qubes os r2 tutorial
play

Qubes OS R2 Tutorial INVISIBLE THINGS LAB LINUXCON EUROPE, OCT - PowerPoint PPT Presentation

Aug 30, 2022 •383 likes •1.18k views

Qubes OS R2 Tutorial INVISIBLE THINGS LAB LINUXCON EUROPE, OCT 2014, V1.0-RC1 2 Agenda Part 1 (for Users) Part 2 (for Power Users & Devs) Basics (Trusted Desktop, AppVMs, Qubes Inter-VM services (qrexec, policies) TemplateVMs)

  1. Qubes OS R2 Tutorial INVISIBLE THINGS LAB LINUXCON EUROPE, OCT 2014, V1.0-RC1

  2. 2 Agenda Part 1 (for Users) Part 2 (for Power Users & Devs)  Basics (Trusted Desktop, AppVMs,  Qubes Inter-VM services (qrexec, policies) TemplateVMs)  Hello World Qubes qrexec App  Networking (NetVMs, ProxyVMs, Firewalling,  Qubes Builder (Build your own Qubes, TorVM) contribute patches, components)  Storage (Block devices handling, UsbVM)  Porting Window Managers (e.g. Awsome)  Disposable VMs (Unique features,  New templates (e.g. Debian-based) customizations)  Quick look at Qubes R3 changes  Qubes Apps (qrexec basics, Split GPG, PDF convert)  Windows AppVMs (installation, templates) Qubes OS Practical Intro by Invisible Things Lab, 2014

  3. 3 Qubes OS Basics Qubes OS Practical Intro by Invisible Things Lab, 2014

  4. 4 Architecture USB Qubes OS Practical Intro by Invisible Things Lab, 2014

  5. 5 Qubes as multi-domain system  Domains represent areas, e.g.  personal, work, banking  work-web, work-project-XYZ, work-accounting  personal-very-private, personal-health  No 1-1 mapping between apps and VMs!  If anything, then user tasks-oriented sandboxing, not app-oriented  E.g. few benefits from sandboxing: The Web Browser, or The PDF Reader  It’s data we want protect, not apps/system! Qubes OS Practical Intro by Invisible Things Lab, 2014

  6. 6 Trusted Desktop  Apps windows “extracted” from VMs and composed onto common desktop  Clear indications to which VM a given window belongs Qubes OS Practical Intro by Invisible Things Lab, 2014

  7. 7 Trusted Desktop Decorations Domain/app provided Domain name window title (untrusted, sanitized) (unspoofable) Domain color (unspoofable) Qubes OS Practical Intro by Invisible Things Lab, 2014

  8. 8 Trusted Desktop Desktop (wallpaper) managed by Dom0 WM “Start Menu” managed by Dom0 WM Qubes OS Practical Intro by Invisible Things Lab, 2014

  9. 9 Trusted Desktop (Apps launcher) Qubes OS Practical Intro by Invisible Things Lab, 2014

  10. 10 Secure clipboard Challenge: copy clipboard from VM “Alice” to VM “Bob”, don’t let VM “Mallory” to learn  its content in the meantime Solved by introducing Qubes “global clipboard” to/from which copy/paste is explicitly  controlled by the user (Ctrl-Shift-C, Ctrl-Shift-V) Requires 4 stages:  Ctrl-C (in the source VM)  Ctrl-Shift-C (tells Qubes: copy this VM buffer into global clipboard)  Ctrl-Shift-V (in the destination VM: tells Qubes: make global clipboard available to this VM)  Ctrl-V (in the destination VM)  Ctrl-Shift-C/V cannot be injected by VMs (unspoofable key combo).  In practice almost as fast as traditional 2-stage copy- paste (don’t freak out! ;)  Qubes OS Practical Intro by Invisible Things Lab, 2014

  11. 11 Types of VMs in Qubes According to role According to implementation  AppVMs (user apps and files run here)  PV (default) ^ HVM (e.g. Windows)  ServiceVMs (mostly invisible to the  Template-based ^ Standalone user)  Persistent ^ Disposable  NetVMs  ProxyVMs (e.g. FirewallVM, TorVM, VPN)  Dom0 (admin domain)  GUI domain (in R3)  Templates Qubes OS Practical Intro by Invisible Things Lab, 2014

