Is cloud computing (with Oracle or AWS) or a physical cluster of CPUs that Xen could run on top of possible? Would there be more security benefits than risks? Renting a cloud or buying several SBCs could be cost effective and certain security risks like Intel ME (not present in Intel Atom) could be avoided.
If Qubes could be offered in a cloud, would Enterprise security be enhanced or, since many businesses are already running VMs for multiple desktops, is it correct to think of Qubes as a “home enterprise.”
I think home enterprise (with tor, so maybe home vessel) sounds right. But what about a physical cluster to teach students with limited resources about the fundamentals of CPU topology, containerization/kybernetes, and virtualization?
Plus, no ME and CPU architectures and brands other than Intel. Could Qubes ever run on top of any structure of RISC architecture, for example? Could cloud Qubes run on an ARM?
I’s suggest searching for “Qubes Air” in this forum, and be ready to triage between informed and less informed commentary.
Thanks. Interesting exploration. I think physical isolation of individual qubes is novel and intriguing (see USB Armory). Think of plugging in Whonix Gateway (I’ve had GW get compromised before and had to remake from template).
Discussion about Qubes Air also mentions your phone as a “viewer” of your Qubes running in the cloud. But people think having ownership of the hardware is important. One could have ownership of hardware that comprises a cloud accessed by your phone-viewer. That would be cool.
“Ownership” is more of a legal category rather than a technical barrier, however. Most hacking i’ve encountered is agnostic about the legality. If they can do it technically, then they do. You need a cyber attribution unit and a team of corporate lawyers to enforce “ownership” and then if its the Feds or a Nation State ally or enemy, they can just claim “National Security” and do whatever they want anyway. So ‘lock down’ all of your own hardware? If the software was secure, it wouldn’t matter so much what the legal category of ownership was.
Still, an SBC cluster or deluxe SBC with a top class CPU costing a few hundred rather than laptops costing over a thousand might be attractive as well as highly portable to some.