How to pitch Qubes OS?

True, many of us do but mostly as a standalone VM for the occasional “can’t help it” scenario?

Running it the way you do (as a Template) with AppVMs works but requires even more technical knowledge to setup and maintain. Plus with Win10 we (currently) don’t have transparent mode … so the UX is less attractive: it’s not really one desktop but many.

I share your vision, but I don’t think Qubes OS is ready to capture the common Windows user (yet). For someone to have the energy to take the learning curve they already have to feel some urgency about their security.

3 Likes

I might get a customer that is totally clueless, and if we get this going they will have to trust us anyway.

So I’m just wondering if something like this is doable:

  1. Set up an ssh and maybe even X share on dom-0 which we could use for admin. Could be bound to our IP only.

  2. Install Windows on one or several Qubes where they will be allowed to do things the old way, perhaps while we analyse what they do as well.

  3. Set up some Qubes with Whonix where they will use Firefox or any other browser they are used to only.

Based on how the first weeks go we could then tweak and install, or block things for them, gradually teaching & guiding them towards better security.

This could even be used in concordance with mobile devices adapted to appropriate Qubes. Perhaps a Qube could even be dedicated to video support directly from us, also locked to IP to make sure it won’t be hijacked…

I agree with Sven. I would not recommend Qubes to my neighbor using Windows and believing that Microsoft and Google protect them enough and there is nothing to worry about. :wink:
I might try to convince him to something easier for a start. Like Manjaro or Ubuntu.
Qubes requires some sacrifices to use and need someone with strong need for it.
I would start from searching different needs that Qubes solves.
Those reasons might be supricing sometimes. for example:

  • I like to experiment with different apps so I use temporary VMs and delete them afterwards. Not trashing my main system.
  • using multiple TOR relays at the same time. each for different website makes my browsing harder to track.
  • I can change, upgrade my system keeping my home data untouched. I am no longer afraid of new ubuntu release upgrade etc.
    But all of those are for more experienced users.
2 Likes

Step 5: Try to walk confidently out of the elevator but slip and fall because the floor is now entirely covered in broken eggs. :joy:

3 Likes

Has anyone thought of something like this?

Something that shows ‘normies’ how bad things can actually get if you’re complacent.

1 Like

You’re absolutely right: Having Windows under Qubes is great, but getting there may be something for the unafraid, and surely not for the average Windows user who just buys a (badly) preconfigured PC and expects to use it without too much knowledge. So currently I don’t see Qubes as a system for this type of users, although, from a technical poit of view, they need such a system very much. The HP video illustrates that nicely!

On the other hand, companies are being crippled by attacks using Emotet or such, which could be mitigated by, for instance, sanitizing incoming documents in a Qubes system before delivering them to the final user. I think, a lot of system administrators struggling with current attacks would appreciate that

  • if they knew about Qubes after all

  • if the learning curve were not that steep

  • if their management would allow them to use something other than the “proven” :frowning: Windows systems.

So, what could we do to help these people:

  • Make Qubes more visible in the field. Well, that sounds like - urgh - marketing. But this need not deteriorate the honesty of Qubes, if the information provided to potential users is correct and helpful. Here it is essential to show what Qubes can achieve (security, flexibility, usability) and this much better than conventional systems. It may help to stress that Qubes is not another slightly more secure Linux system - as I have seen all too often in some magazines - but rather, as @adw put it lately, a meta operating system allowing to choose from different software environments.

  • Help Windows users with better integration into Qubes. Essentially this would mean a simple and robust setup of Qubes Windows Tools in a Windows VM, accompanied by a wizard helping the user to get it running without too much fuss. This surely requires some effort, especially as MS does its best to provide an unstable environment, but it may be well worth it. There may even be hope of providing seamless mode for Windows 10, as @deeplow recently put it in Windows support in Qubes.

  • Improve the - already very good - documentation. Here the current activities like Qubes issue #6698 are moving in the right direction, and I am fascinated to observe the progress.

  • Perhaps someone could even provide preconfigured systems with Qubes with Windows clients preinstalled. In my opinion, this is something the market needs, but I am very sceptical if the market is aware and if such an idea would sell.

