Step 5: Try to walk confidently out of the elevator but slip and fall because the floor is now entirely covered in broken eggs.
Has anyone thought of something like this?
Something that shows ‘normies’ how bad things can actually get if you’re complacent.
You’re absolutely right: Having Windows under Qubes is great, but getting there may be something for the unafraid, and surely not for the average Windows user who just buys a (badly) preconfigured PC and expects to use it without too much knowledge. So currently I don’t see Qubes as a system for this type of users, although, from a technical poit of view, they need such a system very much. The HP video illustrates that nicely!
On the other hand, companies are being crippled by attacks using Emotet or such, which could be mitigated by, for instance, sanitizing incoming documents in a Qubes system before delivering them to the final user. I think, a lot of system administrators struggling with current attacks would appreciate that
if they knew about Qubes after all
if the learning curve were not that steep
if their management would allow them to use something other than the “proven” Windows systems.
So, what could we do to help these people:
Make Qubes more visible in the field. Well, that sounds like - urgh - marketing. But this need not deteriorate the honesty of Qubes, if the information provided to potential users is correct and helpful. Here it is essential to show what Qubes can achieve (security, flexibility, usability) and this much better than conventional systems. It may help to stress that Qubes is not another slightly more secure Linux system - as I have seen all too often in some magazines - but rather, as @adw put it lately, a meta operating system allowing to choose from different software environments.
Help Windows users with better integration into Qubes. Essentially this would mean a simple and robust setup of Qubes Windows Tools in a Windows VM, accompanied by a wizard helping the user to get it running without too much fuss. This surely requires some effort, especially as MS does its best to provide an unstable environment, but it may be well worth it. There may even be hope of providing seamless mode for Windows 10, as @deeplow recently put it in Windows support in Qubes.
Improve the - already very good - documentation. Here the current activities like Qubes issue #6698 are moving in the right direction, and I am fascinated to observe the progress.
Perhaps someone could even provide preconfigured systems with Qubes with Windows clients preinstalled. In my opinion, this is something the market needs, but I am very sceptical if the market is aware and if such an idea would sell.
Just my 2 cents …
Step 6: Get billed for the shoes of every person in that lift, while making a mortal foe out of the janitor.
Step 7: Get banned from using the elevator. If you work in that skyscraper, this could be worse than getting banned from the building altogether. You might be able to work around this by contracting some sort of highly transmissible virus.
- It may help to stress that Qubes is not another slightly more secure Linux system - as I have seen all too often in some magazines - but rather, as @adw put it lately, a meta operating system allowing to choose from different software environments.
I remember all too well how hard it was to describe to end customers that Drupal is a CMF (Content Management Framework) not just any CMS back when I built a couple of businesses on that…
What works is to tell people what they can do, not how - thats also where they’ll have to pay for valuable help!
Right now I’m telling family that what I’m tinkering with is this:
- Securing my crypto accounts and other financial services to a very high level
- Dividing my personal and professional world
- Stopping and/or controlling everyday surveillance
- Always using a very secure way if I need to check something that might be politically sensitive
- Turning the surveillance around, especially for my already compromised, personal data
Got Windows working in a Qube today, so that will be what I’ll show them live as “tamed” inside of the mysterious Linux world that they’ve heard about
Qubes OS elevator pitches:
Were you ever curious but afraid:
– to click on that link in the email,
– to open that email attachment,
– to go to that shady-looking website,
– to install and run that suspicious program or even a virus,
– to insert that USB stick from someone untrusted?
Wth Qubes you do it all securely in a disposable VM and your personal files are safe. The worst thing which might happen is that the disposable VM breaks.
Were you ever been concerned about opening your personal email (controlling numerous online accounts) in the same browser where you go to random websites? Actually, even when the browsers are different it can be a problem on a monolithic OS!
On Qubes OS, you open those things in separate VMs, isolated with hardware, not software. It’s often better than physical (air-gap) isolation. Recommended by Snowden.
Are you tired of managing tens of complicated passwords, or using a password manager relying on clipboard security? On Qubes OS, you can save all your passwords as plain text (in a dedicated offline VM) and securely copy them into the necessary fields (in other VMs) whenever needed. No viruses or ransomware will have access to them. You can also combine this approach with a password manager.
Were you ever experiencing that something breaks after an update or after installing some software? On Qubes OS only a virtual machine breaks in such cases, and it can be easily, securely backed up and restored with a few clicks. Even if you forgot to make a backup this time it’s possible to restore from automatic backups, which are preconfigured.
Do you prefer a certain GNU/Linux distribution, but something forces you to use another one, or Windows? On Qubes you can run many Linux distributions at the same time with a unified, simple interface. That important Windows program should also work in the corresponding Windows VM.
