How long did it take you to get used to Qubes?

When I initially moved from Arch I first thought “This is so cool, I can finally play with my vms with way less hassle now”. But in the coming weeks I got quite strange feeling. I dreaded having to use my own computer. I often found myself procrastinating in doing so when I had to do some important work or when I wanted to look something up. When I finally was doing so just casual internet browsing felt exhausting. I thought about how to separate my activities. What sites should be visited in what Qube to minimize tracking. How to network the Qubes so different vpns or no vpns are used in what vms and so on and so forth. Quite obviously it was not fun at all

In total it took me 4-6 weeks for this feeling to disappear for basic usage. Even learning to use and to install Arch linux took me less time and it felt less exhausting compared to Qubes. And I only explored the very basic usage. I got no problems learning to use global copy-paste and moving files between Qubes

I want to ask other users, how was your learning curve with Qubes? Did you have similar problems getting used to Qubes as a daily driver? How long it took you to get used to it and etc?

Hey!

I stepped into Qubes OS to use it as a daily driver after I became so angry with Apple’s (and Big Tech as a whole) telemetry.

After 2 weeks of intensive research, I got used to the system and could fix all the issues I was having (like webcam, screensharing, pulseaudio betraying me, weird full disk errors, installing things persistently into TemplateVMs like python libraries, etc…). But I must say that those 2 weeks have been ultra-frustrating.
For anyone new to Qubes OS, just try to fight and resist the initial experience. After you get the issues solved, this OS is wonderful.

I also have to say that, because of how I am, I MUST configure my VMs to speed up my daily tasks. If I feel slow and/or doing tons of extra steps to carry on the tasks that I did previously in my last OS (macOS), I will end up surrendering and going back.
So, I have been configuring my machine since then, and, although sometimes it tires me up so much because I still have a lot of things to be done, I then remember how it was working and living a month and half ago in macOS and now I notice all the UX upgrades I have set up.
I no longer worry about having my Parallels VMs dirty because of the TemplateVMs. I can do things faster than when I was a macOS user.

And yeah, I might not have the fancy animations, crazy graphical interfaces that masturbate my brain and keeps me hooked to virtually-given dopamine, but now I really can focus on things that need to be done.
So yeah, the first 2 weeks / 1 month is an absolute hell. But after all the pain, a heaven is there waiting for you.

Also, after all the initial setup, I know that once I step into my Qubes OS computer I am something near to anonymous in Internet (because I don’t believe in full anonimity) and have a reasonable privacy.
This lowered my stress levels because I HATE being tracked online, and I am pretty sure this contributed a lot into getting used to Qubes OS, because I felt safe while using it.
Not like macOS, where I have to constantly worry about expressing political opinions, what videos or photos I tend to view more than once (and therefore the algorithm knows me a little better and knows with ads has to show me so I can spend money on things I don’t need or which videos can throw at me to keep me hooked).
Disposable VMs for Internet Browsing are a great thing.

I had to study a little of how linux works to make my life easier and spend a good time reading the Qubes OS documentation, so I can make things like file transfers between devices connected to my WiFi.
Some things are a little more complex to carry on than on macOS or Windows, but after I knew how to do this things in Qubes OS, the convenience that macOS or Windows provide lost its value.
I take notes of all of my commands, and if I think that something requires a lot of steps in bash, I just create a bash script and voila, automated.

TLDR; 2 weeks of big frustration solving issues like wecam, screensharing, templatevm configs, etc… and other 2 weeks to automate and get things done quickly in Qubes OS. Now going back to other OS would feel like losing godly powers and become a mere mortal again xd

One week.

Stepped into this nightmare, after the reading of Edward Snowden’s “Permanent Record” and taking down all the material about his 2013 flew.
First was using TailsOS (and still do for some reason), but was electrified by QubesOS later then.
Took me around 3-4 months getting the understanding, coming from Microsoft’s Windows with less linux knownledge.

You have to read - not to play with it to find out and understand - especially the OS basics. Knowing Linux helps, but Qubes functions are different. You always have to see them from a secure point of view.

I was just supposed to quickly test this but never went back to my old OS. I had been tinkering with Linux previously a lot, like I have used Linux as my main OS for over couple of decades, so adapting was pretty easy for me and things made perfect sense. Can’t see myself using “normal” OS anymore.

Some time ago, I got the idea to take a closer interest in the topics of privacy and security. I installed Tails and Whonix on QEMU/KVM and was not only glad to see some of my concerns addressed, but also became curious again to dive deeper, from a user’s perspective, into the underlying concepts and technologies.

Again and again I heard recommendations like “Whonix on Qubes” being the ultima ratio when it comes to anonymity / pseudonymity and security.

So I installed Qubes 4.2.2 on a spare disk and, quite naively at first, was immediately convinced by the principle of compartmentalization, without really understanding everything that comes along with it.