  12. 12 AppVMs  Linux-based Para Virtualized  Most Desktop Environment stripped off, custom startup.  Quick boot, small memory footprint  Based on a template (Fedora 20 default, but Debian & Arch also avail.)  This means rootfs is non persistent by default!  Separate volume (virtual disk) for user home (/rw)  Disposable VMs  Like AppVMs, but without private volume (non persistent home dir)  Optimized to boot up even faster (restored from snapshot instead of boot) Qubes OS Practical Intro by Invisible Things Lab, 2014

  13. 13 TemplateVMs  Started only for software upgrade/installation or global config mods  By default limited networking only to apt/yum updates proxy  Trusted – a compromised template can compromise all “children”  Non-persistence of rootfs  as reliability feature  as security feature Qubes OS Practical Intro by Invisible Things Lab, 2014

  14. 14 Rootfs non-persistence as security feature?  AppVM’s rootfs gets automatically reverted back to “golden image” on each restart...  No malware persistence on root fs!  ... but malware can still place its triggers in /home (generally /rw):  .bashrc  Thunderbird/Firefox/etc profile directory (e.g. subvert plugins)  Malicious PDF/DOC/etc (exploiting hypothetical bug in default handler app)  Malicious fs meta (exploiting hypothetical bug in kernel fs module) Qubes OS Practical Intro by Invisible Things Lab, 2014

  15. 15 Rootfs non-persistence as security feature? (cont.)  ... still has some unique security advantages though:  Malware inactive before /rw mounted/parsed, offers chances to scan reliably  Yet problem for malware scanning generally hard in general  But might be easier for limited scenarios (e.g. easy for .bashrc, difficult for TB profile)  Malware triggers via malicious docs or malformed fs will automatically stop working after template patched  Note how this malware in AppVMs cannot interfere with reliability of template patching Qubes OS Practical Intro by Invisible Things Lab, 2014

  16. 16 Where are the VM files? /var/lib/qubes appvms/my-appvm/   appvms/ private.img   servicevms/ volatile.img   vm-templates/ my-appvm.conf (autogen!)   vm-kernels/ vm-templates/fedora-20-x64/   root.img  root-cow.img  private.img (template’s home)   volatile.img fedora-20-x64.conf (autogen!)  Qubes OS Practical Intro by Invisible Things Lab, 2014

  17. 17 HVM AppVMs (e.g. Windows-based) Qubes OS Practical Intro by Invisible Things Lab, 2014

  18. 18 AppVMs configuration  /rw/config  /rw/config/rc.local  /rw/config/qubes-firewall-user-script  https://wiki.qubes-os.org/wiki/UserDoc/ConfigFiles  qvm-service  Tells VM’s scripts which ( systemd ) services should/shouldn’t be started  Note: qvm-service will not warn you about service name spelling errors  https://wiki.qubes-os.org/wiki/Dom0Tools/QvmService Qubes OS Practical Intro by Invisible Things Lab, 2014

  19. 19 Networking in Qubes OS Qubes OS Practical Intro by Invisible Things Lab, 2014

  20. 20 Default networking topology Qubes OS Practical Intro by Invisible Things Lab, 2014

  21. 21 The whole networking stacks is sandboxed... Qubes OS Practical Intro by Invisible Things Lab, 2014

  22. 22 Type of VMs (networking-wise) NetVMs  Have NICs or USB modems assigned via PCI-passthrough  Provide networking to other VMs (run Xen Net Backends )  AppVMs  Have no physical networking devices assigned  Consume networking provided by other VMs (run Xen Net Frontends )  Some AppVMs might not use networking (i.e. be network-disconnected)  ProxyVMs  Behave as AppVMs to other NetVMs (or ProxyVMs), i.e. consume networking  Behave as NetVMs to other AppVMs (or ProxyVMs), i.e. provide networking  Functions: firewalling, VPN, Tor’ing , monitoring, proxying, etc.  Dom0  has no network interfaces!  Qubes OS Practical Intro by Invisible Things Lab, 2014

  23. 23 Example of more complex networking configuration... Qubes OS Practical Intro by Invisible Things Lab, 2014

  24. 24 FirewallVM: special role of any ProxyVM  Any proxy VM becomes firewall VM for the AppVMs (or other ProxyVMs) directly connected to it  Scripts running in each of the ProxyVM look at the global firewalling config provided by Dom0 (via XenStore) and use it to configure iptables rules for its direct children  The role of the FirewallVM is not to prevent data leaks!  Sadly too many cooperative covert channels for this to be meaningful  They are to prevent user mistakes, config mistakes, and accidental leaks only Qubes OS Practical Intro by Invisible Things Lab, 2014