Do you feel concerned that some software you must run (or Windows itself) sends telemetry or unknown stuff to some servers outside of your control? On Qubes OS, you have a Firewall with a simple GUI enforcing any rules on any VM.
Did you hear stories that cameras or microphones in your laptop can be switched on remotely by malicious actors without your consent? On Qubes OS, you choose which VM has access to the camera and microphone, or you choose none. The Admin VM has no Internet.
Do you want to be anonymous on the Internet? One of the best modern solutions, Whonix with disposable VM, is available on Qubes OS out of the box. Alternative solution would be Tails, but it’s much less convenient and requires to reboot your system each time.
Are you tired of entering your super-long root password every time you do something? On Qubes, you don’t need a root password at all, because security is enforced on a lower level, level of hardware isolation. Just type
sudoand run whatever you need.
Do you feel that your work is not well separated from your personal life on your machine? With Qubes OS, you can have separate, independent VMs for them. You start and stop them independently, they don’t interfere with each other. If one is damaged/compromised, the other one will still be fine. Of course, you can have (much) more than two domains like those with a unified, simple interface; examples: one, two.
This has worked for me in presentations:
- Connect Linux laptop (#1) to projector.
- Start presentation.
- Start talking about security benefits of dividing work between
different machines - (compartmentalisation is too long a word)
- Explain benefits of using offline machine.
- Pull out second laptop(#2), connect to projector. Show it is offline.
- Need for Windows - pull out third laptop(#3) - connect.
- Show favourite(!) corporate windows program.
- Talk about transferring data.
- Move data to USB, reattach laptop#1, and show data there
10, 11, 12 …
Depending on how many laptops you have, and how much time, you can
keep this going for a while.
Soon two things happen:
Some people start laughing at the unwieldiness.
Some people realise you have stopped “changing” laptops, or are using
the “wrong” laptop.
Then, “Wouldn’t it be great if you could do all this in one machine?”
Reveal Qubes - go through all the things you just talked about.
You need to be able to carry this off - timing is important, and it
takes a fair bit of practice.
Having two separate Windows versions is great, and making sure you have
different desktops for the Linux “machines” essential.
Definitely, the idea of having multiple “laptops” in one laptop is incredibly appealing. I’ve got every OS imaginable on my Qubes GPD Win Max (absolute TANK of a laptop, by the way), and it is awesome being able to run literally ANY piece of software known to mankind.
I have also used port forwarding to run my company’s servers inside Qubes before (separate VMs for web, mail, jitsi, and LDAP, all on the same piece of hardware, but compartmentalised). I have had pen testers actually think that they were interacting with a fully-fledged server room, when in fact it was all on a single old laptop I had lying around!
AND I had it connected to my TV at the same time, and used another VM to run VLC to watch movies
Because I opened ports to the outside world, I have had VMs compromised (crypto-miner, ssh spoofer, and they got the VMs SSL keys) in the past, so I can definitely vouch for the Qubes OS model. I would have been so much worse had I been running anything except Qubes OS!
I think Qubes, but more so (Xen/)GNU/Linux has a long way to go before even the tech-savvy users would consider Qubes as a daily driver. Also the hardware in laptops-- a future standard fast CPU, SSDs, and 16GB of RAM would probably be the baseline to ensure people don’t feel like they’re using a dinosaur computer from the 2000s.
That being said, I think the best selling point to more average users is the workflow that Qubes provides.
One Qube for School, one for Work, one for Finances, one has your photos. It’s so easy for me to be organized and not get distracted. My School browser has school-related bookmarks. My Finances browser only has my discount broker. My media VM has my photos, and I don’t have to go hunting for a long-lost jpeg that I can’t remember if I moved to
To me, this is how desktop computers were meant to be used; Windows and Mac OS leave you with bloated
Downloads/ folders, and that’s it. Besides, if a program is slow to open in Qubes, or you need to reinstall something, you don’t need to waste time in System Preferences or Activity Monitor-- just restore a Qube (I think this is possible?) or create a new one.
I’d be wary of introducing Qubes via (harsh) truths like “any USB you plug into your normal OS could compromise your machine.” This is not fun to think about, it is technical, and will simply drive people towards not caring enough (i.e. “I have nothing to hide,” or “nobody will target me”).
One advantage that Qubes has towards more widespread adoption is that it perhaps epitomizes the role of technology in industrialized societies.
