Lack of computer knowledge can prevent me from understanding about QubesOS. Could you please explain it to me as simply as if you were explaining it to a child?
Why is QubesOS more secure than a regular VM?
When copying files or text from a contaminated VM to another VM, isn’t dom0 or any other VM in danger?
When copying something
VM1 to dom0 to VM2
I have an image that data moves like this, is it correct?
“What I don’t understand about QubesOS” is not a useful title. New users will not be able to find answers with it. I changed it to a better one.
A regular VM runs on top of an ordinary operating system. The latter has an Internet connection, runs a huge number of apps, manages random USB sticks and so on. Qubes AdminVM doesn’t do any of that. Qubes isolates all these insecure things from the host.
In addition, the virtualization technology in Qubes is more robust against attacks: it uses Xen and hardware virtualization, which is not typical for VMs.
Dom0 doesn’t read or process the content of your files or clipboard. It only moves some bytes.
My experience with VMs outside of qubes is with Oracle’s virtual box.
And that was much worse IMHO than QubesOS. Templating in Qubes is a huge benefit. For example, if a virtual machine in VirtualBox got compromised, you were basically out of luck. In QubesOS, you might not be…if you’re running (say) a browser and something infects your OS, you can get rid of it with a simple restart, because changes to the OS won’t persist in an AppVM. Restarting the AppVM starts with a fresh copy of what is in the template (outside of your /home/user area). You could even be running a qube where changes to /home/user don’t persist, either (a disposable VM). None of that exists in VirtualBox.
This is not a very robust way. You never know whether your /home is also infected. Try this instead:
True, it does depend on what got infected.
But both your method and the one I suggested depend on you realizing you’ve been infected in the first place!
What I actually do is run most browsers in a disposable, so it doesn’t matter what got infected and whether I realize I got infected; even a stealth infection of /home gets wiped out. The one or two cases where I have a dedicated appVM for browsing specific sites, I regenerate periodically from scratch.
I’m sure I’ll get slayed for this but, it’s an opinion …
IMO Qubes inherently is NOT “more secure than ordinary OS with VMs”. Security is a practice, NOT a place. One thing that Qubes does better than most is facilitate compartmentalization which, in turn helps support good OPSEC which, when done well can lead to a stronger security posture.
In the end, It’s In The Way That You Use It …
