Do service Qubes offer meaningful advantage over ephermal Live mode distros when user requires little or no persistence?

I’ve been using Qubes as my daily driver for quite a few years. I’ve learned plenty, I’ve found it very fun.

But realistically, all my computing is done in the cloud. I separate different use-cases or ‘identities’ with different email services and the ecosystems they provide.

The thing is I have anxieties around malware and persistence, which is why I’ve been exclusively using Qubes with disposable VMs. I don’t have a single file stored on my Qubes machine.

So with all this in mind I’m wondering if I really need Qubes when I could be running a more ephemeral live USB, possibly with just enough persistence to store emails and password files on.

What benefits do the service qubes, sys-net in particular, offer me when their only purpose here is to connect a single disposable vm to the internet in any one session.

I realise the benefits of an offline vault VM, but with hardware 2fa and some other mitigations but it’s not the be all and end all.

Possibly a firewall VM to force VPN traffic to allow options for clearnet VM with and without VPN? But even then, Opera browser with its built in proxy would suffice if the only thing in that disposable VM was browser traffic, right?

What other information can sys-net prevent from being exposed, leaked, harvested, etc in a compromised disposable VM session? I’d like my non-signed in disposable browsing to not somehow feed into an advertising profile on me.

With the use-case I’ve described, could I get away with just building my own mini custom flavour of something like kicksecure with all the apps that I’d want, then made into into it’s own live mode ISO and burned on to CD or USB?

Or could I maybe even do that same thing with this stripped back qubes set-up that I’m describing? I know there was talk of a live qubes flavour in the past.

What do you all think?

Related FAQ entry:

1 Like