Qubes ready to install for Journalist-Human Rights workers

Veerrry interesting.

I will focus on creating a Work Flow logic.

Where the Work Flow guides our Intrepid Reporter to keep his computer, and him safe. Also Protecting his sources.

To keep the Journalist from making a mistake, without having to keep a hundred points in mind of what to do, when. What never to do. What is a danger flag. Keeping one eye on the Canary.

Work Flow should be like the Security Guard guiding the Journalist through the alleys of a destroyed country.

Still, keep posting knowledge. If we ever get the first stage off the ground. Then each of these ideas, implementations, Apps, programs can be given consideration.

I don’t want to dampen enthusiasm, but secure drop is developed by, and
for, journalists.
I think you would do much better to approach the FPF to work with them
rather than reinventing the wheel. You may have some insight that’s
valuable, or you may learn from them how your ideas are misguided.

At a minimum I would look at SecureDrop and learn from what they think
is valuable. They have already considered the same things you are
starting to think about.

I never presume to speak for the Qubes team.
When I comment in the Forum or in the mailing lists I speak for myself.
3 Likes

Unman, I believe those who have high levels of expertise, such as yourself, what occurs to you off the top of your head, or feeling about a project, situation, is more important, will have more impact on a project than all my pretensions of effort.

I have read through some of the FPF. I have read about and used Secure Drop.

My respect for the likelihood that your opinions will have more impact than what I am considering is quite high. For the next week I will be doing some other things besides this project, anyway. and I will ruminate on what you have said.

1 Like

That makes sense. I think catacombs has some great energy and ideas, especially in terms of creating a list of apps for journalists.

In addition to FPF & SecureDrop, DeepLow seemed like a good contact. Knowing what they’ve done, and their current objectives, would help you know where you could make your greatest contribution.

1 Like

Long ago I worked for a fellow who had gray hair, and told me some stories about the Operating Systems for computers the size of very large rooms.

Usually the first version of an OS barely works. When some basic compilers gave trouble, the reply of the guys working on the OS said it was a problem with the compiler not working well. Complain to the software guys who build the Compiler and how they interface with the Loader.

About the fourth iteration of the OS. The OS would be mostly stable, and even work with some of the Compilers (read Application Software)

Then began the next phase of the OS development. People had all these ideas about some neatzy keen features to go with the OS. Some called this the Bells and Whistles stage.

As nice as some of the features could be envisioned to be with the implementation of these Bells and Whistles. It created ways to slow down the OS, sometimes crash user programs. Even cause unusual problems with OS.

Kind of like M$ sending out updates that crashed. Now it is feature updates, which don’t crash so much, but slows down OS, and to give me a feature I never knew I needed. and don’t use.

After three or so more levels of OS, some of that crashing would go away, and on site system engineers were never keen on installing any more cool Bells and Whistles. not at least until some other sites had implemented that feature and used it, successfully through at least one more upgrade of OS. Some on site System software types would not implement new updates at all. Sound familiar?

By then the Computer Company would announce a new piece of hardware was coming out, with greater speed and fantastic features in the OS. A lot of sites would say, “Uh, not now.” Basically what they had was finally working after years of frustration.

I fear my suggestions for a Qubes for Journalists is like 'Bells and Whistles.". A version of Qubes with essentially a trail guide to guide a journalist, rather than the Journalist trying to make decisions on which path to take -based on reading a lot of documentation.

and for the record. About backing up your computer. In the big room size OS environment. The computer company manufacturer OS experts always claimed the Back Up worked perfectly.

My experience was that ‘Back-Ups’ (then on large reel computer tape) never failed. However "Restores’ failed. Never the fault of those who wrote the Back Up Software.

So called ‘Interval Backups’ - backups based upon each night saving only the parts of the file system has changed -whatever the interval (day-week-Month) and whatever the terminology. Find Unique and creative ways to fail.

