TL;DR: Redox will be able to compartmentalize the applications you want to use without sacrificing the reliability we have now, probably with even better reliability, and much much more efficiently.
The critical missing part is the applications you want to use. The gaps will be closed and probably before this decade is over.
From my point of view, it wasn’t pretty.
But the mods have been great about it.
Cheers to all.
vlc buffer_overflow.gz
buffer_overflow.gz (1.3 MB)
@avoca buddy I’ve been using this OS for the last 5 years.
5 years of:
Mind you I’m a beyond average senior IT enterprise admin with many years on my shoulders.
Qubes is for proficient sysadmins. when they say its for journalists it’s a joke. A journalist would be tracked in a couple of hours after booting this os because of neglected and known privacy leaks.
security with outright privacy leaks built in is a joke.
I think I’m about to switch to something else. its the last drop for me.
EDIT: to be fair, even with all this bs, this OS is still f***ing great and, from what I’m aware, has no relevant competitors to date.
its not just default behavior, there is no recognizement whatsoever of the implications of these privacy leaks. If you care you have to take care them by yourself.
@unman said the time sync fetching from sys-net can also be used to fingerprint Qubes OS, although I don’t see how that is possible; he never replied to people seeking further explanation. Just goes to show how much the Qubes OS team gives a F* about privacy stuff.
Haha… thanks. I really appreciate your message and take heart from your sentiment.
I take note of what your saying and accept that, at least for the time being, Qubes, and probably Kicksecure/Whonix, are not my cup of tea.
Having said that, I really do support FOSS and anyone prepared to back themselves in what is obviously a pretty thankless environment gets my vote of appreciation. And ultimately that was the intent of my post.
No doubt your involvement over the year’s has helped the project mature and progress. Best of luck.
And, thanks again for taking the time to drop me a line. Appreciated.
Cheers
Those “leaks” have nothing to do with privacy.
@qubes_is_frustration, all of the problems you listed are already handled for a narrower audience that consumes a private software release channel provided by commercial entities.
The open distro called Qubes is for a broader audience.
This is true of every open source software package.
The customers paying a firm, such as the one I work with, have a different experience.
I must also add, because I must give credit where credit is due, there are journalists (I know some of them) who can and do start off with vanilla Qubes without exposing to the local ISP (even the ISP router on the LAN) they are using Qubes who also do not step into the timezone pitfall. These are people who are serious about what they are doing. They choose to be careful. And, even if this sounds “harsh”, it is the true reality simply that: they are not idiots.
Enjoy reading the topic ahead of me.
can you elaborating further? I’m definitely interested.
again please tell me what product you’re talking about. I’d gladly pay for this software if there’s really something like what you’re talking about.
actually im the last reply in that thread (never got a response form Unman)
Thanks to many on this thread for pointing out that the the hazards of thinking just using the proper hardware, firmware and Qubes. Also requires, good methods of doing things, “Operational Security” OpSec is important/necessary.
No offense to what you said, but, people can look like idiots while being inexperienced. Calling someone an idiot reminds me of when I was in elementary school and someone wanted to motivate me to be different than my experience level was. Or to compliment himself. For me, second grade, that was another kids father on how to catch a baseball.
I feel that protecting oneself, by being able to being able to begin thinking about using Qubes, Installing Qubes, Using Incognito Qubes, without their ISP knowing of it might have a page on the website to accomplish this.
Although I agree that a better solution would be to have money, and pay a service to help one do this. I know I do not have the money. The undercurrent in such, Trust No One. Including oneself, as inexperienced or idiot, tired, brain concussed after going to a demonstration.
Well, I was hoping for a bit of a - How To- create and use and start using Qubes safely, while long term use becomes a bit of a problem. Doing such without a help service might be impossible for inexperienced.
Okay, I will process the topic sometime in the near future, then reply in it if I ever figure the answer out for your behalf.
This is stupid. Plenty of non-hackers use Qubes.
I’ve never been arrested for hacking, no one has ever accused me of hacking, and simply exploring possible configuration problems for possible future clients is not hacking. I’m tired of the misinformation.
I’ve been using Qubes since the first alpha version and have been on this board quietly since the beginning. It’s true: you said something so stupid that I finally had to register and therefore seem “new.” My point remains that many of us, if not all of us, are not hackers. Why are you even replying to this? Shouldn’t you be connecting to a server to connect to another server to brute force your way into another server? Also, I am an alt of @avoca
What you are referring to with what you believe (incorrectly) is described by the word hacker, which is not synonymous with the proper term hacker, as defined by the prominent “hackers” in the early freedom software movement and related open source movement, as used in earlier posts in this thread, is called a cracker.
Furthermore, as far as someone who “breaks security of systems”, in the modern vernacular, Qubes is developed by ethical hackers and Qubes is deployed in production settings (both commercial and non-commercial) settings by ethical hackers.
Qubes is widely recommended and used within communities that describe themselves as hackers (some of them are not real hackers, but aspire to).
While we can appreciate your lived experience, Qubes isn’t about you.
I would suggest to you kindly that you strive to become educated and better informed. If you post such things on the forum of an open source project, wearing obliviousness on your sleave like that, people who read your post could come to a conlcusion that you are very stupid, and we wouldn’t want that to happen.
.
I believe you owe me an apology. It’s not okay to waste our collective time like this. If you are not willing to apologize, I’ll accept your post as nothing more than extremely low quality trolling and I hope one day you manage to mature and better yourself.
And you still haven’t put together an instance of Qubes that works for you? Damn.
Oh shit really? That’s awesome! You should download buffer_overflow.gz and watch it, it’s just a .mp4 file. If you are concerned it is malware, just play it in a disposable qube.
Looks like you answered your own question on why Qubes, Whonix, and Kicksecure, are not your cup of tea.
