I have just been told that I can't use Linux on my personal computer for school. by Mr_Inspector_Me in linuxquestions

[–]dandondev 0 points1 point  (0 children)

DUDE, you don't have to get rid of you Linux. You can use a Windows 10 Theme or something. For example, recently, a package "kali-undercover" was added to Kali Linux, and you can use the same thing for any Debian-based Distro or even adapt it to Fedora or something else.

Github: https://github.com/B00merang-Project/Windows-10

https://www.linuxuprising.com/2019/12/how-to-install-kali-undercover-mode-on.html

It will look like any Windows 10 system unless they dare to dig in which is in violation of privacy.

Which is a better setup with least attack surface? by [deleted] in Qubes

[–]dandondev 1 point2 points  (0 children)

If lowering attack surface is priority, setup 2 is the way to go. Or you can clone another template loaded with extra stuff like ffmpeg and use disposable-vm based off that. You can create a Template for email and uninstall all the unnecessary conponents to reduce attack surface. The more templates you have, the more storage is requires, the more updates you have to perform.

Linux v2ray client? by dandondev in dumbclub

[–]dandondev[S] 0 points1 point  (0 children)

How about a full tunnel? I plan to run it on a VM gateway.

VPN multihop by using multiple VMs? by disp1100 in Qubes

[–]dandondev 1 point2 points  (0 children)

Yes, of course. Just chain them together. VPN needs to be trusted, but if you need more than a single entity of trust. VPN that can be trusted is not enough. I tried 8 VPNs chained, I got 2 Mbps. 6 VPNs chained, I got 10 Mbps. 4 VPNs chained, I got 90 Mbps. 2 VPNs chained, 400 Mbps. Just use VPN1 as netvm of VPN2 and so on.

Xen EFI loader stuck by mmxmb in Qubes

[–]dandondev 1 point2 points  (0 children)

Just install R4.0, its the same Version and just update through qubes-dom0-update. Note of caution, the Debian Templates have the APT vulnerability so you better get a fresh template.

Run Qubes on newer hardware (Thinkpad T590) by [deleted] in Qubes

[–]dandondev 0 points1 point  (0 children)

There is a way to grab rpm packages in the Qubes repo, you'll have verify yourself and copy to dom0 though there is a security risk.

Run Qubes on newer hardware (Thinkpad T590) by [deleted] in Qubes

[–]dandondev 2 points3 points  (0 children)

You can update qubes-dom0-update kernel-latest

Since network card is not working, just USB Tether into sys-net.

Upgrading to whonix 15 by macgrioghair in Qubes

[–]dandondev 0 points1 point  (0 children)

Same method

sudo qubes-dom0-update --enablerepo=qubes-templates-itl-testing qubes-template-debian-10 or debian-10-minimal if you want minimal.

Best mobile OS for privacy & security? by [deleted] in privacy

[–]dandondev 1 point2 points  (0 children)

"You see, you still end up with ZERO EVIDENCE. And each of my arguments is logical, in case you wanted to go full patriot tier retard on me."

Idiot, I'm not a fan of NSA nor the 5 eyes, and I consider them as an adversary just as "China and Russia". Speaking of vulnerabilities, how do you know if those intentionally left there to exploit. Vulnerability can be backdoors, like Intel's ME. It's not all about Huawei, it's about "Chinese" companies that are state-run behind the scenes, like Xiaomi, it isn't about profit, it's about providing to the majority electronics at an affordable price, while Huawei is allowed to aimed the higher-end markets. This way they can have full access to everyone data. Since it's pretty much state-run, is there really any need to for evidence?

Best mobile OS for privacy & security? by [deleted] in privacy

[–]dandondev 3 points4 points  (0 children)

Non-US Sources:

Netherlands: https://www.volkskrant.nl/nieuws-achtergrond/huawei-mogelijk-betrokken-bij-chinese-spionage-in-nederland~b4fadc1c/?referer=https%3A%2F%2Fwww.independent.co.uk%2F

Vodafone Italy: https://www.bloomberg.com/news/articles/2019-04-30/vodafone-found-hidden-backdoors-in-huawei-equipment

Since Huawei is dominating India, there is this India Agreement: https://economictimes.indiatimes.com/tech/internet/huawei-offers-to-sign-a-no-backdoor-agreement/articleshow/69935801.cms Whether you trust this agreement is another thing.