First, Qubes is abstract. The concepts of a hypervisor and a virtual machine, which provide the backbone for Qubes, are incredibly abstract, especially to those who treat computers as, “I type my document and click print, then I check my email.” Why is abstraction relevant? Because industrialized societies, especially in technological and financial sectors, have almost always everywhere tended to get more abstract. I’ll give in examples in a second, but the main idea is that because industrialized societies have gotten more abstract, that abstraction is in some way important to people. If Qubes also grows more abstract, people will enjoy it in the same way they have been enjoying the various abstractions of industrialized society.
The best example of an abstraction is in money. Money began in Mesopotamia as quantities of grain. Grain is very concrete. It is physical, and you and others can eat it. Fast forward, and money became pretty shells. Shells are still physical, and they’re at least pretty-- but you can’t eat them or use them for anything meaningful. So the purpose and symbol of money has grown more abstract: first it was something very useful (edible grain), and then it was something only slightly useful (pretty shells). Fast forward again, and the physical objects defined as money (coins, bills) are not useful at all beyond the value given to them by a government. Some may enjoy the “gold aesthetic,” but that is surely less naturally pretty than a colorful sea shell.
Fast forward to cryptocurrency-- the epitome of abstractified money. Bitcoin is so abstract that it’s ephemeral. Unlike all past forms of money, it’s not physical. Ether-eum is literally ether-eal.
All this to say that Xen and Qubes are other examples of humanity pushing the bounds of abstraction. People need abstractification in modern cultures, so a more abstractified Qubes (not necessarily difficult to use, although some Linux users certainly seem to enjoy the sado-masochism that comes with minimalist programs) will be more popular.
Qubes also mimics other aspects of industrialized society. For example, the notion of a “cube” itself, of packaging everything into little boxes and containers perfect for single tasks. There isn’t room to go into it here, but the psychology underlying our culture’s trend towards dividing things up and consuming them is a very powerful current that will only go stronger. Take Bitcoin “blocks” or Chia “plots” or a hyper-organized smartphone home screen as examples.
A lot of trends in our modern culture are exhibited in Qubes. This is because Qubes was built by people in modern culture. By leaning more into those trends, Qubes devs can make Qubes more popular. Anybody should feel free to DM me if they’d like a deeper psychosocial explanation of the symbols underlying our culture.
That was incredibly deep. You’re absolutely right about abstractification.
If I’m having a conversation with someone about “online privacy”, and they bring up the old “I’m not doing anything illegal, and I’ve got nothing to hide”, I usually will grab their bag/wallet/whatever is in their pockets, open it up and start digging through it (without asking them, obviously). Then, when they ask “what the #$% are you doing!!!”, I just say “You just said you have nothing to hide. I’m confused…”
If I’m in their house, I might even go to their fridge and start eating their food. Just something that will “overstep social etiquette” and make them liken online privacy to privacy in real life.
It usually makes them realise that privacy isn’t about having something to hide. It’s about the fact that nobody likes nosey people (stickybeaks), and once they realise that the overwhelming majority of software these days is insanely nosey, they usually get the picture
Qubes OS is about letting people see only the parts of you (and your computer) that you PERMIT them to see. It’s also about ensuring that they cannot see anything without your knowledge. It means that you can be online (which is essentially, accessing someone else’s computer using someone else’s wires) on YOUR terms.
It’s obviously about so much more than that, though. I deploy it on all my company’s work laptops as standard, and it allows my staff to use their work laptop as a personal laptop. Our work laptops are used for AI, computer vision, image rendering, compiling, etc., so they’re very VERY well-resourced, and I hate the idea of all that raw power going to waste. Most employees are shocked that I’m cool with them gaming and looking up p$#n on work laptops (provided they’re not done in the Work Qube ), and it helps them be more productive.
A lot of them have actually deployed live malware inside disposable Whonix VMs, just to see what they do, which I think is kind of cool (I have HEAVILY restricted their Work Qube). It desensitises them to threats, and makes them think rationally, instead of thinking that anyone opening a terminal is “hacking”…
This is missing the point of privacy. Surveillance harms journalism and activism, making the government too powerful and not accountable. If only activists and journalists will try to have the privacy, it will be much easier to target them. Everyone should have privacy to protect them. It’s sort of like freedom of speech is necessary not just for journalists, but for everyone, even if you have nothing to say.
This. I tried to explain that to some people and they indeed get interested in Qubes after that.
Sounds like the perfect plot for a Mr. Bean sketch stumbling over the whole equipment and tearing off all the cables while performing this.
(Unfortunately Mr. Atkinsons hourly fees are not that affordable. )
Well, that too, for sure. I was making an example that was likely to appeal more to the “everyday” person who isn’t being targeted by the Lazarus Group
I did something similar, mostly with good success. But recently, I got the objection: “That’s just nice for a private person trying to get a secure system. But I have to work in a complex buisness environment, and so this is not relevant / feasible for me!” Complex business environment probably meaning a full-blown Windows environment with Exchange, Sharepoint and all the other nice things locking customers in.