I fairly quickly started thinking about my actual use cases and how I could map them onto Qubes. Since I live in a country where the once highly valued freedom of expression now largely exists only on paper, and where many people have been charged and convicted for politically unwelcome statements online, I began to engage with threat models in general and with my personal threat model in particular, explicitly working this out over the following weeks.

About 4–6 weeks passed in which I was, on the one hand, experimenting with many technical features of Qubes and learning how to use them meaningfully, and on the other hand, I gradually started thinking less in purely technical terms and more in terms of adversaries, attack vectors, and my countermeasures or precautions.

My thinking essentially became “threat-model driven” as a process, and Qubes challenged me to actively think about risks and risk mitigation.

Beyond the fun (and the frustration) of dealing with technical things, this is the real gain for me.

All in all, it took about 6–8 weeks until I had planned and implemented my Qubes installation according to my wishes and requirements in such a way that I now work with it every day with enjoyment and confidence that I made the right choice.

At this point, a huge thank you to everyone who built the Qubes system and who are still working on improving it today.

Interesting! What kind of background and how much prior experience did you have with Linux systems and threat models?

4 years to gather courage to give it a try, 1 week to understand and then I was hooked. I was using Whonix and Tails for many years before Qubes.

Coming from a very different environment (OpenVMS) and being used to often switching from one OS to another, I had not much trouble using Qubes productively. Partially, this was caused by the fact that for several months, I had no laptop that was modern and strong enough to allow installation at all. So I had much time to read documentation and theoretical descriptions, especially Joanna’s excellent papers.

So, from a theoretical point of view, I was quite ready to understand Qubes and its philosophy, which helped quite a lot to get it up and running, when I finally got a suitable machine. (By the way, this was originally a Windows 10 Laptop that became, after just 6 weeks, incapable to run Windows anymore, due to an incompatible driver.)

Regarding your experiences, I find it absolutely necessary to have very good administrators if Qubes is to be used in a corporate environment. They must be capable to pave the way for “normal” users so that these users can just begin to use the system productively, without worrying about or even noticing its complexity. On the other hand, administrators are normally used to suffering, so they should not have much trouble setting up a decent system structure - if they are given enough time to learn the basics. Given this, it makes much sense to use Qubes for critical operations in a corporate or government environment if the first obstacle is overcome: Convincing non-technical and learn-resistant managers that this makes sense.

Do you consider Qubes “ready” to be used in a “corporate environment” at all?

Deploying it on pre-configured machines might be easy but what about updates and software distribution?

Updates should be controlled via SaltStack or Ansible, which will probably require some work on the administrator’s side. Software installation could be done by distributing new versions of the templates, as should be done with the updates.

It depends on your use case. Probably it’s easier to use Qube if your corporation is mostly dealing in engineering and/or software development, or uses the endpoints as thin end-user devices with Citrix (or something else) on the server side.

environment". In fact, given the control that most IT have over
environments and user actions it is probably easier to deploy and use
there.
Qubes has supported remote management for some time, so that updates and
software deployment can be run from IT. Providing a custom environment
helps here - menus that are task based and do not focus on the
template/AppVM model are imo essential for user adoption. Deployment of
helper scripts to automate basic actions also helps. The most successful
deployments are where management and IT buy in to the project, there
has been detailed planning for the rollout, using test groups and
incorporating feedback prior to full deployment.

I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.

I use it at my job, but with the condition of solving the issues myself so I do not throw at our sysadmin extra-work. I think that’s fair.

I honestly don’t remember how long it took to adjust to Qubes, but I adopted it wholesale and was motivated by the incredible ease Qubes brings to running a type I hypervisor on a laptop! This was after trying to compartmentalize my computing life with Linux Mint and Debian, and transition from Windows 7. I made that switch a decade ago or so ago.

It took a long time to get away from the monolithic thinking and dependency proprietary software companies had instilled. Reading the official Qubes documentation was critical, but adding the discourse forum was also a huge improvement (over trying to get help on Google groups). Now my thinking is more or less aligned with the Qubes way and I feel completely empowered and at ease. The peace of mind Qubes brings to reasonable security and privacy makes it easy to forget any pain I had to go through to get there.

No relevant background, limited Linux and zero threat modeling experience.

To use Qubes effectively I had to consciously get aggressive with how I used my (at the time new) operating system. Spending extra time here and there to write scripts in dom0, writing scripts in various qubes’ rc.local, and taking a “stateless” qubes approach (using other qubes dedicated to storage) helped a lot.

Qubes vanilla does require an IT administrator skillset to be used at all, from my perspective.

I knew that deploying Qubes for others would require ui pieces to stitch together disposable qubes, the appropriate rc.local for those qubes, and the dedicated storage qubes. A colleague of mine put together the “network pathing” parts.

Some small teams of people who are not technical have successfully used our ui pieces. I believe we have 80% of the ui necessary that we can deploy Qubes to almost any team of non technical people to use Qubes successfully to run many apps that run on Linux or Windows. I am actively working to cut the red tape to get this released as open source.

Thanks for sharing! Do you want to share a little preview with us?