  25. 25 Networking config inside VMs  Interfaces  Firewall  NAT Qubes OS Practical Intro by Invisible Things Lab, 2014

  26. 26 Customizing networking routings  Allow networking between two AppVMs  Allow port forwarding to an AppVM from outside world  See:  https://wiki.qubes-os.org/wiki/QubesFirewall Qubes OS Practical Intro by Invisible Things Lab, 2014

  27. 27 Qubes TorVM  Easy setup  qvm-create -p torvm  qvm-service torvm -d qubes-netwatcher  qvm-service torvm -d qubes-firewall  qvm-service torvm -e qubes-tor  In TorVM (or its template):  sudo yum install qubes-tor-repo  sudo yum install qubes-tor  Configure AppVMs to use it as proxy:  qvm-pres – s myanonvm netvm torvm Qubes OS Practical Intro by Invisible Things Lab, 2014

  28. 28 TorVM configuration example Qubes OS Practical Intro by Invisible Things Lab, 2014

  29. 29 Digression on using TorVM in Qubes OS  TorVM cannot (obviously) anonymize anything beyond IP/MAC  Use e.g. TBB or Whonix workstation in/as clients of TorVM  DispVMs as TorVM clients  Set DispVM’s netvm to none, manually change to torvm (or set torvm for all DispVMs)  Note the volatile.img is backed to disk! (no anti-forensics yet)  Potential leaks through:  qvm-open-in-dvm ...  Set default netvm to none, manually change to torvm (or set torvm for all DispVMs)  adjust qrexec policy to prevent that (qubes.OpenInVM, qubes.VMShell) Qubes OS Practical Intro by Invisible Things Lab, 2014

Recommend

Q UBES OS Joanna Rutkowska Invisible Things Lab Qubes OS A reasonably secure desktop OS

Q UBES OS Joanna Rutkowska Invisible Things Lab Qubes OS A reasonably secure desktop OS

Q UBES OS Joanna Rutkowska Invisible Things Lab Qubes OS A reasonably secure desktop OS Security by Compartmentalization Qubes != Hypervisor/VMM (Qubes is a user of a VMM, presently Xen) Qubes != Linux Distro W HY ? Because we

798 views • 37 slides
Qubes OS Towards Secure & Trustworthy Personal Computing Joanna Rutkowska Invisible Things

Qubes OS Towards Secure & Trustworthy Personal Computing Joanna Rutkowska Invisible Things

Qubes OS Towards Secure & Trustworthy Personal Computing Joanna Rutkowska Invisible Things Lab and Qubes OS Project Qubes OS A reasonably secure OS for personal computers (currently: laptops & desktops) Security by Compartmentalization

1.16k views • 43 slides
A GAMS TUTORIAL A GAMS TUTORIAL A GAMS TUTORIAL WHAT IS GAMS ? General Algebraic Modeling

A GAMS TUTORIAL A GAMS TUTORIAL A GAMS TUTORIAL WHAT IS GAMS ? General Algebraic Modeling

A GAMS TUTORIAL A GAMS TUTORIAL A GAMS TUTORIAL WHAT IS GAMS ? General Algebraic Modeling System Modeling linear, nonlinear and mixed integer optimization problems Useful with large, complex problems A GAMS TUTORIAL A GAMS TUTORIAL

274 views • 24 slides
This tutorial is part of an upcoming publication on knifemaking. Please visit

This tutorial is part of an upcoming publication on knifemaking. Please visit

This tutorial teaches you how to make a narrow tang knife. ABS Matersmith, Kevin Harvey, created both the knife and the tutorial to promote the 2019 Non -guild Members Competition of the Knifemakers Guild of Southern Africa. This tutorial

2.01k views • 151 slides
Comp 1402 Winter 2008 Tutorial #1 Tutorial 1 The objectives of this tutorial will be:

Comp 1402 Winter 2008 Tutorial #1 Tutorial 1 The objectives of this tutorial will be:

Comp 1402 Winter 2008 Tutorial #1 Tutorial 1 The objectives of this tutorial will be: Create and access your Linux account. Become familiar with the Linux terminal. Become familiar with the vi text editor. Compile a

264 views • 8 slides
Excel Tutorial 1 Getting Started with Excel Tutorial 2 Formatting a Workbook Tutorial 3

