I’m a developer and the reason I switched initially to Qubes is not the bonus security (the chance I get hit by a virus or something else is already minimal enough), but dealing with the dependencies. However, recently I started playing with distrobox (and similar tools) which made me think again if I really need Qubes.
The additional security and networking capabilities are great, but I’m leaving at the same time more useful features to me like relatively good battery life (almost double relative to Qubes), possibility to use the GPU and similar things.
Distrobox and other similar tools can totally help me with dealing with the dependencies issues I have (different node versions, elixir versions …) and without the issues (bad battery life, no GPU).
So here is my question for you:
Do you really need to use Qubes (is it really useful to you, comparing it to other solutions) or are you doing it because you wish (but don’t really need) the extra security?
having extra security is useful to me. I bury my passwords and Monero wallets into their own minimal qubes. This sense of solid isolation in VMs make me sleep in peace at night.
creating debian virtual machines on the fly, experimenting with them, and then removing them at my wish is pleasant with my linux learning experiments. If there is a program I want to try in debian, I first install it in a new qube I create, play with it, and then if I want to keep it, I install it to my real debian template. This experimentation without screwing up my “real” debian setup is useful to me.
backing up and restoring whole template + qube is a new mode of working with linux with me. For example, I had a “corebooter” qube and its “corebooterTemplate” qubes back some time ago. I used those qubes to install coreboot, flashrom and a bunch of other software necessary for coreboot’ing the BIOS chip of my X220, X230 and my friends’ thinkpad machines. Now I am done with coreboot’ing those machines, I simply have backed-up those two qubes to my 1 TB external HDD, and deleted those qubes from my QubesOS machine. Then, when I need to coreboot another machine, I simply restore those two qubes from my external drive, and I simply have those qubes as if they never left me. This is very convenient, and I can see this capability of plug-on/plug-off qubes from my QubesOS helping me in the future with separate software projects of mine.
It can be done with VirtualBox in any GNU+Linux, even with more features, faster speed (even with video acceleration) and almost any OS (unlike Qubes OS being based on Xen).
Docker is not about security at all (by design). From the security point of view Docker is a disaster, as far as I know.
I like Qubes OS for the ability to run some VM completely offline.
P.S. It’s a shame there is no proper GUI and per-application firewall in GNU+Linux. Windows has dozens (but almost all are proprietary).
A few weeks ago I accidentally installed a pip package (on my work laptop, for normal python software engineering) that was spelled similarly but without an ‘s’. The misspelled package was owned by a Russian developer, whose intent may or may not be questionable. I do not know if the package was malicious or not, but what I can say for sure is that Qubes gives a lot more control over this situation than the traditional OS on my work laptop. Having to scrub a whole laptop sucks way more than deleting a Qube.
From a developer viewpoint and strictly dependency management, Qubes OS is probably overkill. Different languages and development stacks have varying degrees of tooling available for managing dependencies without Qubes OS.
Expanding slightly on dependency management, others have already mentioned some of the perks of Qubes OS such as being able to easily clean a system (i.e., a Qube) that had installed a suspicious package. Other dependency containers are less isolated, if isolated at all, from the host system so suspicious or even non-malicious conflicts can be difficult to clean up.
The Qubes Documentation includes an example software developer build. With Qubes OS, there is a lot that you can do on top of dependency segmentation that can help protect data and keep your system secure.
As for your final “need” versus “want” question in regards to usage of Qubes OS, I do not have explicit demands that require me to use Qubes OS. I do have a lot of reasons for why I want and do use it, though.
As a independent contractor I have (usually just one) qube per client. I don’t need to worry about any software they ask me to install. I don’t need to worry about malware pulled with some project dependency some other developer adds. It’s their responsibility. Once I’m done with the project/client I backup the qube for case they need something later, delete it and go on.
Split ssh/gpg setup allows me use my personal keys in then not very trusted environments.
I agree with this. And QubesOS really streamlines this process of qube generation and qube backup/restore. I think what QubesOS has is a more polished user experience compared to doing these manually with a VirtualBox.