***Due to advantages of using host live mode when conduct amnestic sensitive acitivities :
1-Any risks booting kicksecure usb from computer with encrypted qubes on internal hdd that will never be mounted externaly
2- Per docs disposable are suitable alternative to Live mode and Host live mode, but
Compared to **** its not yet amnestic .
Missing benefit of read-only option (VM live mode) when accessing removale media?
Is it possible to achieve *** on Qubes to reduce HW devices even live mode not supported.
This is up to Qubes. Not Whonix or Kicksecure.
No code by Whonix or Kicksecure can help users to achive live mode with Qubes.
It needs development on Qubes side. Here are the Qubes tickets.
opened 04:37PM - 01 Jun 15 UTC
T: enhancement
C: installer
release notes
P: default
A version of the installer image that can be easily run from (R/O) USB or DVD.
opened 11:17AM - 18 Apr 19 UTC
T: enhancement
help wanted
C: other
privacy
P: default
https://github.com/Kicksecure/grub-live [0] is a tiny, simple package with a few… dependencies (available from packages.debian.org) that can be installed on Debian [1] hosts which adds a live boot menu entry, which means, the operating system gets booted non-persistently. All changes go to RAM instead of disk.
It might not be perfectly amnesic as per [1], [2] but it might be a huge step towards amnesic Qubes?
Not tested for anti-forensics yet but should be doable to test. [4]
Could grub-live be ported to Qubes? Am I overlooking something?
//cc @Algernon-01 (original author of grub-live)
* [0] https://forums.whonix.org/t/whonix-live-mode/3894/121
* [1] And likely Debian based and other grub based distributions.
* [2] https://github.com/QubesOS/qubes-issues/issues/1562
* [3] https://github.com/QubesOS/qubes-issues/issues/1563
* [4] https://www.whonix.org/wiki/Dev/Technical_Introduction#Forensics
So no, I don’t think this is possible with Qubes for users at time of writing.
See also:
As a rule of thumb:
Everything that happens “inside” the virtual machines is Qubes-Whonix and belongs into this sub forum.
Everything that happens “outside” the virtual machine is Qubes and the Qubes help should be consulted.
Some examples:
EFI → Qubes support
Errors by by Qubes VM Manager (QVMM) → Qubes support
libvirtError → Qubes support
Issues that also apply to Debian based VMs. → Qubes support
error: Failed to save domain whonix-ws-dvm to /var/lib/qubes/appvms/whonix-ws-dvm/dvm-savef…
How about disposables. Are they in same level as host live mode + read only, e.g. to mount encrypted media in vault disposable
Seems you have overseen the question 1 .
However
I thought user could create a normal fedora VM to start live mode
Does that make any difference?
ufe113223:
How about disposables.
Not an anti-amnesic feature. → Mentioned here: Qubes/Disposables, chapter Warnings
Not in Qubes.
grub-live - boot an existing Host OS or VM into Live Mode
Porting needs a developer. → Not for users.
Usb host live mode seems superior to qubes disposables with internal devices disconnected, isn’t
Kicksecure (USB) host live mode (with other data mediums disconnected) indeed has better amnesic capabilities than Qubes Disposables.
Bit difficult to unscrew the laptop every time to remove internal HDD .
I see since 2019 nothing happen from Qubes side to support live mode.
I don’t think they will do
.## Anonymity Operating System Comparison - Whonix vs Tails vs Tor Browser Bundle
as i understand Qubes-whonix is amnestic except disposables?