Qubes is garbage

[prollyanotherlurker]

the chinky jeet malware and slav ransomware starts looking not so bad.

No. Even with that. Google is worse to me. Also it's not like google isn't filled with trannies too.

 

[raidforumgod124]

Qubes is good for security, but not for privacy

ive been saying this but everyone loves qubes because of privacyslop youtubers.......

 

[StolenWindows]

ive been saying this but everyone loves qubes because of privacyslop youtubers.......

Wait, you're from RF? RIP. I remember that website before it got cancel culture'd by the feds. I liked their MyBB fork. Wish the source code were open.

 

[YautjaWeeb]

Nobody has been able to convincingly explain to me why I should not have a VPN ahead of TOR that didn't give me the same uncomfortable feeling I got listening to Pirate Software explain that a VPN has no value as a security tool. (though for that I had the words to explain to myself he was retarded)

If its not the paranoia that your VPN provider could "see what you are doing" on TOR, they can at the least help correlate you if asked and it turns out they have logs. Many ifs.

The VPN + TOR arguments are usually philosophical and purity related. On the TOR only side no one wants to admit that at least 50% of entry and exits are theoretically controlled by the 14 eyes countries and their governments whenever they want to.

Public library solves a lot of this just don't get involved in any public disputes.

 

[Creative Username]

Think open source android is about to hit the dustbin. Graphene and many of these projects involve 'non-gender conforming people' who have honorable mention here.

i would honestly take troonware over jeetware any day of the week
freedesktop trannies might be really annoying, but dear god do they make a good graphics driver

Nobody has been able to convincingly explain to me why I should not have a VPN ahead of TOR that didn't give me the same uncomfortable feeling I got listening to Pirate Software explain that a VPN has no value as a security tool. (though for that I had the words to explain to myself he was retarded)

personally i think it doesn't really matter that much

No. Even with that. Google is worse to me. Also it's not like google isn't filled with trannies too.

at the very least, tranny software isn't proven to always be 100% malicious 100% of the time like google jeetware is

The VPN + TOR arguments are usually philosophical and purity related.

my best argument for tor only is that it's a bit faster than vpn+tor, and doesn't involve paying money (a decidedly non-private activity)
my best argument for tor+vpn is "why not add another layer to the onion i'm ONIONING THE FUCK OUT, 7 PROXIES BITCH"
there are tons of very theoretical spergouts here, and i think it really doesn't matter that much in the end (as long as you're smarter than the guy who is using one of those 100% free no wirus supar private vpn apps)

 

[prollyanotherlurker]

at the very least, tranny software isn't proven to always be 100% malicious 100% of the time like google jeetware is

I'm just saying people are missing an important fact with google software. It's not just jeetware, and it's not just trannyware. It's both, and glowware on top.

 

[Creative Username]

I'm just saying people are missing an important fact with google software. It's not just jeetware, and it's not just trannyware. It's both, and glowware on top.

of course we all know the people who non-jokingly say troonware le bad because of troons are paid proprietary software shills. nobody in real life would actually be this stupid, right? right? ...right?

 

[prollyanotherlurker]

of course we all know the people who non-jokingly say troonware le bad because of troons are paid proprietary software shills. nobody in real life would actually be this stupid, right? right? ...right?

Idk. All I do know. Is i care more about he software, than if it was made by a troon.

Since if you are using google, and Microsoft, your software was also written by troons, and jeets anyway. Because the whole software industry is filled with troons, and jeets. It's not like using proprietary software is super duper based, written by chud software. If anything, you would be more likely to find that from some small open source project written by some weirdo from 4chan or something.

So I have a hard time actually believing people that say shit like that being serious. They either have to be shills, or they are trolling. Or the third possibility, is they're retarded, and they've never thought about the fact that you are still using software written by trannies either way. Take your pick on which they are.

Either way the correct option, is just use software that's good. Instead of software made to make you the product that is sold. The only correction option is picking something based on it's merit.

Spoiler: fuck google.

Like google has centered is billion (maybe trillion, idk what their current net worth is) dollar corporation around doing with all of it's software. And creating a duopoly with phones where you either have a choice of apple or them. And if you pick them you are stuck with a privacy nightmare, advertisement machine, that's constantly collecting your data and selling it. Apple, probably the same, they work with google too, so it's not like you are really escaping it if you choose them.

