Hello there,
Prior to writing this email, I have consulted the Qubes Documentation,
as well as the relevant documentation for installing any software on the
appropriate website. I am currently seeking to install Zoom and Atom to
my Fedora TemplateVM. I am required to use certain closed sourced apps
for Uni (I am an aspiring cybersecurity student). I also consulted
relevant faculty in my department, as well as my school's Cybersecurity
club. Only one person in the club has ever "played around" with Qubes.
Nobody knows about this OS, not even the PHD candidate with multiple
years of European INFOSEC/CYBERSEC experience in field. In fact, he was
made aware of the existence of Qubes because of my inquiry. So you guys
are all I got on this. I hope you guys can help out. I've digressed
enough, on with it.
System: Insurgo PrivacyBeast X230 laptop, Qubes certified Level 1 hardware.
Previous Linux experience: Ubuntu, TAILS
Command line proficiency: Minimal but comfortable enough i.e. I'll need
to have a list of terminal commands up for fedora or debian, but I can
manage it with the references.
Threat Model: Nonexistent today, as I am a student, however I am taking
the time I am in school to learn best practices in field. I will act as
if my threat model includes a Nation State OPFOR, and proof myself
against that, over the years. What better way to harden your system and
daily security practices then to assume the worst theoretical outcome?
That's my philosophy on it
Problem 1: Without inadvertently risking ANY potential breaches to Dom0,
or compromising the TemplateVM, how do I install software via the
terminal safely. I am aware I can simply enable networking to the
templateVM but I am unsure if that is the wisest practice. Easy come,
easy go.
Problem 2: I need to run closed sourced apps on this templateVM, or at
least the AppVM I've segregated to handle all schoolwork and emails. As
a security precaution, I've switched all "trusted" appvm's to run the
debianVM, including vaults, because my assumption is that if its closed
source, its backdoored by default.
What are the best practices to use when tackling the above problems?
Additionally: Do I need to wipe everything if I made the mistake of
connecting the dom0 Microphone directly to a website, in the hopes of
getting video conferencing done? I made the mistake of doing it on
Wyzant, briefly. Is that a fuckup worthy of a clean sweep, since I'm
practicing being extra careful to begin with?
Thank you for your time, and I look forward to your replies.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/cfa9e498-9319-c221-be4b-21fe0aed36ff%40posteo.net.