With a solid back up program. Save full clones of disks, multiple times., For a laptop that is an external drive. Then hide those discs. If you have friends like mine, they decided I was not using those external discs. so they kleptoed some.

Don’t trust one back up. I prefer to use a program from a disk manufacturer (like Seagate for Seagate,’ Western Digital’ drives) to clone. I don’t like Shrink images, compressed, or zip images of back up. Another great way for a restore to fail if just a few digits get messed up.

I guess none of this is about the Qubes back up system. But if one is going to re-install the OS, at least occasionally. To prepare to go through airports, or to upgrade OS, or, something just feels off. Then having multiple cloned back-ups (keep up with Passwords) works.
Backing up to the same device over and over, usually ends up with the last copy a corrupted copy. Or the device, or tape media just fail.

and put my really important personal information on a Flash drive, which now can hold so much data that the entire OS could be saved onto it as.

Hello. Human rights worker here. I wrote this article on how to use Qubes OS in the most basic form.

Journalists starting to use Qubes OS are better off using it in the most simple during the first 6 to 12 months, as I described in the article. That’s how I started. No compartimentalization. I also watched whatever videos available on YouTube. Back then, there were hardly any videos and this forum didn’t exist. Today, the entry barrier should be lower because of the availability of videos on Qubes in multiple languages. And because of this forum.

6 to 12 months in, journalists / human rights worker can start using compartimentization.

If only major cities around the world had Qubes OS experts or IT non-profit or human rights non-profit that people can go to for the initial Qubes phase in. That would have made my life easier when I started running Qubes.

7 Likes

@Wissam, just out of curiosity:

  • In the human rights industry (I’m sorry, I don’t actually know what it’s officially called, but I have the utmost respect for everyone in it!), do individuals usually get to choose their work machine, or is it usually given to them pre-configured?

  • Is there any training provided by employers about this sort of stuff (and is it any good?), or is it mostly self-taught?

CONTEXT: Most University courses will only teach software provided by companies who FUND their research (hence why you don’t see much FOSS software being taught). I’m trying to get a feel for whether any situation like that exists. I’m also trying to get a feel for how much effort people in the industry are prepared to put in to “learn new things”.

  • Any chance you could give us some examples of “dumb things” that seem to occur in the industry?

CONTEXT: *Self-pwnage, bad OpSec, etc. For example, someone receiving images that have had the metadata cleaned, and then taking a screenshot of the cleaned image, thereby putting the metadata back in. Posting on social media while “on the job”, or other things of that nature (please don’t say anything that could compromise anyone :grimacing:)

I’m asking because if there are things that enough people in the industry do that they probably shouldn’t, then there is potential for safeguards to be put in place in Qubes OS to stop it. *

——-

Absolutely loved your article, by the way. Detailed but also succinct and to the point :slight_smile:

1 Like

In my opinion the development of guided tutorials as championed by deeplow & others would be a significant step forward in broadening the usability of Qubes for journalists & other at-risk persons.

An intuitive walk-through guide to performing basic Qubes operations that can be ‘unticked’ at the installation menu, and on first boot brings you in to the tutorial environment and perhaps can be picked back up at a later stage.

Something like this covering the basics I think would do wonders for on-boarding. I’m not able to program but if anyone needs help with working on the structure / bouncing ideas off of for such an effort, message me.

If only major cities around the world had Qubes OS experts or IT non-profit or human rights non-profit that people can go to for the initial Qubes phase in. That would have made my life easier when I started running Qubes.

This is what such a feature could begin to bridge the gap on. I really wish I had more skills to develop it technically. Many non-technical users are intimidated by the documentation and the conceptual leap to really using Qubes as it is intended. This of course can’t be eliminated, but perhaps the interactive guidance through steps will help to keep people engaged and feeling like they are progressing, rather than studying for a test in a ‘language’ they don’t understand.

As I said, only so much of the ‘edge’ of Qubes can be rounded.

2 Likes

I consider: While I say Journalist and imply Human Rights worker as well. Much of the information today regarding Human Rights abuses comes from individuals, who happen to see something.

One of the first people in China who talked about a disease that other Optometrists should watch out for, posted the information. For which the government told him to shut up. Put him in jail. Events showed he was correct, he was released from jail. He caught COVID, and died.

A person, in Wuhan, whose apartment window overlooked a place where the dead bodies where taken, reported that the number of dead being reported by the government, was obviously way off. Reporting by way of Media like Facebook, is likely to invite a visit by government security services.

I know a fellow, who married a woman from Russia, who lived in the time of the old Soviet Union. She said the people expected the government to lie to them. That is, the Soviet Union was in a battle for their country, and if lies benefited that effort, the average people supported it.

Truth is a relative term for Journalists/Human Rights workers.

I envision someone trying to take up Qubes, is not in a good position to spend hours reading notes online. Not only terms of the time in their personal life, but that time online to Qubes sites, and github. increases the probability that they incur the interest of the government watchers.

If we also put a lot of documentation inside Qubes, makes the download a bit bigger, but less time online later.

I think of what I am trying to accomplish is like a ‘Trail Guide,’ built inside the software. The possible options to a newcomer is like a valley filled with lots of paths. The “Trail Guide” is to show the way to using Qubes without risk. I am afraid my project is becoming more like a Microsoft Feature, slows things up.

If we finish the project I see a big group who might pick up Qubes will be business travelers.

First of all I don’t think the idea that computer amateurs are both in a position where they can stumble upon Qubes OS Journalists edition and not trip up a hypothetical red flag from a threat, but their reading the documentation would do so adds up.

That doesn’t really stack up to me. If someone is a computer amateur who as you said originally isn’t even aware of how their OS puts them at risk, they are going to likely be diving through searches of ‘best privacy ****’ this & that on youtube and google which will land them on someone suggesting Qubes.

If there was any kind of tripwire of authorities paying attention to their activity that could be done so by reading Qubes documentation, accessing whatever lead them to the suggestion to use this Journalists Qubes & the subsequent downloading etc. will do that anyway.

I like your enthusiasm but I find this thread a bit confused.

Having a tutorial like Deeplow said for beginners on their first boot is a good step, but I don’t think splitting off a Journalists version of Qubes is worth the effort & solves problems, more likely to create problems.

You’re better off creating guides like Wissam did informing people in the simplest terms what their current threats are, and how those are mitigated by Qubes.

@Wissam I read & thought you did a great job on that article.

Thank you @alzer89 and @KarlinQubes for your replies and for your feedback to my article. I will reply to your questions ASAP. I need some time to write the answer.

As for the following:

Indeed, the people I work with do not have time to read lengthy guides. I disagree with @KarlinQubes that “the development of guided tutorials as championed by @deeplow & others would be a significant step forward in broadening the usability of Qubes for journalists & other at-risk persons.” An abundance of information is paramount. Video tutorials, written tutorials, forums, etc. Very important. But are insufficient for human rights advocates.

I will expand on this in a later reply.

For now, I have one major question that Human Rights Defenders ask: Will installing and using Qubes be detected by my government? Governments are increasingly able to fingerprint devices within their network. Catacombs wrote:

To compare, Graphene OS does not emit signals other than the update request. And that can be disabled (and enabled momentarily when updates are available). I was at training where the trainers had monitored the connections coming out of Graphene OS for a week to confirm this. In addition, the Internet Connectivity Check can be disabled or sett to Standard Google. PSDS server can be set to Standard Google. Wifi Mac address is randomized. This makes the phone much harder to locate.

So I can recommend Graphene OS to some people in specific environments. But what about Qubes OS? This may have already been answered on this forum so I apologize for asking again.

2 Likes

I’m looking forward to reading this reply.

I cannot imagine that there is a passive system for alerting to use of Qubes. There shouldn’t be any information that belies Qubes use leaking.

