New "general admin, security & privacy" category?

I’d like to float an idea I had a couple of times in the last weeks: an
“off-topic” kind of subcategory to “general discussion”.

Sometimes interesting discussions start of being Qubes relevant but then
branch of into areas that might be considered off-topic. There are
different approaches to this, like when @deeplow introduced

With a normal mailing list, that’s how you have to handle these
situations, otherwise the quality of the list will suffer. However, this
is a forum with categories and even when using it in mailing list mode,
one is able to mute a category away (like I have done with the Chinese
and Spanish categories).

So we have the technical ability to indulge in off-topic discussions
that started out of our community without spamming everybody who might
not be interested or annoyed by them. A forum user as well as a mailing
list user can simply mute that category … maybe it can even start out
as “muted by default” so one has to explicitly opt into it.

Why? … because I am very interested in what some people here have to
say about OpSec, IDS, privacy or just plain old Linux config, scripting
whatever. Things that might have very little Qubes specific content, but
nevertheless are things of high interest to a majority of Qubes users by


I quite like this idea in theory. The communities may intersect quite well and that may lead to a lot of useful exchanges.

However, I must give my 2 cents from the moderator perspective. As a moderator, I’m not willing to moderate such a category.

As a moderator I do two main things:

  • Cleanup

    • Title fixing - to make them actually reflect concretely the problem the user is having (such that others with the same one find it easily)

    • Category fixing - sometimes people put the post in the wrong category, so I fix that.

    • Restating the problem - sometimes people write convoluted posts and that makes it really hard for others to help. In those cases, I try to get people to restate their problem in the form of a simple question, for exampel

    • Off-topic - directing people to stay on-topic or create a separate discussion. Sometimes when I don’t get there on time, I need to then select off-topic posts and move them onto a new topic

    • Spam - I’d say we have about ~90% of misflagged posts, so I have to manually approve that. Additionally, when possible I try to notify users affect that the bot misflagged their post so they are not in the dark.

    • mark solutions - when a solution is found and nobody has flagged I usually try to mark the right one (involves actually reading)

  • Code of Conduct enforcement
    Enforcing the code of conduct, means that I need to be up to speed on basically every discussion. Or in the very least, keep an eye to see if things escalate and intervene.

I enjoy a lot of the moderation work I do, but it is quite a bit of effort, as you can see. But when discussions go wild (even in Qubes-specific stuff) that’s what takes my energies off. Having such a broad category opens the forum up not only to genuinely interested Qubes users who want to share their interests and techniques about privacy and security but also to outsiders who are just interested in sharing FOMO and are generally really misinformed (see

My point being that for that category, it’s opening a possible can of worms which (as a moderator) will require a lot of unrewarding moderation effort. I don’t know how other moderators would feel about that, but as the most active one, I can say that that’s not very desirable.

I think we should instead focus here on Qubes discussions and direct people to more general communities like when such topics are of their interest.

Some other lessons from history:

1 Like

Other forums solve this problem in the following way: they create a closed category which is only available to registered users. In this category people can discuss anything they want, but it won’t attract too many observers. One can call it “Roud Table” as Purism forums did.

Welcome to the Round Table! This forum category is intended for certain types of topics that are either non-technical, highly subjective, or otherwise don’t fit well within other existing categories. This might also include general discussions about operations, philosophy, business, etc. Heated discussions may sometimes occur with strong opinions, but remember to keep it civil and constructive. Assume people mean well, are doing what they can, and that insights and information may take time to emerge.

I agree with @deeplow.
IMHO, a lot of other forums allow people to discuss about these topics.

Qubes compartmentalization is one VM for one usage… My point of view is one forum for one main topic.

Please, stay focused on Qubes topics.


I had begun drafting a reply to this when it first showed up, but refrained because I was unsure about whether and how to address it. @deeplow captures some of the sentiments I share about this proposal, though. While I too would love to read the thoughts that people here have about those subjects, since the Qubes-specific audience here probably would give much different responses to them than might those at /r/privacy or even PrivacyTools or Whonix, opening the space for that type of discussion must be handled with care. Continuing from my draft:

Even if an off-topic category is introduced, it will probably need restrictions on acceptable content. The subjects you mentioned are appropriate, but what about politics? Baseball? Casual chatting?

