I wrote a simple intro to Qubes OS for the average Linux user, without going into too much details.
I’d be happy to receive feedback about it, in case it’s bad, if I forgot to mention something really important or whatever? 
15 Likes
It seems good to me!
one thing: whonix is hardened for security (not for privacy)
To me, whonix is about privacy. There is kick secure which is all about security.
4 Likes
In the table of contents, it appears there may be an extra space between the (1)period and Introduction, or it could just be formatting.
I’m mostly kidding, though, as it looks good to me!
1 Like
Fixed, thanks
I think this is a great idea and I’m glad you’ve taken it up. The write-up looks quite good. I do think a key facet of Qubes is missing from a number of write-ups that would be helpful to a new user to answer the “why Qubes?” quetion. I placed a simple write-up below that is simply a suggestion. Please use it however you see fit (or not).
Qubes OS is commonly described as a collection of virtual machines (VMs), and while correct, it glosses over why Qubes is unique in the Free and Open Source Software (FOSS) operating system (OS) world. We’re familiar with running an OS with one or more Docker VM containers on it, but if the OS is compromised then the entire OS and every Docker container will be compromised as well. In Qubes the VMs have very specific purposes, such as sys-usb only doing USB stuff and sys-net only doing network stuff, so if a USB malware is present it is unable to impact any other VM other than within sys-usb, and it therefore constricted from impacting any other part of the OS. This permits Qubes from being completely infected like other OS running VMs or even an air-gapped OS that has been exposed to malware, such as from an infected program. In short, Qubes rather expects to be infected at some point, but can still function normally.
1 Like
I think is this already present in the current post, maybe not as a single paragraph and there is a link to:
Thanks for your suggestion, but I don’t really like your paragraph (no offense! 
)
It talks about virtual machines and docker VM containers, people may be confused and not many understand what containers are exactly, associating it with a VM may not help (I guess for windows? I don’t know in which common case you run a VM for containers on your host system).
The rest of information is way too vague, and from experience when people read something like this, “Qubes rather expects to be infected at some point”, they immediately think it sucks with regards to security.
This could be used as a synopsis for a talk or before someone explain more, this may fit well as it creates curiosity for a reader but they will receive required explanations so it makes sense
2 Likes
No offense taken! A suggestion is simply that. And your point about that sentence is well taken.
I hadn’t seen your other write-up. If I had, I would have recommended placing that link in the write-up for those wanting to learn more.
4 Likes
This should read “This prevents Qubes from being completely…”
Apparently an odd nuance of Norman-Anglo-Saxon (otherwise known as English).
silly person - it is interpreted the same either way.
Ms Rutkowska said it better: “A number of security researchers, in my opinion, like looking for bugs in software so much … I say, don’t prioritize looking for bugs in the browser. Assume it has bugs and operate under the condition there are bugs there.”
1 Like
I beg to differ. Permit = allow, prevent = forbid. Very different. “Prevent” is wanted here. It’s really the “to” or “from” that I sometimes seem swapped from idiomatic English usage (“permit…to” and “prevent…from” are idiomatic. I sometimes see “prevent to”; but as the key word is “prevent,” the “to” makes little difference and I don’t bother mentioning it–I know prepositions are quirky going from one language to another). that makes no difference, but prevent and permit have opposite meanings.
Ita prohibeatur, ne ordo instrumenti computatorii systemate securitatis illo QubesOS institutus corrumpatur!
Without prepositions … 
2 Likes
This is great. But as a new user to Qubes, I think it is missing an important section. “Can I use Qubes as my daily OS/system”
I am happy to contribute my experience to the cause. However, I am headed to Defcon tomorrow (I live in the US, so no borders to cross to get to Las Vegas) so I probably won’t reply for a few days. But, my experience is below. To make sense of my rambling, probably need to understand a little bit about me.
Elrond is the user name I have used since I first wrote a program. (It was a Fortran program and I used punch cards. So, yes I am old.)
Given the election in the US in 2024, I decided I needed a more secure operating system. (Not that I am radical, but who knows. Radical is in the eye of the beholder …)
Anyway, I was thinking installing a type 1 hypervisor of some type to separate my personal, professional, and political activities. So, I started trying to figure out what to do and discovered Qubes. WTF, someone has already done all the work. Great!!! I had never heard of Qubes before 2025.
My laptop, on which I run Qubes, is has an Intel Ultra 165H processor, 64GB or ram and a 2TB hard drive.
Can I use Qubes as my daily OS/system?
The TLDR is: It depends. If you do asynchronous tasks where small delays don’t matter, then yes. If you need to stream meetings, use your phone. That has been the way I make it work. For example …
- I consult for a few companies. And, all want me to use their systems. Which are almost always cloud based. For those companies, Qubes works great for everything except meetings. And all of this in a Fedora Qube on Firefox
- Microsoft 365 works great. (online excel, word, powerpoint, sharepoint, all work great on Firefox in Fedora Qubes.) Basically, everything except teams meetings work great. i.e. team chat, no problem.
- Google tools work great as well. With the exception of google meet video meetings. Again, in a Fedora Qube on Firefox
- I tried to set up a specialized Zoom Qube. Assume if I got it to work with Zoom, it would also work with Google Meet and MS Teams. But, I have not been able to get it to work to my expectations. (Note, I suspect Qubes 4.3 and Fedora 42 will help but have not tested)
- I also have a windows 11 Qube. It works. I think. To be honest, I have not spend enough time using it to make sure it works. (I need to test meetings and Zoom. Have not tried either. Waiting for QWT updates)
- MS teams, Zoom, and Google meet all have the same issue for me. The sound sucks. Basically, to the other participants on the call my voice is either broken up (i.e clipping of audio) or sounds like I am in a tunnel. I can’t seem to replicate in my home between my Qubes machine an an old Mac when on the same net. (Have not tested using a vpn to simulate other parties)
- Basically, any cloud solution I needed worked as intended. Except for meetings. Streaming video and audio seem to be an issue. (At least from my perspective)
3 Likes
I had the same issues with audio in meeting until I setup a ays-audio qube to handle audio and my Bluetooth headset.
This is a fantastic idea, and I also think that this kind of attitude is much needed in the free software community - let’s think of the beginners.
I am using Qubes on my laptop for work and personal activities, as my only OS mostly and I love it (I do have a pretty old, small computer as an auxiliary on my desk).
2 Likes