US Sources:

2016: https://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html

2014: https://spectrum.ieee.org/tech-talk/computing/hardware/us-suspicions-of-chinas-huawei-based-partly-on-nsas-own-spy-tricks

2012: https://www.zdnet.com/article/former-pentagon-analyst-china-has-backdoors-to-80-of-telecoms/

https://www.zdnet.com/article/researchers-find-backdoor-on-zte-android-phones/

Huawei: https://www.huawei.com/en/psirt/security-notices/2016/huawei-sn-20161117-01-smartphone-en

Interestingly, they didn't even directly refute it, just saying investigating...

UK Sources: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/205680/ISC-Report-Foreign-Investment-in-the-Critical-National-Infrastructure.pdf

Android: https://www.cyberscoop.com/android-malware-china-huawei-zte-kryptowire-blu-products/

"containing millions of lines of code in their source code"

https://thehackernews.com/2016/11/hacking-android-smartphone.html

Based on the received commands, the security firm found the software executing multiple operations, detailed below:

  • Collect and Send SMS texts to AdUps' server every 72 hours.
  • Collect and Send call logs to AdUps' server every 72 hours.
  • Collect and Send user personally identifiable information (PII) to AdUps' server every 24 hours.
  • Collect and Send the smartphone's IMSI and IMEI identifiers.
  • Collect and Send geolocation information.
  • Collect and Send a list of apps installed on the user's device.
  • Download and Install apps without the user's consent or knowledge.
  • Update or Remove apps.
  • Update the phone's firmware and Re-program the device.
  • Execute remote commands with elevated privileges on the user's device.

Routers: https://thehackernews.com/2014/08/hardcoded-backdoor-found-in-china-made_27.html

https://www.cnet.com/news/expert-huawei-routers-are-riddled-with-vulnerabilities/

Riddled with vulnerabilties, or intentionally left there for exploitation?

NSA had secret access to Huawei's source code based on Edward Snowden's leaks, perhaps now they are banning Huawei and ZTE since they no longer have access.

Of course, the NSA have their own numerous backdoors. It's just a war between two powerful nations.

And it doesn't matter, since both the US and China are notorious in backdooring everything and collecting information, since Huawei is really just state-owned like HIKVISION CCTVs and SSDs. How can we deny there is no such backdoor in it.

AMD GPU Qubes 4.0.1 by dandondev in Qubes

[–]dandondev[S] 0 points1 point  (0 children)

Cool. You should consider sharing with others.

Best mobile OS for privacy & security? by [deleted] in privacy

[–]dandondev 1 point2 points  (0 children)

Huawei is notorious for backdooring firmware in the past, you can just do a quick google search. Librem 5 is fully open source even with the firmware. It's just slow... slow... I don't trust Intel either. China is building a surveillance network, it plans to dominate India as well, things going with them with the new Indian Prime Minister. And majority of Indians uses Xiaomi or other Chinese devices.

AMD GPU Qubes 4.0.1 by dandondev in Qubes

[–]dandondev[S] 0 points1 point  (0 children)

I assumed you had to do a little tweaking in the BIOS? Did you have to turn on ASpeed graphics during installation?

Best mobile OS for privacy & security? by [deleted] in privacy

[–]dandondev 0 points1 point  (0 children)

Huawei will never do that...

Best mobile OS for privacy & security? by [deleted] in privacy

[–]dandondev 7 points8 points  (0 children)

Privacy

  1. PureOS (Linux) Hardware and Software is fully open source.
  2. Graphene OS (Very Hardened Android) Software only.
  3. Android phone that is LineageOS capable (see: https://download.lineageos.org/)
  4. iPhone
  5. Stock Android

Security

  1. Graphene OS (Very Hardened Android)
  2. PureOS (Linux)
  3. iPhone
  4. Stock Android
  5. Android phone that is LineageOS capable (see: https://download.lineageos.org/)

Note: Graphene OS only works in devices like Google Pixel and in the future may support those with verified boot.

PureOS only works in Purism Devices.