Those may be easy, but what about the politics of privacy and security technologies like Qubes OS, such as legislation under consideration by governments like the United States that have serious implications for the future of privacy and security, such as the EARN IT Act or (historically) SOPA and PIPA? Or the inside baseball of such legislation and surrounding political considerations? Or the internal politics of related projects, such as PrivacyTools, Whonix, Red Hat, or even Debian and Linux? To what extent is casual conversation even permissible, or are off-topic discussions expected to be serious as well, such as this productive and serious but largely off-topic discussion?

My point is that off-topic sections of a forum or community never stop being experimental. It is hell to moderate (I can vouch for this) and the normal rules always seem to be suspended. Eventually, off-topic sections either become graveyards and garbage dumps where other sections offload their unwanted topics; or they become rowdy halfway houses where forum veterans and timid newbies go to die under the sheer weight of everyone else. Eventually, they tend to grow into being the largest and most active parts of any forum and it takes strong community discipline to prevent any of this from happening.

That does not mean that off-topic zones are bad; they are often some of the most fun parts of a forum, and can sometimes be what keeps the rest of it alive—that is, when they aren’t the tumor that’s killing it. This is especially true when it is well-implemented, restrained, and given its own community-specific flavor (the off-topic section of a security technologies forum is going to be much different from the off-topic section of a sailboat forum).

The best advice I can give as someone with experience in these matters, including with off-topic sections of forums from long before Discourse existed, is that any creation of an off-topic section needs to come with it some pretty strong (or at least clear) rules on just what is permitted and what is not, and that includes what topics are permitted or prohibited. Without that, there is actually no legal case for moderator actions, which just makes it easy to characterize them as arbitrary and abusing their power; and there is no way to contain the very section whose purpose is as a containment section.

It also takes community discipline and a collective effort to cultivate a productive, relevant off-topic section that does not just serve as a petty time sink localized to this forum. That means its members need to take care with how they use the off-topic section, not just in its topics but also its activity level and atmosphere, much like how members of a community might be especially gentle and considerate when visiting the community garden or park. Because really, that is what the off-topic section is—or should be—to the skyscraper sections around them, where almost everyone is otherwise working diligently inside.

So, if there is to be an off-topic section, it should probably be limited in what constitutes an acceptably off-topic discussion. Otherwise, keeping this forum Qubes-only (maybe with some leniency toward occasional off-topic discussion) may be for the best. After all, other forums already exist for many of the off-topic subjects we are likely to discuss, such as Whonix, privacy, Brave Browser, and even Linkin Park—and those are just options that use Discourse software. Now, if only there was a unified login feature…

Best wishes,

1 Like

I see a lot of fear of off-topic and politics here. In practice though, it’s the community who defines how productive and serious the discussion is. I trust the Qubes OS community. As a real-world example, such closed off-topic category works very well on Purism forums and I see no holywars there.

1 Like

I agree completely. I tried to shift the focus away from administration-based views toward community-based ones with my previous reply, but I did not do a very good job at that and basically argued from the first and not the second. I did not want to be explicitly critical of administrative concerns, however, and did want to be negligent toward the realities of most off-topic sections and the practical problems of maintaining it from an administrative standpoint. In the process, I did not do very well in challenging this view, and hopefully this reply does just that.

I believe that the only ones who can actually determine the extent to which any forum or subforum (or topic) is productive, engaging, and fulfilling are ourselves. Not the moderators. Not the administration. Only ourselves, for ourselves. It is also our responsibility, as members and as a community, to ensure that the spaces we construct and cultivate serve our interests and embody our values. Failing that, we fail ourselves and no amount of passing the buck or command responsibility can redeem us from that.

With off-topic sections, the burden of its maintenance ultimately falls on us as its participants. Moderation is a poor substitute for that. It is in that sense, too, that they remain experimental throughout their lives, since they are the closest to self-governance that tends to exist on a typical forum. Though it may be the technical decision of the administration to create it, the social decision of how to use it—and use it well—is ours alone.

