Currently using a Dell/Windows 10 that’s not hardware compatible for Windows 11. Considering a change. I’m a user who knows just enough to get online and use Word and Excel, not much else. Not a gamer. Biggest concern is security and privacy. Is switching from MS/Intel to
AMD/ Qubes OS a good option?. Advice needed. Thanks.
1 Like
I doubt anyone can definitively say that AMD will somehow be more private/secure than Intel.
2 Likes
switch from windows to qubes for novice users can be very challenging. while this OS is reasonably secure some basic experience with unix based operating systems should be present.
the switch from intel to amd: buying new hardware should not be necessary, although qubes is by its virtualization nature very hardware demanding. note that dedicated graphic adapters especially nvidia are hard to implement (installing drivers makes OS potentially less secure).
to keep frustration low maybe getting used to a linux distro like debian or fedora is a good start. the main templates are based on those two.
1 Like
not advocating for microsoft here, but its possible to bypass windows 11s checks for “compatible” hardware, most of the things are made up by microsoft for their security theater. 
1 Like
Seasoned Linux user can find Qubes challenging at times, but for security it is unmatched (as is Tails for privacy).
If really interested in going down the rabbit hole to Qubes starting with Debian would be a great place to start versus Qubes, that uses a collection of different operating system (Debian, Fedora, and Whonix).
If simply looking for something more secure that Windows, pretty much any Linux will get you there. If you want to simply get online and use something like Word and Excel (Libreoffice is the typical office suite used in Linux) then MX Linux, based upon Debian and setup for immediate use, is where I’d recommend to start.
1 Like
If really interested in going down the rabbit hole to Qubes starting with Debian would be a great place to start versus Qubes , that uses a collection of different operating system (Debian , Fedora , and Whonix ).
I wouldn’t recommend Debian. It is the worst possible one to start with. Both because it ships really outdated packages and also teaches the user bad practices. Fedora is a much saner option.
If simply looking for something more secure that Windows, pretty much any Linux will get you there.
No, Linux is not magically more secure than Windows.
1 Like
So True. Not Debian.
Keep in mind that Security is not a little harder than running a wide open Operating System, such as Windows, that is partially configured to help Surveillance Capitalism, thereby leaving all kinds of ways for Malware to be installed on your computer. Implementing Security is a whole lot more detailed.
I would say, Intel for a main processor. I read that AMD also has security holes, just they are not as well known, or protected against.
Try not to -absolutely- rely on Qubes right away. Or purchase an expensive computer to use Qubes, while you are learning. But it is nice to have a computer devoted to learning Qubes for awhile.
I like the video: Qubes OS: The Operating System That Can Protect You Even If You Get Hacked : tubeup.py : Free Download, Borrow, and Streaming : Internet Archive
You might not get all the video has to say the first time watching, but after using Qubes for a bit, then a lot of it becomes more clear.
Which used to have a link on the Qubes OS Documentation Videos, but that link did not work for me. The link I found works.
1 Like
Grateful for all the advice/suggestions. Some follow up questions for everyone. If I stay with Intel, what can be done to plug the security holes? What Intel processor/desktop is recommended? Prefer a higher end model. Would I just wipe the Windows 11 OS and install Linux? How is that done? Is the TOR browser included in the Linux distros? Currently using presearch. Pro/Cons? Any suggestions on secure email?
https://www.pcmag.com/how-to/how-to-make-the-switch-from-windows-to-linux
PC Mag suggested Linux Mint: “That’s why I recommend starting with Linux Mint for your first Linux installation. Linux Mint is a perfect in-between option: it’s designed for beginners, offers a familiar desktop environment, and it’s based on Ubuntu, so you can make use of the enormous Ubuntu/Mint community when you need help.”
Apologize for the barrage of questions. Hard to find anybody to help me figure this out. I welcome the learning curve. Recommendations welcome.
1 Like
What can be done to plug the security holes?
What hole?
What Intel processor/desktop is recommended? Prefer a higher end model.
Intel vPro Enterprise CPUs 12th gen or later.
Would I just wipe the Windows 11 OS and install Linux?
Sure, just do it from their installer.
Is the TOR browser included in the Linux distros?
Most have them via the package manager, or you can use the Flatpak one.
PC Mag suggested Linux Mint: “That’s why I recommend starting with Linux Mint for your first Linux installation. Linux Mint is a perfect in-between option: it’s designed for beginners, offers a familiar desktop environment, and it’s based on Ubuntu, so you can make use of the enormous Ubuntu/Mint community when you need help.”
No. Linux Mint runs on X11, so you lose all meaningful separation between apps. App sandboxing is practically futile on anything running on X11. Also, it is yet another Ubuntu based distro so it will just teach you bad practices when you start out as a new user.
You are better off starting with Fedora with GNOME where it has reasonably sane defaults, up to date packages and will teach you how to use Linux properly.
1 Like
Linux Mint is a good starting point. MX Linux is better finished. Debian has the stability of a rock (not the latest but if it has to work this is the way). Bleeding edge may not be for the faint of heart. Check out the link below on all the Linux distributions
There have been situations in the past when Intel CPUs received patches for security vulnerabilities in a timely fashion while AMD CPUs did not, mainly because Intel CPUs allow for microcode updates to be loaded by the OS, while AMD CPU microcode updates (for the AMD CPUs that are likely to be used with Qubes in practice) are shipped only as part of system firmware. These AMD users are effectively at the mercy of OEMs, ODMs, and motherboard manufacturers to patch such security vulnerabilities (which often isn’t done in a timely fashion and can vary significantly by vendor). Example:
2 Likes
I agree Intel’s patch philosophy is preferable (also much more necessary, in light of the dumpster fire that was the past decade of their products, security wise), but considering AMD is now shipping 40+% of all new hyperscale DC CPUs, and they all share the same parts, I doubt the “they’re just not getting attention” thing is still true.