Quick note:
- Very long
- Lots of tables
- I am very thankful for Qubes OS and Developers.
- Qubes OS is not for my use case right now.
Challenges:
| Challenge | Knew it going in | Life impact | Remidiation | Items purchased | Solved |
|---|---|---|---|---|---|
| UEFI and onboard graphics work, CSM and external GPU works | No | Up front concerns | Buy GPU, works fine now | GPU | Yes |
| WiFi not working | No | Major utility concern. Appartments use WiFi | Buy external network tools | Ethernet cable (on hand), WiFi extender (move the wifi to external compute) | Yes (stretching it) |
| Video seams playable but slow. How much is it my network, how much of it is a VM? Scrolling seams off. | No | Major concern. That is what we do with a computer. | NA |
NA | No |
| 4K Monitor seams off. The text above the window seems way to large. The forum said "run this script" in other areas. Solving it in 1 spot does not solve it in all spots. |
No | Major concern. That is what we do with a computer. | NA | NA | No |
| GPU's for 3d graphics don't work. I knew that going in. I had Blender in a external computer. | Yes, alot | Light concern. I don't do this for a living. Their are people who need security and make journalistic content with blender that might. |
NA | NA | No, (understandable) |
| HDD/SSD/M.2 Placement. I used Windows Server 2019. We can say the System OS goes on the M.2 Drive. The VM goes on the SSD. The VM's content goes on the HDD. Built in guides say use command line VDEV magic. |
Yes, but I thought extra GUI magic would solve it. |
Medium concern. I knew this going in. | NA | NA |
No |
Alternatives:
| Alternative | + | - | Outcome |
|---|---|---|---|
| Qubes OS | Unified desktop environment, no duplicating passwords | 1. 4K Display and system wide unification 2. The challenges of Linux with the challenges of configurations. 3. 60FPS not maintained while scrolling or video |
No, wait 5 years |
| Linux Distro (end user) Parrot OS |
Secure system, I could run VM's in it. | Base OS not protected. I can control and try thing out fast. | Yes I need something that runs locally and does not require an external web interface. |
| TrueNAS | Docker magic | Web UI required, diferent focus | No Sorta, not for a desktop, but technically yes. |
| TAILS OS | Secure | 1. Single one time use is the goal. That is not a bad thing, it is just not for my use case. 2. I don't like changing PC's. |
No |
| Air gapped PC | Apt-offline | Setup, updates | Yes, I will use this. Nothing else can save you from certain unique threats. |
| Whonix | Secure | Insecure base os, configuration, lacks protections of the actual Tor Browser. | Meh, try it out. |
| Clouds (Cloudstack, Openstack, Proxmox VE, Nimbus) | Built for VM's in protected spots | Insecure base os compared to Qubes. Also it requires an external computer for web connections. | When I have a network and a VM. |
| Self Hosted tools (Sandstorm, Freedombox) | Privacy for stuff I run | Seperate PC and Web interface | Wait 1 year. |
How I would setup Qubes OS in my ideal world
| Goal | Why | How | |
|---|---|---|---|
| Cybersecurity: IDS/IPS | My textbooks in my Cybersecurity Major say do it. | Use Snort IDS/IPS through a GUI either built into Qubes OS or externally | |
| Ease of life: Self hosted setups | What we want computers to do has changed into clouds. When you look for open source tools, you get alot of Networked services that you can't run locally without Docker and other magic. |
Install Freedombox or Sandstorm in a Standalone Qube. Hope this OS goes mainstream and tools get built in. | |
| Ease of life: Never touch the command line | Simplicity, "I want it to just work". We want the power of the drill/phone/fan without prerequisite knowledge of the drill/phone/fan. The same is true with computers. |
Hope for more development, self hosted NLM (chat gpt competitors), and the maturity of the feild creates magic. | |
| Complete data location | Think "how do I want this to work", not simplicity and development time. We have a pyramid of speed, capacity, and price. M2 is for the base os. SSD is for the VM's we run. HDD is for the data. | Hope for more development in Qubes, Linux, industry standards for clouds, and the maturity of the feild will create magic. |
Regarding Qubes OS:
- No product can do everything.
- Small development team, massive goals.
- Obscure personal preferences PLUS personal weakness at Command Line.
- Graphics are a cursed field and tool
- A comfortable Linux Desktop(ubuntu, Mint, Fedora) just occurred within the last 4 to 8 years. That is nothing in terms of countries, companies, institutions, and development. Nothing happens overnight.
Was Qubes OS ever right for me?:
- Daily internet browsing (YES)
- Money/ecommerce (YES)
- Politics -esque documentation (YES)
- VM for Reddit and Photo Archiving (YES)
- Snort IDS/IPS (NO, external system)
- Sandstorm/Freedombox (NO, external system)
- 3D Modelling (NO, gpu’s=cursed)
- Determining what VM’s go to what VPN’s (NO, but kinda)
TLDR:
- Obscure Qubes problems that have work around plus graphics challenges (4K monitors and video) result in me uninstalling Qubes OS.
- I will use ParrotOS plus a second air gapped PC in the next 1 week.
- I will use Proxmox or Cloudstack clusters which shall run TrueNAS/Sandstorm/Freedombox plus some Docker/Kubernetes within the next 1 year.
- I will try out Qubes OS in 5 years from now. Nothing personal.