That means being thoughtful, deliberate, and considerate with our actions and words even when off-topic; such sections may involve the suspension of normal rules, but not the suspension of our responsibilities. If we do not recognize these facts, and respect them in all their consequences, any new off-topic section is destined to become an eventual failure—just as will any other section, or forum, or community. That will ultimately not be due to the section being unfit for this forum, but due to this forum being unfit for the section.

The problem is never really with the topics we discuss, but with how we conduct ourselves when doing so. Restricting what is acceptable in an off-topic section may still be relevant, if only because an administration separate from us has no other purpose, but that will never be the determining factor in its success. We are that factor.

My concerns above, in my previous reply, only apply in contexts where these basic responsibilities are forgotten or deferred and where the rules are not determined by all those who are bound by them. Such concerns are ultimately derived from an authoritarian logic that discounts the community in favor of the systems that control it—exactly the same logic that justifies the need for a system of moderation and administration in the first place. This logic tends to prevail, and such concerns develop from them, because we are conditioned into relying on our “superiors” to manage us for us, which invariably results in the deterioration and eventual death of a community. In those scenarios, administrative control and discipline over an off-topic section may be “due”, in-so-far as any administration ever is; but this is only because the community members have abandoned their roles as members of a community, with all the social consequences that involves. Even then, such actions are only ever palliative; they cannot cure the disease, only manage its symptoms.

The best community is one in which there is no effective moderation or administration because its members successfully govern themselves. I would go further in saying that the only real community is one in which neither moderation nor administration even exist, the rest merely being its disfigured namesakes. Therefore, if we are to be anything resembling a community worthy of the name, we are its only guarantors—and its only practitioners. That is the case in an off-topic section, and it is the case everywhere else, including far beyond these forum walls.


I agree with @Sven to have an off-topic category because this forum is a community, and there’s value in the community being able to share and discuss more. I have great appreciation for the people building and using Qubes. I wouldn’t feel that I can discuss an off-topic (vis-a-vis the Qubes forum) in a forum elsewhere. It’s not about the topic but about the community.

1 Like

After reading the feedback to far I now think that calling it “off-topic
category” was a huge mistake. What I meant was a place to continue
conversations that a relevant but not specific to Qubes OS use.


  • Linux (Fedora/Debian) related topics (e.g. IDS, AppArmor, bash
    scripting, advanced usage of dnf/apt, encryption of volumes). Maybe
    that’s not even a problem and “General support” is the right place for

  • Networking related security and privacy considerations (browsers,
    VPNs, Tor, encryption) … like Chrome OS telemetry

  • OpSec / Thread Modeling

Things like politics or baseball never crossed my mind.

So in summary:

  • code of conduct applies
  • must be relevant to Qubes OS use (… “how?” not “why?”)

Maybe we could make that work?


I agree. In the (above referenced) purism forums they call it “General security & privacy chat category”.

What name would you give it? I can rename the topic

1 Like

What name would you give it?

general admin, security & privacy?

“In this category we discuss topics related to setting up what’s inside
your qubes, understanding your thread model, achieving and maintaining a
reasonable level of security and protecting your privacy when using
technology even if it’s not strictly Qubes OS specific.”

I am worried though about the additional load that will put on @deeplow,
@michael and @adw to moderate – something I admit I had not considered
at all. Maybe we can distribute this burden on more shoulders? I’d be
willing to take on some of it, maybe starting with the more mundane
approving of erroneously flagged posts.

@JTeller3’s comments sound true: “[…] takes community discipline and a
collective effort to cultivate a productive, relevant off-topic
section that does not just serve as a petty time sink […]”

If it doesn’t work or produces too much moderation effort, we can
declare the attempt failed and close it again.


I find this to be a much wiser approach. Defining a topic-adjacent section, where anything related to Qubes OS and “the Qubes life” goes so long as it is within a couple degrees of relevance, will prevent many of the usual problems associated with off-topic sections while baking-in a set of content restrictions/guidelines that keeps us all focused. My remarks before about our responsibility in making it work still applies, but perhaps not so emphatically. Without an anything-goes off-topic section, we are no longer playing with fire.

