Qubes Attachments not available for Debian, Whonix templates

[mfc]

Qubes Attachments addon for Thunderbird does not seem to be in the Mozilla add-on store, making it difficult for users to have same Qubes functionality if they are using Icedove in Debian or Whonix templates.

[marmarek]

It should be available as qubes-thunderbird debian package - just
install it with apt-get. Do you think it is still better to also
submit it to Mozilla add-on store?

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[marmarek]

It should be available as qubes-thunderbird debian package - just
install it with apt-get. Do you think it is still better to also
submit it to Mozilla add-on store?

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[mfc]

ah awesome! That should probably be installed by default in Debian & Whonix templates? Not sure how a user will find it otherwise.

If it is installed by default I don't think you need it in the Mozilla add-on store (as folks without Qubes will be able to view/install it and be confused, and you don't want to maintain an additional "thing" somewhere). If it cannot be installed by default in the templates then it should be in the add-on store so that users can find it.

[mfc]

ah awesome! That should probably be installed by default in Debian & Whonix templates? Not sure how a user will find it otherwise.

If it is installed by default I don't think you need it in the Mozilla add-on store (as folks without Qubes will be able to view/install it and be confused, and you don't want to maintain an additional "thing" somewhere). If it cannot be installed by default in the templates then it should be in the add-on store so that users can find it.

[marmarek]

@adrelanos, any objections against having it by default in Whonix
templates?

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[marmarek]

@adrelanos, any objections against having it by default in Whonix
templates?

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[adrelanos]

Would be nice to have both qubes-thunderbird and qubes-gpg-split installed by default. [Whonix-Workstation only. Probably no point in installing that on Whonix-Gateway.]

In the current development version of Whonix-Workstation 12, icedove (Thunderbird), enigmail and xul-ext-torbirdy are installed by default.

@adrelanos, any objections against having it by default in Whonix templates?

I don't know yet. Probably none we could not fix. Maybe you can tell.

Are qubes-thunderbird and qubes-gpg-split tested/compatible with enigmail and xul-ext-torbirdy yet?

If the answer is yes, then nothing speaks against installing qubes-thunderbird and qubes-gpg-split by default. Also if we would require some additional settings or manual documentation in meanwhile would probably not be a blocker.

[adrelanos]

Would be nice to have both qubes-thunderbird and qubes-gpg-split installed by default. [Whonix-Workstation only. Probably no point in installing that on Whonix-Gateway.]

In the current development version of Whonix-Workstation 12, icedove (Thunderbird), enigmail and xul-ext-torbirdy are installed by default.

@adrelanos, any objections against having it by default in Whonix templates?

I don't know yet. Probably none we could not fix. Maybe you can tell.

Are qubes-thunderbird and qubes-gpg-split tested/compatible with enigmail and xul-ext-torbirdy yet?

If the answer is yes, then nothing speaks against installing qubes-thunderbird and qubes-gpg-split by default. Also if we would require some additional settings or manual documentation in meanwhile would probably not be a blocker.

[marmarek]

There is an incompatibility between qubes-gpg-split and torbirdy[1]. Not
sure about xul-ext-torbirdy. Anyway qubes-gpg-split needs to be manually
enabled in thunderbird configuration, just installing the package isn't
enough, so nothing would be broken by default.

Regarding qubes-thunderbird and enigmail the answer is yes. Don't
know about torbirdy (and qubes-thunderbird), but I can't think of
any possible problem, because it does totally different thing.

[1] https://trac.torproject.org/projects/tor/ticket/14025

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[marmarek]

There is an incompatibility between qubes-gpg-split and torbirdy[1]. Not
sure about xul-ext-torbirdy. Anyway qubes-gpg-split needs to be manually
enabled in thunderbird configuration, just installing the package isn't
enough, so nothing would be broken by default.

Regarding qubes-thunderbird and enigmail the answer is yes. Don't
know about torbirdy (and qubes-thunderbird), but I can't think of
any possible problem, because it does totally different thing.