Just my 2 cents …

Step 6: Get billed for the shoes of every person in that lift, while making a mortal foe out of the janitor.

Step 7: Get banned from using the elevator. If you work in that skyscraper, this could be worse than getting banned from the building altogether. You might be able to work around this by contracting some sort of highly transmissible virus.

  • It may help to stress that Qubes is not another slightly more secure Linux system - as I have seen all too often in some magazines - but rather, as @adw put it lately, a meta operating system allowing to choose from different software environments.

I remember all too well how hard it was to describe to end customers that Drupal is a CMF (Content Management Framework) not just any CMS back when I built a couple of businesses on that…

What works is to tell people what they can do, not how - thats also where they’ll have to pay for valuable help! :wink:

Right now I’m telling family that what I’m tinkering with is this:

  • Securing my crypto accounts and other financial services to a very high level
  • Dividing my personal and professional world
  • Stopping and/or controlling everyday surveillance
  • Always using a very secure way if I need to check something that might be politically sensitive
  • Turning the surveillance around, especially for my already compromised, personal data

Got Windows working in a Qube today, so that will be what I’ll show them live as “tamed” inside of the mysterious Linux world that they’ve heard about :wink:

Qubes OS elevator pitches:

  1. Were you ever curious but afraid:
    – to click on that link in the email,
    – to open that email attachment,
    – to go to that shady-looking website,
    – to install and run that suspicious program or even a virus,
    – to insert that USB stick from someone untrusted?
    Wth Qubes you do it all securely in a disposable VM and your personal files are safe. The worst thing which might happen is that the disposable VM breaks.

  2. Were you ever concerned about opening your online banking/entering your credit card in the same browser where you go to random websites? Actually, even when the browsers are different it can be a problem on a monolithic OS!
    On Qubes OS, you open those things in separate VMs, isolated with hardware, not software. It’s often better than physical (air-gap) isolation. Recommended by Snowden.

  3. Are you tired of remembering tens of complicated passwords? On Qubes OS, you can save all your passwords in a text file (in a dedicated offline VM) and copy them into the necessary fields (in other VMs) whenever needed. No viruses or ransomware will have access to them.
    (Not necessarily the most secure way I guess but much more secure than anything else outside Qubes, isn’t it? Most people probably have a worse workflow here, such as reusing the same passwords.)

  4. Were you ever experiencing that something breaks after an update or after installing some software? On Qubes OS only a virtual machine breaks in such cases, and it can be easily, securely backed up and restored with a few clicks. Even if you forgot to make a backup this time it’s possible to restore from automatic backups, which are preconfigured.

  5. Do you prefer a certain GNU/Linux distribution, but something forces you to use another one, or Windows? On Qubes you can run many Linux distributions at the same time with a unified, simple interface. That important Windows program should also work in the corresponding Windows VM.

  6. Do you feel concerned that some software you must run (or Windows itself) sends telemetry or unknown stuff to some servers outside of your control? On Qubes OS, you have a Firewall with a simple GUI enforcing any rules on any VM.

  7. Did you hear stories that cameras or microphones in your laptop can be switched on remotely by malicious actors without your consent? On Qubes OS, you choose which VM has access to the camera and microphone, or you choose none. The Admin VM has no Internet.

  8. Do you want to be anonymous on the Internet? One of the best modern solutions, Whonix with disposable VM, is available on Qubes OS out of the box. Alternative solution would be Tails, but it’s much less convenient and requires to reboot your system each time.

  9. Are you tired of entering your super-long root password every time you do something? On Qubes, you don’t need a root password at all, because security is enforced on a lower level, level of hardware isolation. Just type sudo and run whatever you need.

  10. Do you feel that your work is not well separated from your personal life on your machine? With Qubes OS, you can have separate, independent VMs for them. You start and stop them independently, they don’t interfere with each other. If one is damaged/compromised, the other one will still be fine. Of course, you can have (much) more than two enclaves like those with a unified, simple interface.

