[kwlug-disc] Fw: Help wanted for installing Qubes

Mark Steffen mark at steffen.ca
Thu Jul 16 10:29:09 EDT 2020 

I haven't yet installed Qubes but you can get similar functionality by 
installing any Linux VM and then creating sub-VMs to do all your actual 
"work" in.  Qubes' raison d'etre is mostly about segmenting your online 
activities to contain a compromise, so a VM for banking/super sensitive 
stuff, a VM that you do your social media stuff in, etc.

If you want to try an 'easy' solution and stick with Windows (a bad 
thing to advocate on this list, but in the interest of helping) and 
download the free Comodo Antivirus software.  Most antiviruses use a 
signature database (a big list of hashes of known bad software) as well 
as behavioural/heuristic analysis. Comodo takes a more "application 
whitelisting" type approach, they maintain not just a list of known bad 
software, but a list of known good software.  Anything bad gets 
quarantined as you would expect from an antivirus, anything good runs as 
usual, anything unknown (not on either "list") runs in a 
virtualized/container environment (you'll see a green halo around any 
windows in containment) not unlike the open source Sandboxie app 
(another alternative if you want to stick with Windows).

Anyway, anything that runs in containment is cut off from Internet and 
is analyzed for behavior with Viruscope (another component of Comodo 
AV).  Any writes that are done by the software in containment aren't 
reflected in the "real" filesystem, however the software running in 
containment isn't aware that it is running in a sandbox (a lot of modern 
malware has anti-sandbox routines so that they behave when they are 
detonated in email sandbox appliances, etc. - usually they look for 
vmtools or just the signs of a "clean" environment) - with Comodo's 
containment the software "sees" what looks like a normal well used 
system with lots of processes running and will most likely exhibit it's 
nasty behavior if it is malware.

TLDR; you don't need to use Qubes if you want to take a simpler 
approach; for Windows check out Comodo Antivirus or Sandboxie. For 
Linux, you can just create a standard Linux install then use KVM/QEMU to 
run virtual machines and segregate your 'tasks' into those VMs.

Maybe Qubes could be an upcoming Linux users group topic?  I could try 
installing it if I have a chance and demo it if anyone is interested.  
Maybe we could do a Jitsi Linux users group virtual meeting sometime?

Mark Steffen
Mobile/SMS/Signal/Telegram +1 226 600 0464
__

On 7/15/20 11:13 PM, Paul Nijjar via kwlug-disc wrote:
> Is anybody willing to help Sammie out? Let me know and I can make
> introductions.
>
> - Paul
>
> ----- Forwarded message from KWLUG - Kitchener-Waterloo Linux User Group <website-admins at kwlug.org> -----
>
>
> ... Message
>
> Hi  there
> I've recently taken interest in Linux OS due to the constant attacks &
> security breaches I've had on my windows laptop.
> I'm most interested in installing Qubes OS on my laptop however it seems
> quite advanced.
> I'm wondering if there's anyone in your group I can hire to help me to
> install the OS on my laptop.
> Please let me know
> Thanks
> Sammie
>
>
> ----- End forwarded message -----
>

More information about the kwlug-disc mailing list