For now, I am trying an argumentation in the direction of “analyze your environment - find its weaknesses - find alternatives for selected / all pain points - and then switch to a reasonable alternative”. (Isn’t Ques a "reasonably secure operating system???) Let’s see how this works out.
If nothing else works, I have a plan B in my presentation: “Put a lot of money back to pay ransomware or finance longer outages - or look for a different employer.” There are always alternatives on different levels.
Ah, you’ve seen me do this.
A follow up from my previous post in this thread.
While Free software and proprietary software are usually at odds, and while Qubes and Mac would seem to be at odds, what Qubes and Mac can symbolize for people is very similar. In other words, people who use only Free software are behaving towards technology in the same underlying manner that people who don’t care about Free software behave towards technology.
For example, at the extremes of Free software advocacy, you’ll find those who only use 100% free software. They’ll get a computer with no Intel ME, flash Libreboot, and install a GNU approved OS. This “software purity” (emplified by the “Purism” company and their literal “PureOS”) is the same type of purity with which Mac users conceive of themselves in relation to Windows, and with which iOS users conceive of themselves in relation to Android.
We all know the stereotypes and memes. Macs are sleek, thin, without bloatware— clean. Windows is non-intuitive, operates on cathode-ray tube monitors, and is filled with bloatware— dirty. The same goes for iOS vs Android, and I would include PC vs xBox.
The stereotype (somewhat real, because Macs are less bloated), of Mac users’ purity is rooted in the same phenomenon that gives rise to the meme of Arch users’ purity, where Arch can become so pure due to the high level of control that users have over their system, where Arch users can remove anything they don’t like and that they don’t control. And just like Mac has Windows, Arch has Ubuntu, the bloated, normie, corporate distro tainted by Amazon.
Qubes already mimics the intense need for technological purity and control which Arch, Mac, and 100% Free users enjoy (nothing wrong with this at all, by the way). Qubes offers fine grained control over your apps, and is built upon the delight of modern consumers: a customizable, neatly packaged, compartmentalized workflow. Qubes also is very clean: templates remain untouched, as well as dom0, with the dirty things left to DispVMs, so ephemeral that they can be deleted with one click.
If need for control and purity leads people to technologies— like Mac, but also to things like voice assistants, which allegedly offer micromanagement capabilities, and micro-fiber cloths to prevent people feeling repulsed at a dusty screen— then the big question becomes, how do you get people to shift the things that they symbolize as pure? If we can shift people’s ideal of purity from the expensive, thin-bezelled, always-connected modern smartphone to the open, (relatively) minimalist, user-controlled distro, then GNU/Linux and Qubes OS would see more widespread adoption, because modern culture and modern people rely on the pure/dirty dichotomy (see: racism; rich and dirty cities; the poorer classes doing the literal “dirty work”; the gold toilet), and if their ideal of purity shifted to Qubes, they would follow it to Qubes.
My own experience with this shift from enjoying Mac to becoming disgusted with “proprietary trash” arose out of my becoming more aware about all the privacy invasions and horrible security in current technology. Crucial to my shift in symbols of purity was my anger at the institutions who created this technology and my anger at my inability to do anything meaningful about it.
So a longer-term process for getting people to use Linux and then Qubes would be to reveal to them things that would make them angry about modern technology. This would differ for each person, but it would be good to come up with an average list of things, like many of the security gaps found in normal OSes as mentioned in this thread.
Getting people to use Linux thus wouldn’t be an elevator pitch, but more like a moving airport carpet pitch. It would take a while, and you’d want to introduce people to the privacy violations, BadUSB mods, and other dangers of modern technology in a steady enough stream to keep slowly developing their anger. Most of us love technology, so people will not realize their anger consciously at first. But find something that someone really cares about, and they will get angry enough. My privacy journey started when I was shocked by the fact that the New York Times was able to buy location data of the President, and track him very precisely through Mar-a-Lago. Regardless of politics, this should not be allowed to happen, but especially not for average citizens. Someone’s newfound anger probably won’t manifest very directly, but will remain underlying. Once a person is angry enough, and will thus seek control, one needs to introduce them to Linux, Free software, and Qubes, showing them how these tools help solve the dangers of proprietary software.
In sum, modern technology is heavily tied to symbols of purity vs dirt. If you can switch people to symbols of purity that revolve around Free software, the GNU ecosystem, etc— by making them sufficiently angry about a (proprietary) technology problem that is solved by the Free ecosystem— then they will inevitably move towards using GNU/Linux distros.