Excel Tutorial 1 Getting Started with Excel Tutorial 2 Formatting a Workbook Tutorial 3

Excel Tutorial 1 Getting Started with Excel Tutorial 2 Formatting a Workbook Tutorial 3 Working with Formulas and Functions COMPREHENSIVE Excel Tutorial 1 Getting Started with Excel COMPREHENSIVE Objectives XP XP Understand

1.18k views • 81 slides
UPPAAL Tutorial UPPAAL Tutorial UPPAAL Tutorial Introduction Introduction Alexandre David

UPPAAL Tutorial UPPAAL Tutorial UPPAAL Tutorial Introduction Introduction Alexandre David

UPPAAL Tutorial UPPAAL Tutorial UPPAAL Tutorial Introduction Introduction Alexandre David Paul Pettersson RTSS05 Collaborators @UPPsala @AALborg Wang Yi Kim G Larsen Paul Pettersson Gerd Behrman John Hkansson

926 views • 36 slides
Tutorial 1: Overview of CS 136 1 CS 136 Spring 2020 Tutorial 1 Course Personnel

Tutorial 1: Overview of CS 136 1 CS 136 Spring 2020 Tutorial 1 Course Personnel

Tutorial 1: Overview of CS 136 1 CS 136 Spring 2020 Tutorial 1 Course Personnel Instructors: Adrian Reetz, John Akinyemi Course Coordinator: Scott King (Full-Time) Instructional Support Assistants (ISA)s: Jack Bai, Jiayi Wang

284 views • 26 slides
Do Fifty- Two Motivation Overview of the Language

Do Fifty- Two Motivation Overview of the Language

Do Fifty- Two Motivation Overview of the Language Tutorial Tutorial Tutorial Tutorial Tutorial Tutorial //A Sample Program configure numberOfPlayers: 2 configure

568 views • 34 slides
PROGRAMMING TUTORIAL Thierry Lepley, April 4 th 2016 TUTORIAL GOAL Intermediate Tutorial for

PROGRAMMING TUTORIAL Thierry Lepley, April 4 th 2016 TUTORIAL GOAL Intermediate Tutorial for

April 4-7, 2016 | Silicon Valley PROGRAMMING TUTORIAL Thierry Lepley, April 4 th 2016 TUTORIAL GOAL Intermediate Tutorial for Developers Understand philosophy of the API Understand main features of the API Start developing with VisionWorks

1.52k views • 92 slides
Tutorial Files for this tutorial can be downloaded from:

Tutorial Files for this tutorial can be downloaded from:

Cadence First Encounter Tutorial Files for this tutorial can be downloaded from: www.cs.wright.edu/~emmert/tutorials/enc_files.tar.gz Dr. J M Emmert Configuration File This file contains information used to setup your

560 views • 18 slides
UCL Tutorial on: Deep Belief Nets (An updated and extended version of my 2007 NIPS tutorial)

UCL Tutorial on: Deep Belief Nets (An updated and extended version of my 2007 NIPS tutorial)

UCL Tutorial on: Deep Belief Nets (An updated and extended version of my 2007 NIPS tutorial) Geoffrey Hinton Canadian Institute for Advanced Research & Department of Computer Science University of Toronto Schedule for the Tutorial

1.66k views • 126 slides
Tutorial: TF-Ranking for sparse features Tutorial: TF-Ranking for sparse features This tutorial

Tutorial: TF-Ranking for sparse features Tutorial: TF-Ranking for sparse features This tutorial

Tutorial: TF-Ranking for sparse features Tutorial: TF-Ranking for sparse features This tutorial is an end-to-end walkthrough of training a TensorFlow Ranking (TF-Ranking) neural network model which incorporates sparse textual features.

257 views • 24 slides
Coin Branch and Cut A tutorial J ohn Forrest J uly 18 2006 Outline of Cbc tutorial

Coin Branch and Cut A tutorial J ohn Forrest J uly 18 2006 Outline of Cbc tutorial

Coin Branch and Cut A tutorial J ohn Forrest J uly 18 2006 Outline of Cbc tutorial Background Some concepts Stand- alone solver and AMPL interface Example C+ + code Less structured part: Q & A More examples Future -

892 views • 35 slides
Coin LP A tutorial J ohn Forrest J uly 17 2006 Outline of Clp tutorial Background Some

Coin LP A tutorial J ohn Forrest J uly 17 2006 Outline of Clp tutorial Background Some

Coin LP A tutorial J ohn Forrest J uly 17 2006 Outline of Clp tutorial Background Some concepts Example C+ + code Stand- alone solver Less structured part: Q & A More examples Future - What can I do for you? What

467 views • 33 slides
Tutorial Description Tutorial Description Introduction to XML With your HTML knowledge, you have

Tutorial Description Tutorial Description Introduction to XML With your HTML knowledge, you have

Tutorial Description Tutorial Description Introduction to XML With your HTML knowledge, you have a solid foundation for working with markup languages. However, unlike HTML, XML is more flexible, Bebo White allowing for custom tag creation.

