Do I need 2 computers?

Hi, I am very new to Qubes and I recently heard for security and anonymity using Qubes with Whonix is your best bet. However I only want to use Qubes/Whonix for web surfing and would still like to use Windows for gaming and doing normal activities, like watching YouTube, doing school work, etc. So my question is, can I use 2 ssds instead of 2 computers? For example, can I install Qubes + Whonix on an empty SSD, while another SSD has windows 10 installed? (The Windows SSD will be my main, while qubes will just be for more secure web surfing) Or should I use a separate computer one for windows and the other for Qubes? I have a beefy gaming pc and a crappy old laptop that I doubt can run qubes. Are 2 computers necessary? If they aren’t necessary, is there some cons of just using one computer? Thank you!!

(sorry if this is a repeat question or was answered elsewhere I tried to look for it but couldn’t find one, or perhaps I didn’t look well enough again sorry)

1 Like

I currently have the 2 ssd setup you just described. It works just fine, but there are a couple security considerations to take into note. If your windows OS becomes compromised, it is theoretically possible for the unencrypted /boot section of your qubes ssd to become modified. If a very sophisticated malware were to be able to mimic the bootloader it could potentially learn your qubes password and/or compromise your qubes system.

That being said, something like that happening is would be rather rare and would need to be specifically tailored to accomplish this task and in reality, for ‘normal’ users, it probably isn’t too much of a concern. This attack vector can also be mitigated by having your boot/luks headers on a usb, encrypting /boot or just removing the qubes ssd while using windows.

Also, from my experience, setting up appVMs for youtube/web browsing or school work should be pretty easy. (a windows vm for gaming may be more challenging due to GPU passthrough complications and is the only reason I still have windows on my second ssd)

I’m not an expert and am still learning the ins and outs of qubes and if am understanding of the potential threats of this setup I’m definitely willing to learn more from someone more experienced.

2 Likes

You don’t need 2 computers.
If you want a more anonymous browser experience you can solely rely on Tor Browser.
Another option would be to run whonix as a virtual machine under windows (e.g. in Virtualbox). Therefore you can use other virtual machines to route your traffic through tor, too.
The last option i see is to switch completly to Qubes OS and run Windows in HVM. But to play games this comes with a security risk which is therefore not recommended. IIRC you need to assign a second/dedicated graphics card to your HVM.

Of course a second SSD with Qubes installed on works fine too!

2 Likes

Playing Games on Windows HVM is not such a security risk itself. Biggest problem here is setting everything up and stability of that setup. I read many topics about it, and peoples said that if it works with AMD GPUs rather stable that making it with NVIDIA is more complicated task (and here is the security risk of installing latest proprietary NVIDIA drivers on dom0 since to make passtrough possible). Also that setup requires separate monitor, mouse and keyboard.

1 Like

There is also a possibility of getting some malware targeting BIOS when using Windows.

2 Likes

On old laptop Qubes just may not work. Take into consideration that it requires some virtualization technologies that wasn’t common few years ago.

1 Like

You may need 2 computers depending on what it is that you intend to
do while surfing, and what your security profile is.
It doesn’t sound as if you need 2, but you need to consider the points
raised by @GMartin, your general competence in Linux, and what risk you
hope to guard against by using Qubes.

If you administer a major online black market on the darknet, where the
risk would be a life sentence if discovered, or worse, then buy another computer.
(You can afford it.)
If you want to try Qubes for fun, don’t.
Find where you lie on that line, and decide accordingly.

I never presume to speak for the Qubes team.
When I comment in the Forum or in the mailing lists I speak for myself.
3 Likes

[quote=“unman, post:7, topic:10818, full:true”]
“If you want to try Qubes for fun, don’t.”

Honestly this is probably the best advice here. I wanted to use Qubes mainly cause im curious about the deep web. I don’t really intend to do anything besides surf and If I ended up seeing something very dark I didn’t want the fear of getting caught looming over me while I did so. So I may just need to rethink everything. Thank you for this!

1 Like

I’ve been in darknet for a long time, but i treat it as a network protocol honestly, clearnet is more darker to me.

I maybe the one who campaign that you could use qubes + windows (dual booted) in here. Especially to one who still not understanding linux.

Learning something new (not only computer related) is more important than sacrificing what you already enjoyed.

3 Likes
2 Likes

How easy is it for you to remove your SSD?

My laptop design makes it incredibly easy to remove and swap SSDs entirely, especially after I lost the screws for the SSD cover. Some well placed masking tape holds it in place, but when i pull on the exposed tab leading to my SSD, the plate hinges away perfectly as the drive slides out.

I’m not actually running another OS, but if I did, depending on what it was or how I was using it, i’d still be wary of the possibility of BIOS attacks.

Probably not anti-forensic or totally RAM safe. Shutdown and battery out in between just in case there’s something which can scrape ram from the session of machine A to machine B.

1 Like

Very easy, just gotta unplug and then re plug. takes about 30secs. How common are bios attacks?

I have no idea how common bios or ram based attacks are. Also can’t comment on if swapping drives frequently damages them.

1 Like