RAM is perfectly sufficient for full simultaneous functionality of all qubes on this X230 Thinkpad which also satisfies all the green check marks for HSI (hardware security). Latest Libreboot BIOS and no Intel ME.

• encrypted messaging apps (Pidgin, signal-cli, Hexchat)

• dvm veilid-server.service qube (network support)

• sys qubes for networking like VPN, Yggdrasil, and DNS (TLS resolv and odoh.cloudflare)

• lock LUKS with a Nitro USB A security key

• dvm of Brave and Librewolf (in firejail) when tor is not an option

• fully ephemeral Whonix WS dvm qube

• Debian template upgrade to Kicksecure and enable apparmor service on all Debian

• Vault (no networking) has LibreOffice and Keepass with a keyfile inside a FIPS security key

Pretty sweet.

Veilid is a recently developed networking paradigm that holds considerable promise for the future of autonomous and free activity on the internet. As someone just starting to think about it and try to implement the technology, what I think is most intriguing about the project is that applications are peer to peer, so that, instead of volunteers of nodes on the tor network, each person on the Veilid network with an app is hosting the computation locally on their device. Then people aren't having to rent from AWS and the like if they don't have their own servers. In other words, there is more primary local control over your contribution to the network. Of course there is more to it, but that seems to be the most innovative aspect of the project. Really cool design!

My question is: do they have a plan for EW? It is described as a "mobile first" network and most cellular phones appear to be more resistant to EMI attacks than others, which is perfect.

Anybody want to talk about Veilid?

Large-Scale Adversaries https://casa.rub.de/en/

https://forums.kicksecure.com/t/ram-encryption-confidential-cloud/635

https://forums.kicksecure.com/t/live-kicksecure-host-live-whonix-vm/779

Kernel killers

Drone swarm of native symbols that appear similar to a fireworks show - Olympia,WA https://squaxinisland.org/

https://lemmy.world/pictrs/image/59db9192-9e53-4709-9f35-19c89293ac15.jpeg

Arti (Rust memory hardened code) https://lemmy.world/post/17930434 Keystroke Deanonymization https://lemmy.world/post/17672429

A few decades and exciting new worlds to explore, sensorially indistinguishable from IRL? https://lemmy.world/pictrs/image/e5e3626b-d8bf-4d71-9867-90d3b23e33ee.jpeg

Certain computing platforms like smart phones are more resilient when it comes to EMI/EMC (harmful electromagnetic interference) than others. Defense computers, for example, are designed to meet specifications like TEMPEST and MIL-STD-461. Although "Qubes Air" or cloud Qubes which could run on a cellular platform has been proposed, more development is required. Defense computers like Roda or GRiD can be found on eBay and from government surplus but the models do not have sufficient CPU power (core2duo in the instances I have seen which is close to Pentium and not nearly the i5 / i7 Intels required). There are also EMI shielding sprays with silver particles that might be applied to consumer laptops as another alternative to explore. Other than that, does anyone have ideas about creating an EMI fortified platform prototype that would be compatible with Qubes?

https://www.roda-computer.com/technology/mil-std-standards/

https://www.griduk.com/

https://forum.qubes-os.org/t/qubes-air-qubes-in-the-cloud/921

https://mgchemicals.com/products/conductive-paint/conductive-spray-paint/emi-shielding/

note the Polish names https://invisiblethingslab.com/ "Low level" i.e. BIOS, EC, firmware

Qubes Certified with latest 12th gen Intel i5/i7 CPUs https://novacustom.com/product/nv41-series/ (laptop) https://shop.3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/ (desktop) [RAM greater than or equal to 16GB required. VM sys qubes can be configured for lighter memory use. 32 GB of RAM is what these systems ship with and you wouldn't need to tailor qube utilization. But, really, the i5/i7 CPU is the most important part for Qubes compatibility.]

Polish Firmware Companies https://3mdeb.com/ https://www.dasharo.com/

Hardened Grub in Libreboot https://libreboot.org/docs/linux/grub_hardening.html

See Mate Kukri at upcoming Open Source Firmware Conference about TPM compromise.

https://libreboot.org/docs/install/spi.html Ready to get out your pi and external programmer? https://en.m.wikipedia.org/wiki/CryptoParty

mount issue

password defaults unchangeable

experiments with filtered DNS, ODOH, TLS, opportunistic/strict, etc

tried TAILS with Snapdragon or RISC-V (Framework) or other non-Intel processors?

fixed 6.4