Kicksecure vs. Mirage

No, I’m not saying that there’s no difference between Linux, which allows for a speed test of 1Gbit/s, and Mirage, which has less. I tried to explain that I suppose this is due to a feature that was not implemented in Mirage (I only suppose because if I turn off the offload on Linux I have similar bandwidth with Mirage). But as a daily driver I can’t see a difference, e.g, for video meetings, mails, and web access, I don’t notice network lags (for video meetings, the bottleneck seems to be my firefox AppVM browser), nor 100%CPU usage for mirage.

Yes, by others, I mean other users of the Mirage firewall. Personally, I don’t want to target anyone nor force anyone to use Mirage, but I always try to listen to requests for features or bug reports. My limited spare time on the project allows me to fix some issues, but unfortunately not all of them.

Recently, some users on this forum have indicated that they would like to test Mirage, but find the installation procedure too complex or daunting. The solution seems to be to produce an RPM with Qubes-builder, but I don’t have the time to improve my skills with this tool (however, if anyone else would like to do so, I can assist, please anyone, come here ).

Regarding speed tests, it’s on my to-do list, but not a high priority, because I feel the improvement is mainly noticeable for this measurement tool, or for downloading large files (excluding torrent-type protocols).
Other improvement on my to-do list are IPv6 support, and multicore support.
And finally, I try to improve bandwidth for qubes-mirage-ovpn (a OpenVPN tunnel unikernel), and qubes-mirage-dnshole (a PiHole inspired unikernel).

I don’t think it’s fair to do such comparison. Speed vs stability etc.
I personally can’t even consider most VPNs because of the speed limit it. For many it may not be the issue but for me it is. Same with Mirage.
It’s not like without Mirage there’s a security issue, right? I mean, if I would trade convenience I would use regular linux distro at best.
Wish you the best with this project though. Maybe I’ll use it one day too.

If mirage is limiting speed then it’s a great concern for users with home servers and qubesos with one NIC that is used for both internet and lan.
Thanks to this thread i know that mirage isn’t for me.

Which is the most painful thing, especially if you need this large file for the current task, not just downloading something in the background for later.

I absolutely agree with you that current speeds are sufficient for casual computing, but speed and efficiency must be one of the higher priorities for a firewall. Besides, don’t you think that people who would appreciate higher speed are the same people that appreciate statelessness and higher security?

This all of course should be taken lightly. Everybody can talk on a forum, but you are the one writing the code. Good luck with this project and don’t listen to the newbs complaining about installation too much.

Trading security for convenience might end up been a slippery slope.

There are certainly security risks that Mirage OS eliminates. If you read earlier posts on this thread, this is something we discussed here.

Yes, in the case of transferring large files over the local network Mirage OS will be limiting.

You didn’t get it. I’m saying I’m not trading convenience for security otherwise I would use regular disrto. Or did I get you wrong?
Risks are everywhere even when you’re doing nothing. I was talking about a real secure issue using hardened distro as sys-net vs mirage at present times.

And I read the entire thread. I’m not saying it’s bad or that it’s worse, but it really feels like you’re saying that Mirage is better. unikernel etc reducing risks, sure, but it’s always good to see the entire picture, otherwise it’s gonna be best to not use any type of computer device