Schenker XMG NEO (M19)

Remarks

After initial system setup everything (I use/need) worked out-of-the-box with 4.0.4 and all release candidates of 4.1. Networking, sleep, video, all work fine.

As for my customization, nowadays I use Debian minimal templates as default template for basically everything meaning that I build my own sys-* and app-* qubes on the minimal templates. With app-* qubes I mean that I have dedicated template for my major apps I often use. besides that I have templates with additional epositories as snapcraft in case I quickly need an app for a short time e.g. for testing. Usually those have a rather short lifetime. In case the start to do I migrate to a dedicated template. Again, everything works even suspend and one must even not qvm-kill sys-net as wifi just reconnects after sleep. :smiley:

Going forward I would love to make “real” minimal templates based on Gentoo. I used Gentoo for years before I moved to Qubes and I love it still. With real minimal I refer to e.g. minimal kernels. There is also a huge unnecessary attack surface. Only issue with this concept is, that one goes nuts due to compute limitations. Just imagine to update and compile updates for 30+ templates. This would take ages to do so… I think only feasible option would be a dedicated build machine and heavy utilization of distcc, with all its cons. Unfortunately does this also prevent me from the ideal state in which the entire system is based on musl, totally avoiding glibc. So, my philosophy would be to remove complexity even further by minimal kernel, no systemd, no gcc, etc. I hope this makes sense… Let’s see if and when I find the time for this experiment. :smiley:

Hope this helps and sorry for taking so much time to upload this HCL - mea culpa!

This is the notebook: XMG NEO 17 (ID: XNE17M19) – Download Portal

UPDATE: I did not alter the BIOS (yet). No coreboot or alternative used. Currently I use the build in secureboot with work out-of-the-box as well. One can deploy keys and sign the grub and xen *.efi images which is for my current threat model sufficient while not perfect…

Attachments

Qubes-HCL-SchenkerTechnologiesGmbH-XMG_NEO__M19__RTX_2060_-20220203-075826.yml (1.0 KB)

Thank you @voidstar for your HCL report, which is online now.

Excellent. Thanks. Here one can find a detailed assessment of the notebook. Unfortunately in German (company is German as well).

I was just thinking… another interesting feature for privacy focused people is that in BIOS one can disable hardware as webcam, wifi and other possibly privacy impacting features which is also pretty nice for a Qubes user I imagine… :slight_smile: