in this list happens, if you use recommended hardware, which is the point of the latter.

1 Like

If you go to “system requirements” page, it is pretty vague. And the desktop list for 4.1 is empty. No certified systems, no community recommended systems. Zero. Nada.

If you scroll down, you will see the links to recommendations.

It’s a community effort. It requires two HCL reports, which is not easy for a desktop.