[1] https://trac.torproject.org/projects/tor/ticket/14025

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[adrelanos]

Got both, qubes-gpg-split and qubes-thunderbird to work in the development version of Whonix. [including AppArmor for all of that] [required to constantly remove the offending torbirdy keyserver extra gpg options ^[1]]

On installing it by default:

• qubes-gpg-split: Probably no reasons against having this installed by default. Users who go through the lengths of jumping through the hoops of gpg, and let alone through https://www.qubes-os.org/doc/UserDoc/SplitGpg/ can probably be viewed as advanced and be clever enough to use an offline VM for their qubes-gpg-server VM. (To avoid leaks.) [Nevertheless, gpg and splitgpg is too difficult to set up for mortals.]
• qubes-thunderbird:
  • While I personally like this add-on a lot, I think it should not be installed by default at this point.
  • The Send to VM feature is probably okay, must probably be left to the user's personal responsibility, brain.exe 2.0, not shooting its own feet.
  • When using the Open in DispVM feature, I think the user should somehow be prevented/warned/confirmed to open it in a network-enabled VM. To prevent IP leaks. Or as an non-ideal alternative, the DispVM should inherit the ProxyVM setting [Whonix-Gateway]. It depends also on the outcome of #1118.

Thoughts?

[adrelanos]

Got both, qubes-gpg-split and qubes-thunderbird to work in the development version of Whonix. [including AppArmor for all of that] [required to constantly remove the offending torbirdy keyserver extra gpg options ^[1]]

On installing it by default:

• qubes-gpg-split: Probably no reasons against having this installed by default. Users who go through the lengths of jumping through the hoops of gpg, and let alone through https://www.qubes-os.org/doc/UserDoc/SplitGpg/ can probably be viewed as advanced and be clever enough to use an offline VM for their qubes-gpg-server VM. (To avoid leaks.) [Nevertheless, gpg and splitgpg is too difficult to set up for mortals.]
• qubes-thunderbird:
  • While I personally like this add-on a lot, I think it should not be installed by default at this point.
  • The Send to VM feature is probably okay, must probably be left to the user's personal responsibility, brain.exe 2.0, not shooting its own feet.
  • When using the Open in DispVM feature, I think the user should somehow be prevented/warned/confirmed to open it in a network-enabled VM. To prevent IP leaks. Or as an non-ideal alternative, the DispVM should inherit the ProxyVM setting [Whonix-Gateway]. It depends also on the outcome of #1118.

Thoughts?

[marmarek]

On Wed, Aug 26, 2015 at 03:46:30PM -0700, Patrick Schleizer wrote:

• When using the Open in DispVM feature, I think the user should somehow be prevented/warned/confirmed to open it in a network-enabled VM. To prevent IP leaks. Or as an non-ideal alternative, the DispVM should inherit the ProxyVM setting [Whonix-Gateway]. It depends also on the outcome of #1118.

The ProxyVM setting is already inherited (since #862), so no problem
here. And when decide to have offline DispVMs by default, it would be
even less sensitive.

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[marmarek]

On Wed, Aug 26, 2015 at 03:46:30PM -0700, Patrick Schleizer wrote:

• When using the Open in DispVM feature, I think the user should somehow be prevented/warned/confirmed to open it in a network-enabled VM. To prevent IP leaks. Or as an non-ideal alternative, the DispVM should inherit the ProxyVM setting [Whonix-Gateway]. It depends also on the outcome of #1118.

The ProxyVM setting is already inherited (since #862), so no problem
here. And when decide to have offline DispVMs by default, it would be
even less sensitive.

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[adrelanos]

Great! I make sure those are installed in Whonix 12 by default.

[adrelanos]

Great! I make sure those are installed in Whonix 12 by default.

[adrelanos]

Great! I make sure those are installed in Whonix 12 by default.

Done:

• Whonix/qubes-whonix@4c26397
• Whonix/Whonix@78a8888

---

Remaining TODO of this ticket:

• make sure qubes-thunderbird and qubes-gpg-split are installed by default in the Debian templates

Those are already listed in packages_qubes_standard.list. Why those do not get installed? Maybe it broke in marmarek/qubes-builder-debian@0dcceca, @nrgaway?

[adrelanos]

Great! I make sure those are installed in Whonix 12 by default.

Done:

• Whonix/qubes-whonix@4c26397
• Whonix/Whonix@78a8888

---

Remaining TODO of this ticket:

• make sure qubes-thunderbird and qubes-gpg-split are installed by default in the Debian templates

Those are already listed in packages_qubes_standard.list. Why those do not get installed? Maybe it broke in marmarek/qubes-builder-debian@0dcceca, @nrgaway?

[marmarek]

Or maybe I've forgotten to use "standard" flavor when building the templates... Is it required to do (add "+standard"), or should be done automatically when no other flavor used? @nrgaway

[marmarek]

Or maybe I've forgotten to use "standard" flavor when building the templates... Is it required to do (add "+standard"), or should be done automatically when no other flavor used? @nrgaway

[marmarek]

It's there when enabled "+standard" flavor.

[marmarek]

It's there when enabled "+standard" flavor.