QubesOS on VPS Hosting

I am looking at using dedicated hosting through OVHCloud to run a Qubes OS remote environment. The idea is to set up a secure, encrypted connection to the VPS to perform sensitive work remotely, which is useful for improving security of mobile devices and laptops and anything else that could temporarily connect for some search requests then disconnect when the info is received.

Is this reasonable to do? Does this actually improve or harden security in any way? What could be some alternative use cases for something like this?

If I understand correctly, your scenario is that you have some kind of portable device with you, and you use that portable device to fully control a Qubes OS installation remotely.

Either the device you have with you is less secure than the remote Qubes installation, or it is not.

  1. If it is less secure, then you are trying to use something less secure to fully control something more secure, which simply weakens the more secure thing and brings it down to the level of the less secure thing that has full control.
  2. If it is not less secure, then you don’t need remote Qubes, because the device you have with you is already just as (or more) secure.

The point of Qubes is to allow you to have a secure endpoint. If you already have a secure endpoint, you don’t need remote Qubes. But if you don’t already have a secure endpoint, then you can’t use what you don’t have to remotely control Qubes securely.

1 Like

There are cases where a remote point is useful - e.g where there are
limitations on the local machine - storage, memory, processing power.
In that case it does make sense to use your local machine to access a
remote Qubes. It does not, I think, “improve or harden security” for the
system as a whole - the local machine may be improved if it is used
solely as a viewer, so any exploits etc hit the remote, but you will need
to add in to the equation the fact that you have lost control over a
major part of your system (consider the system as a whole).
If this is all OP is aiming for then Qubes on the remote is probably
overkill - one could simply run a stock system on cheapest possible
(trusted) hosting, and reset it after use. It’s quick and easy, and
offsets the risk(s) to your local machine to what is effectively a
disposable remote.
I don’t see what advantage running a remote Qubes would bring from
what has been said so far.

I never presume to speak for the Qubes team. When I comment in the Forum or in the mailing lists I speak for myself.

“where there are limitations on the local machine - storage, memory, processing power.” - Unman the Remarkable

You are correct, this was the purpose of the post. I may have mis-worded my question, but I was essentially wanting to assess the security of doing this, because this is what may be necessary for certain privacy-related solutions to work effectively.

The point is to use a device designed with specific architecture for the AI that runs the device, for optimized processing. The device (developed internally at some time, with as little 3rd party interaction as possible) collects and processes information as accurately as technology allows. The information is only moved from one entity or storage medium to another when the originator of the data experience (or collection of data/information able to be directly recorded at that time) reviews, understands, and then transmits that information. Larger processing tasks could be sent to either a home location (using LoRaWAN or other data transfers that can use Quantum-Resistant Encryptions) or a local data processing node.

The overall goal is to allow AI to operate in sync with the Operators that use the AI, and to DEcentralize AI profiling, as the centralization and general application of rules inevitably results in inaccurate profiles of people. Not only this, but the view from the AI’s larger, more general perspective is likely causing it to become more de-coherent with human reasoning, motivations, and underlying purpose for behavior. I believe this new data perspective will be important in AI’s overall progression in understanding our behaviors… but there are 0bvious risks with all of this. So it ALL needs to be explored and we need to reasonably mitigate for these issues. Security and Privacy are big ones, clearly.

The way I see it, human data such as human experiences and human responses to those experiences (such as emotional, psychological, social, etc) needs far greater accuracy in order to solve AI alignment. We have a very serious issue with hyper-intelligence forces that are performing badly in terms of emotional, motivational, and personality quotients… controlling essentially all the information being put out as well as the daily interactions that are known to the world. AI is our human record-keeper, and we are failing our duty to give accurate record.

But even if we obtain a perfect record, or nearly perfect, we still need to resolve the issue of who should be made aware of what, and how that process is done (as well as future modifications to the process, if any) would also need to be discussed.

Truthfully, the project is quite immense in overall scope. I want to address the big problems people say “Sure, 0bviously we need to do that, but it’s too big to work on”. Because while it may be big, we have tools to handle things like this. I just think the conversation has been private and localized for far too long, and when it is taken to the internet, it is often disorganized and chaotic in nature. But there is reason in all of the chaos, just a bit harder to extrapolate. I want to work with AI tools to plan for these issues and mitigate for it as much as possible, while also developing solutions that are separate from market influence as much as possible, so as to not artificially modify project alignment.

This means that it will, at least in some capacity, need to operate as a non-profit or even volunteer-based work. I believe I have identified the correct public sectors that could reasonably be involved in the project work at various stages, with the overall goal of giving every individual in the world opportunity and complete capacity to provide help to the work as it aligns with them, receive help from the work in general, as well as provide opportunities for individuals to align with project goals in an environment with greater collaboration and cooperation for positive outcomes.