I just joined this forum, but have been a long time admirer of Qubes. I want to install it as my main OS on my new custom PC.
My current setup is dual booting Win11 and Fedora. My new custom PC is an AMD build that consists of 9950X, RX 7600 XT and 32GB DDR5.
This is my productivity workstation for programming and accounting, which means I am (unfortunately) obligated to use proprietary software that is only available on Windows. That is the sole reason why current setup is dual booting Windows and Fedora.
I saw that QWT has been disabled with 4.2 release. Can anyone instruct me is it possible to use Qubes with Windows 11 Pro? If it is possible, I would buy a new license for W11P and activate it into the W11P VM.
I have dual 4K monitor setup and the way I would prefer Qubes to function in my particular use case is that W11P runs full screen on one monitor, and Fedora or other Linux distro runs on second monitor. I would need copy/paste functionality and file-sharing option in order to make my workflow as efficient as possible.
The risk under Qubes seems far less than risk with Windows installed on “bare-metal”.
Do you think there will be any compatibility issues with functionality of W11P after the official update for QWT becomes available? Reading github discussion implies that it will be available soon - that means everything and nothing, which means users like myself have to accept the risk and use Qubes as you described until the official update is available.
Moreover, can you tell me is it possible to purchase W11P license and activate it within the qube? If yes, are there any potential threats of losing the license if user experiences issue with qube or updates and reinstalls it?
You mean if you’ll have issues when updating the old QWT to the new QWT?
Possible, but it should be fixable like removing the old QWT and features from the qube before installing new QWT. Just make sure to clone the qube before trying to update the QWT to check how it works.
No problem with licensing and activating the license. I am doing that routinely for Windows 7, 10, and 11, and it works even if you take a license for Windows under Qubes R4.1 and apply it to the same Windows under R4.2. Just make sure that you don’t use the same license for VMs running in parallel, which is especially important if you install Windows as a template, as any AppVM based on that template shares the same license.
My best course of action for current workflow will be installing 4.2.2 and activating W11P license that I bought as well as using “not-trusted” QWT for easier data transfer and efficiency.
Are you using Qubes just for the virtualization? If so then you should be fine, but do know that using W*ndows at all will completely break any security/privacy provided by Qubes. You’d essentially be as vulnerable as any other W*ndows user, except for maybe better protection against skript kiddie viruses.
M*cro$oft has become one of the main arms of the illuminaty’s global orwellian mass surveillance apparatus. If somebody has a folder full of 0days for Xen hypervisor, it’s our ol’ boy Billy Gates.
edit: By the way what software are they making you use for “programming and accounting” that doesn’t have a Linux alternative? Asking (a) out of curiosity and (b) because if it’s something graphics-intensive you may need to venture into the land of GPU passthrough to get it working (which may or may not work with your current hardware configuration). Typically things that keep people shackled to W*ndows are GPU-intensive things like games and photo/video editors
I am using Qubes because it will give me security and ability to use 2 separate OSes at once without having to dual boot and stop my workflow. I want to use Linux exclusively, but currently don’t have that luxury.
edit: By the way what software are they making you use for “programming and accounting” that doesn’t have a Linux alternative? Asking (a) out of curiosity and (b) because if it’s something graphics-intensive you may need to venture into the land of GPU passthrough to get it working (which may or may not work with your current hardware configuration).
A) for programming I am well covered and under current setup have everything setup for development with PyCharm and access to files from servers which are running Windows (smaller company where Windows is OS of choice for everything and everyone).
For accounting there is one software which most companies use; it is really good, but only available on Windows. Moreover, support for certificates provided by government to access Tax Authorities website and other public websites with a need of signing in as a company is provided for Windows mainly - some public bodies also allow Linux but the support is inconsistent and laggy. Until this is solved, I will have to continue using Windows.
I should add that virtually all of my clients use MacOS and documents they have are Office documents which, for some reason, always look different when I open them in LibreOffice. I am trying to get everyone to switch to open source and free software, but as all of you know, people got used to their OS (MacOS/Windows) and don’t want to change their workflow.
Regarding hardware, as you can see from my build specifications in post #1, I choose AMD for CPU and GPU as I read that support is amazing out-of-box. I hope there will not be any compatibility issues.
You may be overly pessimistic here. There is a difference between existing and exploitable security-relevant bugs. While I would prefer if Qubes could be based on some verified microkernel instead of Xen, which has quite a lot of such bugs (see the XSA tracker), most of them are not relevant in the context of Qubes, because Qubes uses only a carefully selected subset of Xen’s functionality and shields itself and the VMs from most of Xen and its bugs. So, currently, only 110 of the 456 bugs, i.e. about a quarter, listed in the XSA tracker are relevant for Qubes, and these bugs have been fixed or at least mitigated by the corresponding Qubes security bulletins and the fixes applied therein.
Furthermore, defeating security functions in Qubes requires malware in a VM to break out of the VM and cross the hardware security barrier between Ring 1, where the VM is running, and Ring 0, where Xen runs. This is not possible without an unpatched hole in Xen or a failure in the X86_64 architecture. Both are not impossible and probably exist to some extent, but finding and exploiting them is an order of magnitude more difficult than finding a Windows exploit.
So, while I would not bet on Qubes protecting against an adversary like NSA, or Mossad, or similar, concerning most attackers the security of Qubes could be regarded as much better than that of Windows, even if Windows is running in a VM in Qubes.