Apologies, @Sven, for misunderstanding your suggestion. From the topic post and conversation alone, it is clear (in retrospect) that the point was really what you just said all along. I have a long history with forums and discussion boards, though, all the way back to Usenet, and so have witnessed way too many times just how volatile “off-topic” can become when declared the “topic” of discussion. I hope you take my caution here in good spirits; your suggestion is not a bad one, by any means, even if it were about an unrestricted off-topic. The latter demands more care to do it well, but even it can be done well. I like your clarified idea more, though.

All the best,

1 Like

I totally second this and I would actually be in favor of it, if framed in this way. Actually if this is to happen I’d suggest naming it “The Qubes life”. (I’ve heard it before and is something all Qubes user identify with!). I think It would be would be key, for people having an immediate understanding of the scope of the category.

We would, of course need to drill down a concrete category description to guarantee the definition of on-topicness, but it should be easier.

However, I feel like some people could then post stuff there that could belong in the discussion category and vice-versa. But that’s a much more tolerable problem than tin-foil-totally-non-Qubes-related discussions.

@Sven, would this be in line of what with what you were thinking?

It’s totally understandable. It’s an invisible job most of the time :slight_smile: @Plexus is also on the mod team, btw.

In discourse we have the ability to have moderators for only specific category. Maybe that could be a way of dividing up work.

1 Like

For what it’s worth: I’m against an “off-topic” forum, but for a “general admin, security, and privacy” forum.

Which is not surprising since I’ve created many topics that are edge cases in relevance.

1 Like

@Sven, would this be in line of what with what you were thinking?


In my original post I wrote:

Things that might have very little Qubes specific content, but
nevertheless are things of high interest to a majority of Qubes users
by association

And then later in the clarification, once more:

conversations that a relevant but not specific to Qubes OS use

Then @JTeller3 called it:

topic-adjacent section, where anything related to Qubes OS and “the
Qubes life” goes so long as it is within a couple degrees of

“The Qubes life” is catch, but fuzzy. “general admin, security &
privacy” is dry but much more narrow.

I feel at this point in the discussion that there is a general agreement
to have something like the above category, but that we should also be
very careful in defining the scope.

Personally I like “The Qubes life” too as it gives an intuitive feel for
what’s on topic. But as you wrote, “need to drill down a concrete
category description”. Here is my first attempt from yesterday:

In this category we discuss topics related to setting up what’s
inside your qubes, understanding your thread model, achieving and
maintaining a reasonable level of security and protecting your
privacy when using technology even if it’s not strictly Qubes OS

What would you add/remove/formulate differently?

@Plexus is also on the mod
, btw.

Sorry for the oversight.

In discourse we have the ability to have [moderators for only
specific category] Maybe that could be a way of dividing up work.

It’s a standing offer if and when you feel you need help.


1 Like

Apologies, @Sven, for misunderstanding your suggestion.

No issue here. I should have been more thoughtful in choosing the subject.

all the way back to Usenet,

I’m old too… comp.std.c :wink:

1 Like

After talking with other moderators, here’s the format we’re going forward with:

  • @Sven as moderator for this category

  • category only shows for trust level 2 or above
    This will ensure people join the forum because they are already interested enough in Qubes.

  • make it clear it is experimental

Still a few things to go through

  • choice of name
  • category short description (25 words or less)
  • criteria for inclusion / exclusion of topics and examples
  • category color & icon

Note: this is a wiki post. So, feel free to edit it to add your ideas in the indicated spaces. (You can also quote-reply and @deeplow will add them to here). Apologies to the forum email users but this way it’s more manageable.