1.27k views • 92 slides
TUTORIAL Recording a Presentation to Zoom Cloud In this tutorial, you are going to learn how to

TUTORIAL Recording a Presentation to Zoom Cloud In this tutorial, you are going to learn how to

Department of Information Technology TUTORIAL Recording a Presentation to Zoom Cloud In this tutorial, you are going to learn how to record a lecture presentation with live auto-captioning without having students on your session if so desired.

387 views • 6 slides
Tutorial Tutorial A2 is out, its called Inpainting Tutorial Tutorial A2 is out, its called

Tutorial Tutorial A2 is out, its called Inpainting Tutorial Tutorial A2 is out, its called

Tutorial Tutorial A2 is out, its called Inpainting Tutorial Tutorial A2 is out, its called Inpainting Tutorial Tutorial A2 is out, its called Inpainting How do you think this can be done? Due to popular demand, theres no new GUI to

400 views • 25 slides
TUTORIAL SERVICES If you have the will to succeed, we have the way. . . Schedule an appointment

TUTORIAL SERVICES If you have the will to succeed, we have the way. . . Schedule an appointment

MORENO VALLEY COLLEGE TUTORIAL SERVICES If you have the will to succeed, we have the way. . . Schedule an appointment with a tutor today! WHAT IS TUTORIAL SERVICES? Tutorial Services provides a supportive learning environment to all MVC

336 views • 16 slides
Tutorial: Intro to Java Getting started. 1 CS 349 - Java tutorial Background Designed by

Tutorial: Intro to Java Getting started. 1 CS 349 - Java tutorial Background Designed by

Tutorial: Intro to Java Getting started. 1 CS 349 - Java tutorial Background Designed by James Gosling Released by Sun Microsystems in 1995. Originally a proprietary license, but made open source under GNU GPL in 2007. Sun and

289 views • 14 slides
ICANN Tutorial Tutorial Agenda Who am I ? History 5-7 years ago Current day

ICANN Tutorial Tutorial Agenda Who am I ? History 5-7 years ago Current day

Changes in the expiry process ICANN Tutorial Tutorial Agenda Who am I ? History 5-7 years ago Current day practices How it effects: RGP UDRP Transfers Registrar Silos Privacy Services Renewal practices

248 views • 22 slides
Analytic Hierarchy Process (AHP) Tutorial This tutorial presents a (fabricated) working example to

Analytic Hierarchy Process (AHP) Tutorial This tutorial presents a (fabricated) working example to

Analytic Hierarchy Process (AHP) Tutorial This tutorial presents a (fabricated) working example to reinforce an understanding of the AHP prioritization technique. Situation Description: We are analysts at Blodgers Communications . We are

653 views • 3 slides
PowerPoint Tutorial 1 Creating a Presentation Tutorial 2 Applying and Modifying Text and

PowerPoint Tutorial 1 Creating a Presentation Tutorial 2 Applying and Modifying Text and

PowerPoint Tutorial 1 Creating a Presentation Tutorial 2 Applying and Modifying Text and Graphic Objects Tutorial 3 Adding Special Effects to a Presentation COMPREHENSIVE PowerPoint Tutorial 1 Creating a Presentation COMPREHENSIVE

830 views • 59 slides
CS 525M Mobile and Ubiquitous Computing Tutorial 1: Introduction by Bucky Roberts (thenewboston)

CS 525M Mobile and Ubiquitous Computing Tutorial 1: Introduction by Bucky Roberts (thenewboston)

CS 525M Mobile and Ubiquitous Computing Tutorial 1: Introduction by Bucky Roberts (thenewboston) Emmanuel Agu Tutorial 1: Introduction Updated from his previous tutorial, covers app development using Android Studio Tutorial 1: Introduction

570 views • 8 slides

More recommend