Hello, ladies and gentlemen. English is not my native language, so I am using a translation software. I hope you can be more tolerant, thank you.
I just started using Qubes OS a few days ago, but I still do most of my work on Windows. I like to keep several identities on the internet completely separate to save me from unnecessary hassles, and Qubes OS is just what I need.
If I use Qubes (qvm), install windows and windows-tools, and connect to sys-whonix at the same time, will there be any security issues due to windows-tools or other factors? For example, can the attack be directed to dom0 through windows-tools, or any reason lead to de-anonymization. (Only system issues are discussed, excluding social engineering and other human-focused attacks)
As long as Windows is running as domU, it should be save for dom0. It possibly could be more a problem, if you running QubesOS and Windows side by side on a device.
So, from all the infos you gave, YOU probably will be the most common reason for de-anonymization, IF you did a wrong step (by accident).
As long as you’re using the OS in the way it was build for - all should be save.
I am using a Laptop with qubes OS installed in a USB external hard drive (M.2), but I did not empty the original hard drive inside the Laptop, it comes with a Windows system built in, do you mean that such a configuration is prone to other problems?
Keep it to the underlying philosophy of Qubes & you’ll be just fine, separate tasks, habits and servers/websites you visit well that is.
Running Windows as one VM should make that easier for most I’d guess, just remember to avoid spontaneously doing stuff in that VM that you do otherwise. Fingerprinting is a thing and will just be even more capable in the future
After a busy day, I found a lot of information, and since it was my first time using qubes os, I thought it would take me a little while to absorb it all. Let me talk about my new knowledge, I think it might be helpful for others like me to learn qubes os. After reading the multiboot.md, I thought I would need Anti Evil Maid since I use a Laptop, and I probably carry it around a lot for use elsewhere (probably when traveling), and I thought I could ditch some of the USB security (I haven’t used USB in a long time, and I’m more than happy to transfer it over the network, which is much more convenient), but after reading more about AEM, I see “known issues”, my Laptop no longer has USB 2.0, but AEM does not support USB 3.0, and I use an M.2 external box (Silverstone SST-MS12) as a Qubes OS carrier (AEM is not compatible with having an SSD cache), and my laptop uses amd cpu, while AEM seems to be based on intel’s built-in features, This means I have no way to use the AEM … Right? I need more time to absorb other information and google data, I will probably ask other questions tomorrow. Anyway, thanks to everyone who responded to me here, thank you very much for your help. English is not my native language, I use translation software, please forgive my grammar mistakes, thank you!
I think of a problem, if I do not shut down windows (qube), perhaps because the computer does not respond or the reality of danger, human pressure, etc. … If the computer is forced to turn off the power (such as long press the power button and so on), will it cause a bug? Any danger? De-anonymization?
You did not tell us which laptop you are using. Maybe it supports Heads instead, which would be even better AFAIK.
However I would not recommend to go full-security so quickly for a person new to all this stuff. There many other attacks that are much more frequent than Evil Maid, and it takes time to adjust your workflow to Qubes OS with many isolated workflows.
In this case, if your computer was doing some writing to the disk, the writing fill fail and the file will be damaged. D epending on which file it was, you may loose some data or render your OS unbootable. Nobody should be able to deanonymize you because of that. It’s not recommended to abruptly shut down Qubes OS, but usually it does not do any harm.
I recently created multiple windows VMs, some of them are StandaloneVM, some are StandaloneVM under TemplateVM, and some are full DispVMs under TemplateVM and AppVM, but I can see some data in qvm-prefs that is identical in all VMs. Should I try to change it? Will these identical data affect security and anonymity?
I checked this article, which mentioned “Note how the MAC addresses differ between those two, otherwise identical VMs”, it looks like I should change the MAC address manually?
Make it look more beautiful. When I use windows now, I will see two mice on the screen, dom0 and windows mouse.
But this is just a casual mention, it would be better if there happens to be an answer. I’m still focusing on the anonymity of qvm+windows for this article.
I can’t help you here, but I guess you should create a separate topic about hiding the mouse, since it’s not really related to “Security using qvm+windows”.