System automatically removed all of previous post.
I welcome any comment from Journalists/Human Rights Defenders. I feel that some sense of how Qubes works to obtain security is needed to create a design for a Journalists/HRD version of Qubes.
One request was for an Auto Installer of Qubes. Guessing that means, no interactions with human needed. I don’t see how that could work if computer has two drives.
I would instead be concerned with describing a group of Qubes for Journalists/Human Rights Defenders (JQubes) and, that have as a first consideration being secure. Build them by cloning off of current Qubes, install relevant software. Set whether they are online or offline.
It is from this I think I, or we, will see disagreement from Journalists/HRD saying that is not how I want it to look. Unless the Journalists have a understanding of how Qubes functions, how it obtains security. I can’t guess what they might suggest. It seems the start should be from the side of the Qubes knowledgeable forum.
I would have considered using SALT to create Jqubes until after some review. However, the current implementation of pre-installing, as much as possible, of VPN’s should be a huge improvement in Security for Journalists. Rah.
At first: I had a list of the uses of Jqubes based upon; Input. Process. Output.
Input, JQube which internet. is Online. There is a Template version, and a disp version. I would have hoped, never opens documents, or does other things which create interactions which allow information to flow from my computer to Internet.
Input: I do not see how that can work with emails, in that some emails, like many webpages, wants to download things besides text, from other places on the internet. Links. Since Thunderbird is the easy part of decrypting emails. I find the link elsewhere, problematic from a security standpoint. Describing a bunch of security, how to proceed to do both securely, hmm. I imagine one can not order an airline ticket without allowing links. So just turning off Links (Script or however) to not be the easy fix.
One thought to just download what is needed. Then “Turn off the internet connection”
Save all things to be worked on in one Directory. Then SWOOP. For which can be copied in one command to the “Jqube Process” which is never online.
Jqube process, Which is never online. What software does it need. Office software. (https://github.com/freedomofpress/dangerzone)
Split GPG, if it can be handled here. Which raises the point. If I used Input Jqube after ----“Turned off internet” Decrypted emails, using the tools with Thunderbird. There is a risk from what else might have slithered into that Jqube while online and try to capture information. One can deal with that by: 1. Making the Input Jqube disp, which means creating a template for that.
2. Creating a lock that once one has been online with this Qube, and started some software. One can not get back online (makes this more complicated than I want). Therefore must be a fresh start of the Input Jqube to get more information.
2. A warning to make sure one does not close without saving data somewhere. Or, ugh, save it for the user with a date and time somewhere. More complications.
Perhaps use a technique like is used in Deeplow DangerZone to move emails elsewhere during decryption, deliver to. Problem, use of decryption can require need to work with keys, download, verify. And so on. My limited experience, the simple, easy way to decrypt is to use Thunderbird. Simple - easy to implement and use is what we want. But with a large consideration for Security.
My original thought being how to – simply implement what is already in Qubes to create a version used by journalists, and I am suggesting creating extra software, thinks like locks, “Swoop” copies rather than use the existing, trustworthy means to copy between one Qube and another.
And, I see our Human Rights Poster who said that using Video Chat was largely used. I can understand that it must be difficult for someone to learn to touch type in a foreign language, and possibly on a keyboard meant for another language.
Truthfully, I am perplexed why I do not see offered for sale - a rubbery keyboard cover that has the letters for another language clearly on top. Might not be quite correct in terms of number of characters, but would allow someone to use a computer keyboard on a computer meant for US or some other language built in.
I feel it more secure to use a separate Jqube for Video Chat. Surely a separate one for Zoom.
I doubt the situation has changed for the security of Zoom. Zoom, Owned by a company in China, all of the product of Zoom was directed to servers inside China (PRC) before going back out. Several years ago the company announced an improvement in their encryption. Adding they would work with police, law enforcement, when asked.
To have one Qube for Zoom, should mean it has its own Template as well. I don’t like complexity.
One could put all the Video chats in the original Input Jqube, (which is a disp), which has a lock.
Software lock which allows one to do anything in this version of disp Input Jqubes, but if one has used anything Online, one can not start Zoom. After starting Zoom. One can not use other software. Now the use of the lock would require like a table to show settings of locks, ability to turn them on and off. More complexity to make up for users not learning about, or using good technique. For me, I know not to trust memory as to what I have done when and where.
Also suggests writing more software for this project. Not what I wanted. That would be a set of software locks to allow, or not allow use of some commands, using some software when other software is running, or when the computer is online. Worst part of writing a new piece of software is that someone has to maintain it.
This suggests creating a Template for a disp for Input with the nearly all the pieces of software that one might need inside. And a lock software to keep them out of using some pieces of software sequentially, and the user, spinning up several of these Qubes to do running several of these programs at the same time.
I realize I have a disp that takes a long time to spin up, and is likely to run into memory issues.
Another issue. Some time ago I installed OpenSnitch on Mint. It is an Outgoing firewall, which is to one to determine if a outgoing connection should be allowed or not. I am guessing it allows the program to check where the connection is going, Therefore, it is has an additional security possible violation. And usually having such information is of little additional value. Someone else said it was a very annoying piece of software as it keeps halting events. Still one can intuit some interesting things by timing of things. I discovered that when I saved a file in the word processor, OpenSnitch halted events because there was a connection the word processor wanted to make. I was not using any cloud backup. I use the OpenSnitch option, and deny the connection. Turn off the internet, save the file.
I don’t see a Journalist/HRD putting up with anything like OpenSnitch. And I don’t want OpenSnitch to be used to watch what internet connections I make. ???
I am thinking I should get a bunch of 5x8 inch file cards, and put the options of each Jqubes on them, and a bunch of red index cards to record the objections/risks of using that Qube. Worry about the individual points.
Yes, I am thinking of using software locks to prevent some software being used sequentially, or online, in place of the more trustworthy, create a different Qube for separate bits of software.
In the meantime, all of you should use this opportunity to point out the fallacies of any of my design.