2 Likes

This has worked for me in presentations:

  1. Connect Linux laptop (#1) to projector.
  2. Start presentation.
  3. Start talking about security benefits of dividing work between
    different machines - (compartmentalisation is too long a word)
  4. Explain benefits of using offline machine.
  5. Pull out second laptop(#2), connect to projector. Show it is offline.
  6. Need for Windows - pull out third laptop(#3) - connect.
  7. Show favourite(!) corporate windows program.
  8. Talk about transferring data.
  9. Move data to USB, reattach laptop#1, and show data there
    10, 11, 12 …

Depending on how many laptops you have, and how much time, you can
keep this going for a while.
Soon two things happen:
Some people start laughing at the unwieldiness.
Some people realise you have stopped “changing” laptops, or are using
the “wrong” laptop.

Then, “Wouldn’t it be great if you could do all this in one machine?”
Reveal Qubes - go through all the things you just talked about.

You need to be able to carry this off - timing is important, and it
takes a fair bit of practice.
Having two separate Windows versions is great, and making sure you have
different desktops for the Linux “machines” essential.

4 Likes

Awesome!

1 Like

Awesome!

Indeed!

Definitely, the idea of having multiple “laptops” in one laptop is incredibly appealing. I’ve got every OS imaginable on my Qubes GPD Win Max (absolute TANK of a laptop, by the way), and it is awesome being able to run literally ANY piece of software known to mankind.

I have also used port forwarding to run my company’s servers inside Qubes before (separate VMs for web, mail, jitsi, and LDAP, all on the same piece of hardware, but compartmentalised). I have had pen testers actually think that they were interacting with a fully-fledged server room, when in fact it was all on a single old laptop I had lying around!

AND I had it connected to my TV at the same time, and used another VM to run VLC to watch movies :upside_down_face:

Because I opened ports to the outside world, I have had VMs compromised (crypto-miner, ssh spoofer, and they got the VMs SSL keys) in the past, so I can definitely vouch for the Qubes OS model. I would have been so much worse had I been running anything except Qubes OS!

1 Like

I think Qubes, but more so (Xen/)GNU/Linux has a long way to go before even the tech-savvy users would consider Qubes as a daily driver. Also the hardware in laptops-- a future standard fast CPU, SSDs, and 16GB of RAM would probably be the baseline to ensure people don’t feel like they’re using a dinosaur computer from the 2000s.

That being said, I think the best selling point to more average users is the workflow that Qubes provides.

One Qube for School, one for Work, one for Finances, one has your photos. It’s so easy for me to be organized and not get distracted. My School browser has school-related bookmarks. My Finances browser only has my discount broker. My media VM has my photos, and I don’t have to go hunting for a long-lost jpeg that I can’t remember if I moved to Desktop/ or Pictures/ or ~/many/levels/deep/.

To me, this is how desktop computers were meant to be used; Windows and Mac OS leave you with bloated Downloads/ folders, and that’s it. Besides, if a program is slow to open in Qubes, or you need to reinstall something, you don’t need to waste time in System Preferences or Activity Monitor-- just restore a Qube (I think this is possible?) or create a new one.

I’d be wary of introducing Qubes via (harsh) truths like “any USB you plug into your normal OS could compromise your machine.” This is not fun to think about, it is technical, and will simply drive people towards not caring enough (i.e. “I have nothing to hide,” or “nobody will target me”).

One advantage that Qubes has towards more widespread adoption is that it perhaps epitomizes the role of technology in industrialized societies.

First, Qubes is abstract. The concepts of a hypervisor and a virtual machine, which provide the backbone for Qubes, are incredibly abstract, especially to those who treat computers as, “I type my document and click print, then I check my email.” Why is abstraction relevant? Because industrialized societies, especially in technological and financial sectors, have almost always everywhere tended to get more abstract. I’ll give in examples in a second, but the main idea is that because industrialized societies have gotten more abstract, that abstraction is in some way important to people. If Qubes also grows more abstract, people will enjoy it in the same way they have been enjoying the various abstractions of industrialized society.