There are artifacts that if someone hacked your system could suggest you are running on top of a hypervisor, but those are if you are already hacked and someone is figuratively searching through your trash. The above discusses some of these artifacts in the context of linking two VM’s to the same user.

With a more authoritative confirmation from another user, you should I imagine be able to confidently assure people that simply using Qubes (and not when we start to talk about Tor use etc.) will not be detected by government unless they flag you visiting the site & then look in to you further.

I’d love for someone more knowledgeable to comment, but to the best of my understanding I cannot see what possible fingerprinting could be done in a passive way to alert that a device is connecting using Qubes.

What I want to show in part of the “Trail Guide,”
Options the user should first do in which order.
Login.
Update being the goal;

(Option; How to start a Jqube that has Open VPN installed, to allow them to enter login to VPN provider. Tell the user where to look for an option on the screen. Which option to choose. To get into Qube for VPN.) Need a setting made to use VPN for Update. Where is point to click. How.

Where to look for “Update Icon” , What to expect after Update starts.

I start with the idea of a rigid path for first time users.
Get Online.
Update.
Start Jdisp to get needed information from other places on Internet, email/web pages.
Copy that needed information over to a JQubes app, (probably based Work Qubes. This Qube Offline always, which has software added to facilitate effort. I have a list, but anyone want to build the list,

Someplace in there must be decryption and encryption software. Whether Split-GPG. or just do it. Things outgoing onto Internet or a USB. Like put all the outgoing into one folder, copy it all over to the Outgoing Jqubes. Which is a disp.

The there is having a Vault, copying things into Vault.

Documentation at the point in time where it is needed.

I could be off base, but it seems like much of what you’re proposing is to make the installation and use of Qubes OS a “seamless experience” experience for journalists. That seems like a good thing.

As a rough example, if the journalist needs to lauch a specific qube, why call it qube? Just have a button on the desktop for “Research / Download” and the others activities the journalist performs. The button would link to necessary qube, which could be set up at installation with installation manager interface with drop-downs.

The current publicly-known ways that someone remote can detect Qubes OS:

  • If they manage to get into dom0, and then run cat /etc/os-release or uname -a
  • If they manage to get a shell inside a VM and run uname -a (the standard VM kernel name has the word “qubes” in it)
  • If they manage to do a traceroute or arp -a from a shell inside a VM (they’ll end up seeing that it passes through 10.137.X.X)

Basically, if they manage to get a shell :joy:

Feel free to add more, or correct me on any of these :slight_smile:

———

The reason I was asking the questions before was because I was trying to see if there were things that could be done to Qubes OS to “idiot-proof” (or at least “idiot-mitigate”) it for people in that industry.

Not suggesting that they’re idiots. Quite the opposite, actually. The level of intelligence and street-smarts that would be required is at a level that most industries would think impossible :slight_smile:

But everyone has moments of complacency from time to time.

Maybe they open a file in the wrong VM because they’re tired or distracted or multitasking too hard.

Maybe they don’t see any reason to do things “the Qubes OS way” because they’ve “never done it that way before, and have never had any issues”.

Stuff like that can be turned into very helpful automated user interface changes :slight_smile:

2 Likes

Is there any one here who is a trained Net Work Engineer, who is currently working Keeping Servers properly updated with Security fixes.

Which lets out some former, very highly paid Network managers for major credit evaluation companies, Hate to mention names. Companies which have everyone’s personal data that is used for loans, credit.

Like someone who would know how rig a connection in a hotel to spy on folks? Or how a three letter agency would go about figure out who we? get into our lives?

It makes me wonder at what stage is the topic of implementing an introductory tutorial for qubes os stuck?

In my opinion, it would be possible to leave a tutorial called “for journalists” on the desktop by default, which would contain the most useful links relating to Qubes documentation: configuration of disposable containers, configuration and use of whonix, configuration of pgp and its use in thunderbird.

