Install Telegram Messenger on a Qubes Fedora VM

Launch a terminal for the desired TemplateVM then enable the RPM Fusion repositories:
sudo bash dnf config-manager --set-enabled rpmfusion-free rpmfusion-nonfree dnf upgrade --refresh
Now install telegram-desktop
dnf install telegram-desktop

It should be noted that if you enable RPM Fusion repos and use KDE packages the version of Qt or KDE provided by Fusion will likely break virtually every KDE package except konsole and updating Qt amicably will eject Telegram. For this reason you should consider duplicating your Fedora TemplateVM before installing Telegram or using the RPM Fusion repos in general.

Updating Qubes Post-Installation

This is a brief checklist of operations to conduct after a fresh installation of Qubes. Full documentation is available at https://www.qubes-os.org/doc/updating-qubes-os/.

After configuring your network first update the dom0:
sudo qubes-dom0-update

Next, update your TemplateVMs: Qubes Menu > System Tools > Qubes Update.

The Qubes Update utility doesn't always work the first time for me. If you find it hangs and produces no details launch the TemplateVMs individually and from the command line run:
dnf update
for Fedora and
apt-get update
for Debian.

Now reboot to effect any kernel updates and load the updated dom0 environment.

Install critical software that you will definitely need to your TemplateVMs. Things like:

  • screen
  • sshfs
  • nmap
  • links/lynx
  • nano
  • whois
  • bind-utils (fedora) dnsutils (debian)

Next, duplicate the default fedora and debian TemplateVMs and update your personal, work etc AppVMs to rely on the copies. Since system Qubes like sys-net and usb rely on the default fedora TemplateVM you may regret making changes directly to it when setting up your regular working AppVMs.

Software I like to install into my duplicated TemplateVMs includes:

Enable USB Keyboard for Qubes dom0

Full documentation is available at https://www.qubes-os.org/doc/usb-qubes/. You should read the Security Warning about USB Input Devices before doing this.

To enable a USB keyboard for dom0 (making it available to all VMs) modify /etc/qubes-rpc/policy/qubes.InputKeyboard on dom0 to reflect:
#sys-usb dom0 allow,user=root sys-usb dom0 ask,default_target=dom0 $anyvm $anyvm deny

You will then be prompted to grant USB keyboards access any time they are connected. To also allow USB keyboards to enter the LUKS and login passwords please refer to the official documentation.

Comparing proc and ps Process Counts

Some rootkits and malicious versions of ps will hide processes from stdout but leave /proc alone. You can compare the number of processes ps reports to the number of processes being tracked inside /proc to help determine if your ps is lying to you. Note that a race condition exists here, it is possible on a server with lots of new processes being spawned naturally that the number reported will change between the execution of the two commands so it may be necessary to run this script multiple times to get a clear picture. Since speed is essential it is important to run them together in a script rather than individually.

#!/bin/bash ls /proc | grep "^[0-9]" | wc -l ps aux | wc -l

A New NATO Phonetic Alphabet to Make Voice Calls Fun Again

If you're like me you spend a lot of time on the phone with people who are challenged with aural disabilities (customer service reps, level 1 tech support, etc.). To bring a little joy to the experience I have painstakingly developed a new NATO Phonetic Alphabet you can use to brighten everyone's day.

A as in Asshole
B as in Bitch
C as in Cunt
D as in Dick
E as in Ecstasy
F as in Fuck
G as in Gabapentin
H as in Heroin
I as in Injection
J as in Junk
K as in Ketamine
L as in Lick
M as in Molly
N as in Naloxone
O as in Orgasm
P as in Penis
Q as in Quaalude
R as in Rohypnol
S as in Sex
T as in Tramadol
U as in Urine
V as in Vagina
W as in Watersports
X as in Xanax
Y as in Yiff
Z as in Zoloft

You're welcome.