The best example of an abstraction is in money. Money began in Mesopotamia as quantities of grain. Grain is very concrete. It is physical, and you and others can eat it. Fast forward, and money became pretty shells. Shells are still physical, and they’re at least pretty-- but you can’t eat them or use them for anything meaningful. So the purpose and symbol of money has grown more abstract: first it was something very useful (edible grain), and then it was something only slightly useful (pretty shells). Fast forward again, and the physical objects defined as money (coins, bills) are not useful at all beyond the value given to them by a government. Some may enjoy the “gold aesthetic,” but that is surely less naturally pretty than a colorful sea shell.

Fast forward to cryptocurrency-- the epitome of abstractified money. Bitcoin is so abstract that it’s ephemeral. Unlike all past forms of money, it’s not physical. Ether-eum is literally ether-eal.

All this to say that Xen and Qubes are other examples of humanity pushing the bounds of abstraction. People need abstractification in modern cultures, so a more abstractified Qubes (not necessarily difficult to use, although some Linux users certainly seem to enjoy the sado-masochism that comes with minimalist programs) will be more popular.

Qubes also mimics other aspects of industrialized society. For example, the notion of a “cube” itself, of packaging everything into little boxes and containers perfect for single tasks. There isn’t room to go into it here, but the psychology underlying our culture’s trend towards dividing things up and consuming them is a very powerful current that will only go stronger. Take Bitcoin “blocks” or Chia “plots” or a hyper-organized smartphone home screen as examples.

A lot of trends in our modern culture are exhibited in Qubes. This is because Qubes was built by people in modern culture. By leaning more into those trends, Qubes devs can make Qubes more popular. Anybody should feel free to DM me if they’d like a deeper psychosocial explanation of the symbols underlying our culture.

2 Likes

That was incredibly deep. You’re absolutely right about abstractification.

If I’m having a conversation with someone about “online privacy”, and they bring up the old “I’m not doing anything illegal, and I’ve got nothing to hide”, I usually will grab their bag/wallet/whatever is in their pockets, open it up and start digging through it (without asking them, obviously). Then, when they ask “what the #$% are you doing!!!”, I just say “You just said you have nothing to hide. I’m confused…”

If I’m in their house, I might even go to their fridge and start eating their food. Just something that will “overstep social etiquette” and make them liken online privacy to privacy in real life.

It usually makes them realise that privacy isn’t about having something to hide. It’s about the fact that nobody likes nosey people (stickybeaks), and once they realise that the overwhelming majority of software these days is insanely nosey, they usually get the picture :grinning_face_with_smiling_eyes:

Qubes OS is about letting people see only the parts of you (and your computer) that you PERMIT them to see. It’s also about ensuring that they cannot see anything without your knowledge. It means that you can be online (which is essentially, accessing someone else’s computer using someone else’s wires) on YOUR terms.

It’s obviously about so much more than that, though. I deploy it on all my company’s work laptops as standard, and it allows my staff to use their work laptop as a personal laptop. Our work laptops are used for AI, computer vision, image rendering, compiling, etc., so they’re very VERY well-resourced, and I hate the idea of all that raw power going to waste. Most employees are shocked that I’m cool with them gaming and looking up p$#n on work laptops (provided they’re not done in the Work Qube :roll_eyes:), and it helps them be more productive.

A lot of them have actually deployed live malware inside disposable Whonix VMs, just to see what they do, which I think is kind of cool (I have HEAVILY restricted their Work Qube). It desensitises them to threats, and makes them think rationally, instead of thinking that anyone opening a terminal is “hacking”…

2 Likes

This is missing the point of privacy. Surveillance harms journalism and activism, making the government too powerful and not accountable. If only activists and journalists will try to have the privacy, it will be much easier to target them. Everyone should have privacy to protect them. It’s sort of like freedom of speech is necessary not just for journalists, but for everyone, even if you have nothing to say.

1 Like

This. I tried to explain that to some people and they indeed get interested in Qubes after that.

Sounds like the perfect plot for a Mr. Bean sketch stumbling over the whole equipment and tearing off all the cables while performing this.
(Unfortunately Mr. Atkinsons hourly fees are not that affordable. :wink: )

Well, that too, for sure. I was making an example that was likely to appeal more to the “everyday” person who isn’t being targeted by the Lazarus Group :slightly_smiling_face:

hello :upside_down_face:

1 Like