I don’t need to know cars at an expert level to buy and use it.
The same should be the case with Qubes: after installing qubes os, the system should display any tutorial, because this system is very different in the way of use compared to other systems.
We should not think that privacy should depend mainly on the user.
Privacy and freedom should be a duty, not just a privilege for those who understand the problem and are looking for solutions :slightly_smiling_face:

1 Like

I will attempt to answer these questions and other questions in this thread here.

I would roughly say there are two categories of Human Rights Defenders (HRDs) who need Qubes OS. Category 1: Human rights advocacy groups based in the West, but working for causes all over the world. Category 2: Human rights defenders and advocacy groups in the country they are advocating or living under weak rule of law. They are less institutionalized and often include high profile leaders. Things are more personal.

Both need to defend themselves, their data and their contacts. Category 1 HRDs have better access to resources. Those with good financial resources and good know how (Category 1-A) are reliant on Microsoft services or similar cloud services for their collaboration, conferencing, file storage, and emails. Post-pandemic, there’s a move from own servers to fully-cloud based. They could have a full-time IT staff. They could have remote management/control of the lockdowned Windows laptops. They may have some IT training, and some fishing simulation. Their IT staff can’t justify ditching Windows (or Mac) for Qubes. Many could be locked-in to Windows with remote management. IT staff and NGO leaders have doubts around the benefits vs. usability of Qubes OS, its manageability across an organization, and whether the unknown threats justify moving to Qubes OS.

As for category 1 HRDs with limited resources, and most category 2 HRDs, they have less resources or less know how at the leadership level or lax policies in place. These are the majority of people. They would be struggling to find the right approach. Staff are usually free to use whatever they want - Windows, Mac, Linux or Qubes OS. Things are getting worse for category 2 NGOs as rule of law continues to breakdown in many countries around the world. Qubes OS and the Linux environment is cost efficient and they would go for it if they knew what they were getting into.

The following are 3 organizations that provide workshops and attempt to build capacity: www.smex.org www.7amleh.org www.cyberpeaceinstitute.org

There are many more of course. The approaches and context of each of these organizations vary significantly.

I personally presented in 2019 and 2021 in one event in the Middle East about virtulization and about Qubes OS to HRDs from Category 2 – from the field -, in Arabic. Participants were from across the Middle East and North Africa. After my talks, I felt that I shared I was flying above the heads of the participants. FYI I also did an introduction video in Arabic that got 3000 views which is quite good for an Arabic language video. Qubes OS مدخل إلى نظام تشغيل كيوبز الجزء الأول - Invidious I also did a full-install video that got around 1000 views. Qubes OS مدخل إلى نظام تشغيل كيوبز الجزء الثاني - Invidious.

Language also hinders knowledge about Qubes OS. Under one of my videos, there were requests to make additional Arabic language content on privacy and security that is available in English elsewhere.

I’ve spoken to many people about Qubes OS and about Graphene OS. I’ve seen trainers discuss these in sessions. The problem is that it’s too vague and conceptual for them. The expectation is that phones and laptops work out of the box. HRDs need a person to talk to, a human being, and they need a presentation. They don’t need guidelines. They need support. This is beyond the mission of Qubes OS. There’s an illusion that the newest OS is safe from government hacking, an illusion shattered every now and then when a hack becomes known. But the illusion endures.

Major hurdles that are prohibitive for HRDS: finding the right laptop (specs, fully compatible) especially in low-income countries (most cannot safely ship Insurgo / Nitropad laptops to their country), installing Qubes (from downloading and verifying the ISO, to the install process), the initial setup even if it’s a basic and simple setup of one Qube for all activity (including setting up MS Exchange emails or Protonmail email bridge or installing Zoom and other proprietary software necessary). No amount of guides can solve this.

The reality is that Qubes OS is competing with Apple Macbooks. Macbooks have topnotch security for a mainstream device. The main difference with Qubes is that it comes ready to use with a much smaller learning curve if you were coming from Windows.

