I’m looking to purchase Qubes Certified Hardware from Nitrokey. I’m wondering how much RAM I will need to run qubes-whonix smoothly. The documentation says a minimum of 6 and ideally 16. Is 16 GB enough or should I pay for more RAM for it to run well? I’m familiar with virtualization on other platforms but not linux and my philosophy is the more RAM the better. But Linux to my understanding it very fast and might be fine with just 16 GB. What are the communities thoughts?
Usually yes (for general browsing, computing, word processor, image editing, …).
Yes. Unless you are worried about battery life/electricity consumption. As a rule of thumb, each memory module could consume around 5W (refer to its datasheet).
Yes
Users have different needs. Some might need to run multiple instances of Microsoft Windows guests. Those would need a lot of memory. Having a definitive answer would be highly unlikely.
If you are using only Qubes-Whonix, 16 GB of RAM is enough.
No.
It depends what you will run in parallel.
I’ve been using Qubes OS on a 8 GB machine, it was fine to run firefox in 2 qubes and some light programs. I have to admit 8 GB was tight, but it was totally usable.
16 GB is fine, but it still depend what you are doing exactly. For running tor-browser behind sys-whonix, this is more than enough.
This work should be mentioned:
There is never enough RAM. Seriously, I would recommend 32GB or more. 16GB will work, but it can hit some limits and make your workflow a bit uncomfortable. Then you have to shut down some VMs to free up RAM for others, and so on and so forth. So it also depends on how many VMs you want to use and what you are doing. That said, 16GB will work, personal recommendation is to go with 32GB or more.
I use a laptop with only 16GB of ram and I have no problem running an average workload.
I think that’s enough if you’re just using the browser, ssh to execute some commands on the vps
I don’t know what you’re doing but it sounds like you could be running all your qubes at the same time, all apps running at all times and this isn’t good opsec if that’s what you’re doing. It’s similar to how most people are using Google Chrome and have 20+ tabs running with different apps and they never turn off the computer and they delay updates for months just so they don’t have to turn off all the apps.
In Whonix docs it says you can get deanonymized if you are browsing internet using whonix in one vm/qube and vpn and another browser in another vm/qube. They recommend that you only do one of these things at a time. So if you are done browsing tor then turn whonix workstation off and then turn on the vpn browsing qube.
This also has the additional benefit of requiring a lot less RAM.
This depends on your work, your threat model, and also keep in mind that Whonix supports stream isolation, so multiple activities can actually increase traffic analysis protection. I agree with you that your security is always as good as your weakest link. So running activity on a VPN and Whonix VM for one activity/identity is bad. But running a VM 24/7 like a cryptocurrency node, doing activity B on Tor Browser, and chatting with family on activity C should not be a big problem if your threat model is not that crazy. There are also activities that will eat up 64GB on their own. It all depends on your use case.
Also, please send me the link to the Whonix wiki that mentions this. I am pretty sure you have mixed things up here.