I read the Qubes documentation and here are some notes I made on it. Some minor and some major suggestions.
- Docs. PDF version: The table of contents doesn’t include any subchapters.
- Docs. PDF version: Sections in 1.3 are empty and obviously lacking embedded video/links.
- Docs. Some links in the “Qubes-certified hardware” section are dead.
- Docs. In section 2.12.9, bulletpoint 2, last sentence, typo: “their” should be “there”.
- Docs. In section 2.3, AMD is placed before Intel in the parentheses. Intel should be placed before AMD, because in the previous section 2.1.4 it’s mentioned that Intel should be prefered over AMD (because AMD has infrequent security updates).
- HCL. A link named “read more” is broken for the entry Lenovo ThinkPad X200 (2024B53) by Kevin Lipe
- Comment. For a newcomer, especially a tech noob, it’s very difficult to make sense of which PC to use and what features they would actually need for their use case. The wisdom shared in the documentation that “you should just install Qubes anyways, since it’s still better than everything else” is soothing, but what if I want to have the best security possible security for my PC? There doesn’t seem be a systematic, comprehensive guide for that case.
- Comment. There is a huge question that remains unanswered: Section 2.6.1. What can I do to ensure my hardware is safe? There are tools and ways to clean RAM, firmware, etc, but none of them are approached except for non-descript links to coreboot/heads/skulls. Arguably this is the most important step, especially if your only option is to buy an used ebay computer which must be assumed to be malware-infected. Consider that some trusted, tested devices can’t be bought new anymore, only used, and that there are some people who can’t afford to buy brand new hardware. This is something which should be put serious thought into: Clean used hardware, remove any possible malware. If I understand this section, coreboot & co. can only clean the BIOS and some parts of the computer, but there are still other places like RAM or PCI firmware where malware can sleep. Is this correct?
- Suggestions for HCL:
- Hovering over headers on the HCL list shows me the “I” prompt pointer, instead of the click hand button! I use firefox. Additionally, the headers should be bolded and have a slightly darkened background to highlight that they’re headers and can be sorted.
- Add more sorting options to the table: by price class and release year. For some people, price is a big factor. Year is a good way to eyeball how good the device is.
2 Make it possible to filter away entries based on criterias, e.g. tested Qubes version, release year, brand name. - It seems to me very important to have a big list of compatible hardware. It seems to me wise to encourage people to contribute. For this effect, a bulletin notifying this importance could be added, together with a link to a standardized test checklist and a list of “high demand” hardware/brands/criteria for hunting. The “high demand list” doesn’t need to make sense, just increase the chance that whoever sees the text feels themself in a specially important position to contribute. Sample text: Paragraph 1: “Qubes needs a long and comprehensive list of compatible hardware, otherwise Qubes will die! We need your input to add more computers to the list (the more the merrier). To help us, please donate 2 hours of your time by checking out this test checklist link to test your computers. (Inside the link: An easy/automated process which even tech illiterate people can do. E.g → The latest Qubes Live USB includes Test tools to help you rapidly test your PC. Sections: graphics, sound, graphics, microphone, camera, usb external, etc etc)” Sample Paragraph 2: “We are specifically in HIGH DEMAND for HP and Compaq computers, and any hardware produced after 2023.”