Choice of name

Current proposals:

Proposal Advantages disadvantages
The Qubes life Catchy may be ambiguous (lead to creation of posts that belong in other categories)
General admin, security & privacy concise Too restrictive (e.g. what about hardware?) @Sven: “general support / hardware”
General setup, security & privacy concise Too narrow. Can we discuss free software?
Beyond Qubes concise 1) doesn’t hint at the boundaries
Not Qubes Related well auto descriptive 1) doesn’t hint at the boundaries @Sven: related but not specific! 2) Contains a negative, which is not a good style
All around Qubes descriptive, hints at the boundaries ?
Tangents descriptive, hints at the boundaries (if you know the context) Ambigous if you don’t know the context
(add here your proposal)

Category Short Description

Should be 25 words or less to display well in the categories list. There can be a slightly longer description, but needs to be a separate phrase.


(template) @<YOUR_NICK>'s description proposal


  • Comments
  • (add yours here)

@Sven’s description proposal

Setting up OS & programs inside a qube; general security & privacy considerations not specific to Qubes OS


@Ludovic’s description proposal

All discussions not directly related to Qubes OS but around the Qubes domains (privacy, freedom, system administration, security, Qubes alternatives, research, …).


@deeplow’s description proposal

All discussions not directly related to Qubes OS but tangential to it (privacy, freedom, system administration, security, research, …).

Criteria for inclusion / exclusion and examples

I suggest this because it’s likely easier for people to understand what belongs and what doesn’t. Something along the lines of what’s on the Qubes CoC, but applied to this category’s content.

*Does this sound like a good idea? If so, please add examples bellow each of these.

Inclusion criteria

  • relevant but not specific to Qubes OS
  • (add yours here)
topic criteria
Is your browser fingerprint unique? relevant but not specific to Qubes OS
Which messenger program to use? relevant but not specific to Qubes OS
OpSec / Threat modeling relevant but not specific to Qubes OS
Discussion on Purism relevant but not specific to Qubes OS
gaming on Linux in general
security/privacy implications of gaming
how to configure your firewall for specific games
dependencies of specific games
How do I … on Debian/Fedora/Windows/…?
How do these programs compare in terms of security / privacy?
OpSec around my Qubes computer
OpSec when using email/IM/communications
Comparing VPNs … what can they do and what not?
Advantages and disadvantages of Tor?
Reducing memory footprint of my Debian/Fedora…
Comparison of intrusion detection systems and how to use them
What can encryption do for me and what are the limitations?
Good books / presentations / tutorials about security / privacy / linux administration / …
Advanced firewall rules
(add yours here)

Exclusion Criteria

  • directly affects Qubes
  • specific to Qubes OS
    • @deeplow: add comment here that that belongs in the rest of the forum.
  • is not relevant to Qubes OS use
  • harmful to community / violates CoC – politics / activism of any kind
    • @deeplow: I think “politics / activism” should be a separate point as it may not consititute CoC violations.
  • (add yours here)
topic criteria
something that violates the Code of Conduct CoC violation
NitroPad X230 laptop directly affects Qubes (?)
European Union And OS level Backdoors directly affects Qubes (?)
How to promote Qubes Specific to Qubes
Installed Qubes on secondary SSD; boots into first drive (?)
(add yours here)

Category color & icon

It will likely sit between User support and Mailing Lists so the yellow might be the color to go with the keep the scheme. This way it won’t look too out of place. But I wanted to get other’s opinions.


Regarding the icon, we should probably find a font-awesome icon that kind of represents the content of this category.

color & icon proposals

color icon remarks
yellow dashed/crossed-out Qubes logo (add your remarks here)
yellow comments  f086 (font-awesome) (add your remarks here)
yellow comment-slash  0xf4b3 (font-awesome) (add your remarks here)
yellow comment-dots  0xf4ad (font-awesome) (add your remarks here)
yellow code-branch  0xf126 (font-awesome) (add your remarks here)
yellow mug-hot  0xf7b6 (font-awesome) (add your remarks here)
yellow paper-plane  0xf1d8 (font-awesome) (add your remarks here)
yellow door-open  0xf52b (font-awesome) (add your remarks here)
yellow lightbulb  0xf0eb (font-awesome) (add your remarks here)
yellow user-shield  0xf505(font-awesome) @Sven

Thanks for your input @ludovic!

For anyone who’s reading this via email, I can forward to them the current state of the wiki post. Just ping me.

Re: choice of name

@fsflover couldn’t hardware could fall under “admin”?