 

[Creative Username]

So I have a hard time actually believing people that say shit like that being serious. They either have to be shills, or they are trolling. Or the third possibility, is they're retarded, and they've never thought about the fact that you are still using software written by trannies either way. Take your pick on which they are.

it's like those american rightoids who say [insert totalitarian shithole] is super based because they don't have niggers on their cereal boxes or whatever or american leftoids who think [insert communist hellhole] is super based because the rightoids said they were cringe once (even if the shithole/hellhole in question is full of backwards religious fuckwits that execute you for calling their prophet gay, or slavery is a decent chunk of the national economy, or there is universal surveillance that makes google look kind of quaint, or some other ghastly shit that would make dystopia writers shit themselves)

like yeah you think one alternative is a bit unsavory so you go over to fucking satan himself over there and sign his contract because "at least he isn't a heccin troon lmao"
then you immediately get sent to the alegria art room of hell, where demons turn you unnatural colors and twist your sausage-like limbs into unnatural shapes for all eternity, and you can't even scream because your mouth is permanently stuck in a gay little smile

 

[atomizer]

late as shit but I'm gonna sperg out about this anyway, because nearly every take in this thread is hot garbage. responding to OP first.

1.) Only GNU w/ kernel hardening and Guix are any good. Qubes is good for security, but not for privacy (since everything runs in isolated VMs, such as work, banking, browsing and development with each getting its own domain, which makes it prone to metadata leaks). Arch is just a woke version of Gentoo. Manjaro is just trash that wants to be Windows.

...how in the actual fuck do isolated and disposable VMs (if you have the need to use qubes then realistically you should be using disposable VMs) make someone more susceptible to metadata leaks? that is literally the entire reason for their existence, virtualization allows users to compartment their system and, without erroneous modification, guests cannot communicate with each other or even the host system in such a way that could compromise privacy (again, this is contingent on the user not making any retarded decisions and the hypervisor they use being maintained by competent people). VMs are essential tools in high-security environments like the military.

2.) And even while it might be more compartmentalized than, say, GNU, however BIOS/UEFI is completely independent of Qubes OS. Qubes cannot protect or harden the BIOS directly, since it operates below the OS level. So if an attacker gains access to the BIOS, they can still modify the boot process, potentially bypassing Qubes entirely (for example, loading a rootkit or altering boot configurations). Contrast this with GNU, which uses Coreboot as a FOSS replacement for BIOS and UEFI.

yes, of course qubes cannot harden the bios, that is not the job of an operating system, literally no OS can do that. if you need firmware security then use heads + qubes. also if you think IME/PSP are actual security risks worth worrying about then you are naive, an attacker would need physical access to your machine to take advantage of them, which is a non-issue for a good percent of threat models; there are no examples whatsoever of them being exploited remotely. coreboot is great but it's not the security breakthrough people treat it as, if your system is physically compromised then you are fucked regardless, that's why i just use the default firmware on my mobo because the alternatives don't make practical sense.

3). Is not compatible with RISC-V/POWER9 architecture anyways.

literally who

---

instead of doubleposting im just gonna keep editing this for now, connecting to a VPN before tor is always superior, do not listen to retards like mental outlaw who simply regurgitate dogma from boomers who refuse to learn new tricks or how the underlying technology they are making claims about actually works. reasons why include:

1. arguments as to whether VPNs log are speculative, however your ISP logging is a certainty. when you connect to a VPN before tor you are shifting trust to the VPN provider, yes, but if you forego this step then you are choosing to trust your ISP instead.

2. tor users can be deanonymized using end-to-end correlation attacks, in very early blogs tor devs confirm this, and there's a variety of ways these attacks can work. could be that multiple law enforcement agencies are spinning up nodes or simply forcing node providers to keep/hand over connection logs, could be an exchange-level attack where they exploit vulnerabilities in BGP routing in order to adopt a privileged position that eases correlation, could be SIGINT that monitors exit nodes and is combined with dragnet surveillance (any IP in their country that connects to tor) to make inferences about who connected to which guard node or exit node, how much data was transmitted and for how long the connection was established.

VPNs do not solve these fundamental issues with tor but when configured properly, they make deanonymization extremely difficult even for the most advanced adversaries. one very important caveat is that you should always use multihop, ive written enough already but connecting to one server and then tor isn't enough nowadays to fully prevent correlation, if someone wants me to elaborate then i will.