Are we safe because we’re a relatively tiny, niche OS?

Would it be more clear to say 'Operating System," instead of OS.

Like Ubuntu is an ‘Operating System.’

Like “Windows,” is an Operating System.

By ‘tiny,’ Qubes has very individuals using it. Suggesting that ‘safe by being tiny’ those who might want to penetrate, or observe, what we are doing on our computer, That is a power group who has resources to use against Qubes, like Google (wants info on us to sell), or a government, would not bother, because the number of Qubes users small, tiny.

Like what happened to the Apple Operating System for years, they represented such a few users, the people who wanted to exploit did not bother trying to hack the Apple OS (well not as much as Windows.) In addition, Windows Operating Systems were so easy to hack, had a lot of folks who did not update. Now Windows is designed to spy on those using its Windows Operating System.

Plus we have gone through a stage where Malware is designed to hack into Browsers, less about which Operating System.

Qubes can prevent that by presenting a new clean Operating System with each internet exchange. A clean version of the browser with each Qube.

By comparison. A big danger in any OS is “How we use it.” Meaning we give up our security or privacy (depending on your goal) by doing the wrong things at the same time. Or downloading Malware into a Template Qube. Well there are other ways.

While one of the goals of the developers is to make it more difficult for us to easily corrupt ourselves.

I like the example of a college student developing an idea, which he wants to protect his rights to, from having someone else steal it.

I would like to say an ordinary person, a non-computer geek, who is reporting a human rights issue, and protecting himself from revenge by power groups, governments. While there is someone working on making it easy for Qubes to be used by those reporters, Human Rights Activists, without their being detected. Well, it takes some knowledge or experience.

@enmus

OS = operation system … the product created by the Qubes OS project. You talk about the core team of the Qubes OS project, which are the people doing the actual development work. However, arguably we (the community) are also part of the Qubes OS project by contributing time, feedback, donations, documentation, attention, advice, … in various forms and places.

Maybe is should have been titled: “Is Qubes OS actually reasonably secure or has it simply not received enough scrutiny yet?”

Honestly, I find this entire thread rather pointless. It’s not a question that can be satisfactorily answered today or tomorrow. In a few years, if the project continues to grow and eventually gets more attention from security researchers we will have some data locking back. Until then we can make Qubes OS easier to use and understand for new users. Educate them and learn good OpSec, including smart choices when it comes to compartmentalization, IDS etc.

entire thread rather pointless.

some questions are better if not asked

English is indeed far from my first language, so using that fact I wanted in a funny, childish Roberto Benigni’s benign “Ice cream, you scream, we all scream for an ice cream” way to make points above.

Now I am a bit embarrassed, but rather overwhelmed by your willingness to help, and will try once more, for the last time to make a spin off of the original topic title:

We don’t suck because you are absolutely hugely, nice people!

I hope OP won’t mind on my previous post, and that he will accept my previous sentence as a solution to a topic

A security model that relies on being tiny/niche/unknown/obscure is relying on security through obscurity, which is no real security at all. The Qubes OS security model does not rely on security through obscurity at all, as evidenced by the fact that all designs and code are openly published and discussed in public. (If Qubes were to rely on security through obscurity, then the developers would be amateurs, and the OS would not be worth using. Fortunately, the opposite is the case.)

Good point. A chess grandmaster (can’t remember his name) once said, never play with the assumption that your opponent doesn’t know your plan. Optimal play is optimal whether an opponent is aware of it or not. Though, I do think there is a difference between a faulty strategy that relies on obscurity and a new platform that is obscure (i.e. unknown) and therefore relatively untested. The latter is unavoidable in the initial phases of any project. So it’s possible to recognize the relative weakness in security due to the lack of widespread exposure to various attacks without assuming that the strategy itself relies upon obscurity to gain an advantage. Hence, improvements to security are not necessarily a matter of adopting a new strategy as @arkenoi suggested, but rather expanding the user base and increasing global adoption of the platform.