Qubes is garbage

[Kosher Dill]

if your use case deals with US state level threat actors then I would not take the advice of random retards on kiwi farms anyway

Speaking of, I wonder what happened to that guy here who was writing his own secure messaging software because he was related to authentic Islamic terrorists and the glowies kept shutting down all his family's comms.
If he's dead now, don't use his software.

Can anyone find the original thread? I searched a bunch but couldn't find it. I remember he was talking about how he would have secret addresses where you had to "mine" for the last bits.

 

[BulletproofArchive]

You can run coreboot with Qubes OS. You can even order a laptop with Qubes OS pre-installed, using coreboot and with IME disabled. However, there are several issues you didn’t mention. For example, there is no officially supported true deniable setup. Even if you use disposable Qubes, you can’t ensure there’s no evidence of your activity. A better option might be Tails OS or another live-mode OS, especially when used with public Wi-Fi.

Regarding metadata issues with Qubes, I agree there’s no built-in way to hide from your ISP that you’re using Qubes OS. However, you could set up a Whonix gateway before the sys-firewall. Alternatively, you could self-host your own VPN, use anti-DPI tools, and add network obfuscation like Noisy.

I do give the Qubes team credit for allowing a thread discussing the possibility that Qubes is a honeypot (link). I suspect that, rather than being a full honeypot, Qubes might be monitored, or there may be effective exploits that Western states have access to or at least the willingness and funding to develop when they have a target known to use it.





Qubes is a "security" OS, not an anonymity/amnesiac OS.

Just because you use Qubes doesn’t mean you’re secure. For example, IntelBroker used Qubes for a while, but he got tracked by using the same VPN with his personal YouTube account and sharing a video in the BreachForums shoutbox. The feds correlated the IP with the video, then linked it to his real Coinbase account, which he used to cash out his Bitcoin. The feds even honey-potted him when he sold a database. You can’t make this stuff up. So, while I don’t think the feds need Qubes to be a honeypot, it’s not out of the question.

 

[lizardwizard]

3). Is not compatible with RISC-V/POWER9 architecture anyways.

who the hell uses power9 aside from feds?

 

[StolenWindows]

who the hell uses power9 aside from feds?

POWER9 is FOSS and was designed with IBM supercomputers in mind. Are you retarded?

 

[lizardwizard]

POWER9 is FOSS and was designed with IBM supercomputers in mind. Are you retarded?

PowerPC is a meme architecture thats been dead and irrelevant for years. The fact you brought it up in any serious capacity outs you as a crayon munching porch monkey

 

[StolenWindows]

PowerPC is a meme architecture thats been dead and irrelevant for years. The fact you brought it up in any serious capacity outs you as a crayon munching porch monkey

PPC =/= POWER9.

Same family, but still different. You have POWER8, POWER9, PPC, etc.

 

[lizardwizard]

PPC =/= POWER9.

Same family, but still different. You have POWER8, POWER9, PPC, etc.

Doesnt matter, still retarded and irrelevant. Unless youre suggesting users go out and buy a talos workstation

 

[Creative Username]

The powers that be love people like the OP here. Any normal person reading this will think anyone who gives a crap about privacy is some schizophrenic retard completely disconnected from reality. Normal people don't want to be associated with that, so they spite OP by gladly continuing life as nigger cattle.

Deriding people who don't use a 10 year old ThinkPad with custom BIOS, neutered Intel ME and kernel nobody has heard of will not encourage anybody to ditch Gmail, OneDrive or their iPhone.

and that's why smart schizos like to discourage proprietary glownigger pajeetware lunacy while not calling you a retard if you unfortunately are forced to use it
always avoid malware when possible, mildly push against it whenever you get a good chance, and maybe one day we'll all have the equivalent of librebooted thinkpads with a neutered me

many normies are actually vaguely aware that they live in a surveillance state that makes 1984 look quite good, but they also like convenience, so you can actually do them a favor by doing something simple like walking them through installing an adblocker or something
i think introducing them to freedom by telling them how they should flash spi chips on their motherboard is the worst way to do so
a good strategy is just gradual usage of more good shit over time
you start out with simple things like ad blockers and a few cool free software tools and maybe some stuff like libreoffice or krita
then maybe eventually, you say "hey install this 'kubuntu' shit it's like windows but it doesn't add confusing new shit every update and will make your pc [normies love using outdated budget laptops from 9 years ago] run way faster" and they're like "you know, that sounds like it's worth the trouble"
then they escape a good 70% of the glow and a good taste of freedom while also not having to do anything significantly out of their depth
maybe eventually they evolve into true schizos that run librebooted thinkpads and regularly contribute to yt-dlp out of their sheer hatred for google, but they certainly don't have to!

 

[YautjaWeeb]

Regarding metadata issues with Qubes, I agree there’s no built-in way to hide from your ISP that you’re using Qubes OS. However, you could set up a Whonix gateway before the sys-firewall. Alternatively, you could self-host your own VPN, use anti-DPI tools, and add network obfuscation like Noisy.