Michael Bazzel said on his Privacy Security and OSINT podcast that he had tried Qubes OS and concluded that it is isn’t for the majority of people. He recommends Macbooks for security and Pop_OS for privacy. Source: Episodes 264 or 265 of his podcast: https://www.inteltechniques.com/podcast.html. (His comment is what made me write the article in his publication Unredacted Magazine which, to my surprise, had over 50,000 downloads in previous editions.)

The Hated One in an interview with a Graphone OS developer said: “Before Graphene OS, I tried to use Qubes. The problem with Qubes is that there’s such a steep learning curve, and not just when you try to install it – that’s actually the easiest part – but when you’re trying to use it on a daily basis, it’s gonna drain your battery and you need a beefy machine also the usage. But Graphene OS is so simple. I can use it as my daily driver.” Source: Exclusive Interview With A GrapheneOS Developer - Invidious

No one is complaining that the documentation is insufficient. The problem is that using Qubes OS currently requires a learning curve that challenges even the IT security and privacy communities!

Human Rights Defenders HRDs and journalists already have so much on their mind. The have to think of the victims of violations, of protecting their sources, of funding for their projects, of their government harassment, etc. As a result, they have very high expectations that their laptops work out of the box. I work with such (wonderful) people. For these people, the current state of the Qubes OS offer (high security, low usability) cannot compete with Apple Macbooks in terms of security and usability.

The best example of how useless guides are is setting up a VPN on Qubes. VPN is an absolute must because HRDs need their connection to “exit their country” before accessing the Internet. Tor is not an option for day-to-day emailing, conference calls, and cloud collaboration. Maybe 5% of HRDs I work with can figure out the VPN setup guides after wasting hours of going through the guides and learning basic terminal commands.

Another example is Zoom. It has become ubiquitous. How can one install Zoom and keep it up-to-date on Qubes? Even for me, it was a difficult experience (sudo dpkg -i instead of sudo apt install? Seriously?) There’s no guide for that. If someone wants to install and use the encrypted cloud service Tresorit, or the Proton drive, or Proton mail bridge, or Signal Messenger, how do you do that?

I am personally convinced of the relevance and importance of Qubes for HRDs. I stand by my assumption that if better off switching to Qubes OS if a person decides to dump Mac and Windows for Linux - and learning the Linux environment.

But I am amazed at the deep divide between the Qubes OS community here, and the situation and expectations of HRDs who genuinely need Qubes OS.

I got 3 people I work with to use Qubes. I installed Qubes on their laptops and set it up. But I’m stuck now upgrading their system (2 are still on 4.0 by the way), fixing problems, updating their Zoom and other type of software, etc. I recommended it to more people but because I could not install it on their laptops and set it up fully (because of distance), so they didn’t use it.

So what are the solutions? I will think of something and write it. It’s certainly not “more guides.”

A beginning of a solution could be the availability certified laptops with Qubes OS all over the world, that include additional software pre-installed (Signal messenger, LibreOffice, VLC, digikam, and the likes). Like that, if I recommend Qubes to someone who needs it in an Asian or an African nation, I can also tell that person where to find buy one.

These are some messy thoughts. i apologize if this was quickly written and if any part is unclear.

4 Likes

I am thinking I want to put a Documentation file on the desktop, and I think it a bad idea to put it in Dom0.

Anyone know a clever way to put a documentation file, or a link to a documentation file on the desktop that does not involve changing Dom0?

When I say a “Trail Guide” Take the user by the hand to guide through the steps of first using Qubes safely as a Journalist.

I intended to think of an exact. Do this to accomplish that. Find the Qube or program you need at this place on the screen. Open it (give expectation of how long it takes to open) What options the new user will see. Which one to choose. As much as possible, a rigid fixed path, so the user does not get off into worrying about other things. And as much as possible, for the new user to not install any application. clone up a Qube. Housekeeping stuff.

