what’s the ideal laptop (any price range) for running qubes os? to get the most out of it in terms of performance if so as second option is librum 14 ideal? It also has physical switch for networking and such
if this can help in your choice NovaCustom NV41 laptop review (it’s a Qubes OS certified laptop)
I would root for a framework laptop. https://frame.work/
Even if there are some known Problems - they will be resolved - and you probably going to be happy for 10 plus years…
How is it with Framework laptops and Intel ME? Is it possible to build such a Framework laptop where Intel ME is neutered?
There are some lists maintained for different purposes.
The machines in the Certified hardware | Qubes OS are officially supported & tested, and can be purchased with QubesOS pre-installed.
The Hardware compatibility list (HCL) | Qubes OS contains a larger number of machines with compatibility details based on community-submitted results. Not all of these are 100% compatible, but you can see which parts are incompatible and maybe you’re OK with the compromise.
The forum also has a community-maintained list of recommendations (Community-recommended computers), which are not officially supported but have been found to work with minimal difficulty by experience.
Personally, I use a Librem 14 by Purism; I’ve run into no significant difficulties and appreciate the design of PureBoot. It’s not a certified machine but it can be purchased with QubesOS pre-installed. I’d be wary of some of the other products though. For example, the Librem Mini claims to support PureBoot but it does not have a TPM, so it is not clear to me how this protects from the threats that PureBoot is designed to protect against (I assume a physical attacker could read the software and replace it with a malicious version that knows the secret because the secret is not protected by a TPM, but I have not looked at this in great detail).
after a lot of research I landed on using a T480S (T480) would also be a good pick. Many of the certified laptops were much older than I wanted to use and the T480/T480S allowed for RAM expansions, if you plan to run a LOT of qubes the T480 can max at 64GB, I currently have my T480S maxed at 48GB (16GB soldered, added 32GB chip). For the most part it has worked out of the box perfectly well, all hardware functions as intended, suspend works, etc.
One thing I did do.
- had a weird graphical glitch at default scaling, switched scaling to 1.1X which is basically no change at all and it fixed the issue.
Other than that any other change has been quality of life/customization for myself. Regarding the hardware it just WORKS. I’ve been very impressed with the T480 series as well, the keyboard while not the glory days of old thinkpads is still better than 90% of laptops I’ve ever typed on. It’s light and thin even by 2023 standards, it’s quite.
If you do decide on a T480
- make sure you update all firmware before installing qubes. Especially the Thunderbolt firmware which is known to cause issues on this gen of Thinkpads
- make sure you have the BIOS set correct before install, enable virtualization, disable secure boot, disable hyperthreading (qubes doesnt use hyperthreading and I’ve found it wakes up faster form suspend without it enabled, also theres not major reason to bother with the i7 version if you can get an i5-8350 cheaper)
- i can confirm everything works great on the latest kernel (non testing) so jump straight to that
IMO this model is a great middle ground from the older “certified” units and brand new units with possibly compatible issues without going to OLD in design and specs. I’ve spoken with a couple guys who had tried the T14 G2 (AMD) with good results as well. If I even upgrade it will likely be to a T14.
In the end, the two deciding factors (for me) is Qubes certified, and official Coreboot support. I intend to use Qubes as designed, and this laptop was my best option.
Oh, and leading edge technology too. Should hopefully get many years of productive use.
Maybe, someone should suggest, While the cost of getting any hardware you might choose is not a problem for you.
If you have never used Qubes, you might decide that you do not like it very much.
It is more like a geeky background person’s version of a an Operating system tool kit. Not a polished OS with easy to install Apps.
Any third party program that you add, increases your security risk. Increases your 'Attack Surface." At least for that Qube.
In hardware that you acquire, there is a frustration with how long it takes for a Qube to spin up. Trying to maintain a high security computer can be frustrating.
I am devoted to using Qubes. but I frequently wish I had a recent experience of four years of University classes with three courses each semester on Linux, Networking.
I want to use Qubes, and I have spent far too many hours tinkering with it. Learning how Qubes wants me to obey its needs, requirements, quirks.
Then the internet itself, is not a friendly resort. More like discovering one has been kidnapped and dumped off in the bad part of town, where most you meet want to make me their victim.
It depends on your threat model. I personally use the Librem 14 v1, and the experience is still sublime; the link below is my HCL report a few weeks ago after installing Qubes
Not Yet …
The folks over there in the Framework Forum:
That was the first thing I did, searched their forums for both qubes and coreboot. They have no intention of supporting coreboot “maybe some day” and a few people mention getting qubes installed and running, but no official support.
The parts changeability looks interesting at first, but after thinking about it, how flimsy will those parts get after daily usage? Wouldn’t want the keyboard falling out every time I lift the lid, stuff like that.
I own a librem 14 and i strongly advise you to not get one, pureboot is amazing but the hardware is bad. Ive sent mine in for 2 repairs. My USBc charging capability is gone, my barrel charger arcs every time i plug it in unless I unlplug the charger and power down my laptop first. Librem says that is normal and not to worry, even though they replaced the main board last time when it died after sparking when plugging in. Purboot is so cool, but the hardware is just not there. That being said, it runs qubes no problem, its cpu does the job, and i run 64gb ram so that isnt an issue. Its just the hardware quality that breaks it. Framework 16 is on order for me, I just hope my librem 14 survives until it gets here lol
I’m writing this from a Librem 14, and I never experienced the hardware problems you’re describing. Can only recommend this amazing, fast machine. Did you try to update the EC firmware?
They did make more than one lol. Everything is up to date, except pureboot. I had to roll back after the most recent update blacked my laptop screen until after boot.
What exactly the reason Qubes don’t support new hardware as others?