On a default install in Qubes your whonix will auto connect to TOR so while your ISP won't know your using Qubes, they will immediately know you are a dark web enjoyer just from you testing Qubes on a first run. Many in the space say that's no big deal, but I don't think people realize how few use TOR and it may not be a great idea to signal your passion for it if you don't have to.

 

[Smaug's Smokey Hole 2]

I wrote a long post and was ready to reply until I re-read the thread title. This is not about Quebec.

 

[Creative Username]

On a default install in Qubes your whonix will auto connect to TOR so while your ISP won't know your using Qubes, they will immediately know you are a dark web enjoyer just from you testing Qubes on a first run. Many in the space say that's no big deal, but I don't think people realize how few use TOR and it may not be a great idea to signal your passion for it if you don't have to.

iirc at least a few million people use it, which is a fairly decent anonymity set
and your isp only knowing you're using tor is better than them knowing which system distribution you use and probably 3,000 other things

also the more people use tor, the better, so you should use it
unless of course you are schizophrenic enough to always use bridges no matter which country you are in (based!) in which case carry on

 

[prollyanotherlurker]

The argument seems to be bouncing back and forth between security and anonymity here, which is annoying because the thread topic looked like it was about security.

Ignoring all the schizoing by this guy Qubes has always seemed a pretty heavyweight security OS solution honestly. Anyone who's wanted by the FBI really shouldn't be daily driving one or another OS anyway, and also I've always felt like its counterintuitive for a guy like Snowden to reveal what he's actually primarily using but that guy has always felt like a open secret in terms of being a "wanted criminal" (he could also be lying, maybe he just runs Wubuntu in Russia ).

Security and Privacy (and anonymity) are kind of at odds with one another. If you truly want one you're probably giving up the other in some way, and if your use case deals with US state level threat actors then I would not take the advice of random retards on kiwi farms anyway. There's never going to be a 100% secure hardware solution unless you fabricate every component yourself up to and including the software stack.

A perfect example. Is the graphene os people will often recommend using googles stuff over less jeet stinking, adware-ridden options for security reasons. But they are as bad as it get's for privacy (well unless meta made an app store or something).

until you try emerging the kernel or firefox lmao

Building the kernel takes like 20 minutes if you configure it for your system. And if you aren't changing the configuration, there's no point to build the kernel yourself.

 

[lizardwizard]

Building the kernel takes like 20 minutes if you configure it for your system. And if you aren't changing the configuration, there's no point to build the kernel yourself.

shaved down kernel will compile fast, sure. But that doesnt change the fact that firefox and its forks will still take forever to compile.

 

[prollyanotherlurker]

shaved down kernel will compile fast, sure. But that doesnt change the fact that firefox and its forks will still take forever to compile.

emerge firefox-bin

 

[lizardwizard]

emerge firefox-bin

congrats, now you have a billion random garbage dependencies pulled in.

 

[Fishnumm]

quebec is garbage too

 

[YautjaWeeb]

unless of course you are schizophrenic enough to always use bridges no matter which country you are in (based!) in which case carry on

Bridges just too slow at this point. And if you're skitzo enough to insist upon bridges, then you are skitzo enough to realize those bridges aren't necessarily going to all be run by frens.

 

[CryoRevival #SJ-112]

On a default install in Qubes your whonix will auto connect to TOR so while your ISP won't know your using Qubes, they will immediately know you are a dark web enjoyer just from you testing Qubes on a first run. Many in the space say that's no big deal, but I don't think people realize how few use TOR and it may not be a great idea to signal your passion for it if you don't have to.

Lets be real, if they are using qubes, they are, at minimum, using a router level vpn tunnel already.
Source: I know a real life Qubes user. He says he likes it for the compartmentalization peace of mind.

 

[YautjaWeeb]

A perfect example. Is the graphene os people will often recommend using googles stuff over less jeet stinking, adware-ridden options for security reasons. But they are as bad as it get's for privacy (well unless meta made an app store or something).

Think open source android is about to hit the dustbin. Graphene and many of these projects involve 'non-gender conforming people' who have honorable mention here. So beetween their ideological disdain for you, google and its desire to hoover every piece of information it can laying in bed with letter agencies and overseen by incresasingly totalitarian politicians - the chinky jeet malware and slav ransomware starts looking not so bad.

Lets be real, if they are using qubes, they are, at minimum, using a router level vpn tunnel already.

IDK the soys have historically melted down over the idea of using a VPN ahead of TOR if thats what you mean. I've seen a few self-described travellers you wouldn't expect recommending double-socking your VPN connection ahead of connecting to TOR just to visit dread. Both sides of the arguement glow.

Source: I know a real life Qubes user. He says he likes it for the compartmentalization peace of mind.

Worth it for that, for sure.

 

[CryoRevival #SJ-112]

IDK the soys have historically melted down over the idea of using a VPN ahead of TOR if thats what you mean. I've seen a few self-described travellers you wouldn't expect recommending double-socking your VPN connection ahead of connecting to TOR just to visit dread. Both sides of the arguement glow

Nobody has been able to convincingly explain to me why I should not have a VPN ahead of TOR that didn't give me the same uncomfortable feeling I got listening to Pirate Software explain that a VPN has no value as a security tool. (though for that I had the words to explain to myself he was retarded)