Open an App Qube that is offline, that has software already installed for working with Information. TXT files. document files. Photos. Video Files. Read emails. Write Emails. Decryption. Encryption Yes, this qube is cloned from somewhere else. But; I am not asking the beginning user of Qubes to clone up a Qube, install all the correct software.

In first disp Qube, you can do these things. Obtain information to work with: Off the internet. Off USB. Documents. Emails. *but not opened Emails." Files. Photos. Videos. and place them into one folder.

Then Swoop copy all that folder into the second Qube. An app Qube which is offline, and where the Journalist can work with all that data as they choose. Decrypting. Reading. Examining. Then choose which parts to save in the app Qube. and or the Vault. One might use an auto-generated name for the folder copied to App Qube which has a date-time. so it does not accidentally get deleted.

Obviously the information the Journalist wants to go back out into the big bad dangerous world. He will put into another folder. and copy to another disp Qube.

I would be really glad if you see a better: The Trail Guide will take the user through the early uses of Qubes to allow full use of Qubes.

Here, I left out some details that would be in the; “Trail Guide” (maybe I need a more descriptive name?) that are obvious to an experienced user of Qubes.

Actually, that brings up another point. I have had some odd issues doing Updates to Qubes. I found that doing Updates to other versions of Linux sometimes were solved by using a VPN. Some ISP’s seem to be messing with the connections used for Qubes. Perhaps it is only a timing thing.

Which is why I mentioned in an earlier version of the “Trail Guide,” a Qube already created to allow for the input of OpenVPN credentials, for a VPN to aid in Updates.

How I do not intend to repeat what other Guides have.

One: I intend to tell the new user where on the screen they can find the point they click to go in the direction I intend them to go.

Two: As much as possible I want to have created for the new User, already created jQubes which have all the bits and pieces they need at that point.

Such as:
Software for OpenVPN. (although each VPN has their own documentation for the user.

Software installed in the first disp (input side of system). to catch email. surf the web. A folder to save whatever the Journalist chooses to work on. (in an offline Qube)

Obviously the Offline Qube has a bunch of software to facilitate for the work up of information. Decryption. Encryption. Working with emails. Documents. Photos. Videos. taking care of passwords.

I have not made any effort to allow for things like a video chat. Which off the top of my head. Belongs in a Qube by itself. Once again, the Qube should be already created for the new user, with all the needed software installed, updated for the new User. Like always, I am open to be wrong on that too. I never knew there was a resurrected version of Zoom. Used to be I thought to avoid Zoom, as it went through servers in China. I do not have anyone I want to video chat with, so I do not think along those lines.

I may be completely off the point of what is needed. One one hand I want to think like the new user. I got this thing loaded. Started. How do I get online? and why do they say Qubes is so much safer? How am i supposed to accomplish that. And the current guides/Documentation seem to go on forever.

All that Documentation for the new user to keep in mind while he is trying to - also put software into an App Qube. And . . .

Someone mentioned “Secure Drop.”
Secure Drop is used as a name in two different uses. One is a Tor, Onion side connection to send messages to News Organizations that have signed up. Like the New York Times. Well if you go that version of the Secure Drop website, they have a list of news organizations to send stories, or news tips --Hopefully without any one else being aware you sent the info.

The other use of Secure Drop was a software system, which I think is no long maintained. Where two Physically different computers. Both with the same Operating System. (Then it was Windows, or Mac) One receives information off the internet. Then the information is moved over the the second computer (which is air-gapped) which is by a physical Medium. Flash Drive, or. . . . Something like this is being done in Qubes. Each Qube representing a different isolation of information. There may be an application for Linux that does this in github I missed?

I am not really working on this project for another two weeks. So like the others posting here, this is off the top of my head. Be good to get some criticism of why my idea does not work.

Once again, I am open to be wrong, I frequently am.

2 Likes