QubesOS User Profiles (à la Tails Personas)

Hi everyone! Taking some inspiration from Tails’ user personas, I think it might be useful if we tried to define the profiles of people who might want to use QubesOS. This should include the real-world circumstances that such a person might find themself in as well as the needs which QubesOS can (or should) meet.


To get things started, here are 3 that I can think of:

  1. The Stalked

This person is being harassed by a specific individiual or set of individuals (perhaps a scorned lover or colleague). The threat is somebody with a personal grudge so causing havoc in the person’s life is the primary goal; a cheap DoS will be more effective and safer for them than draining a bank account, even though they don’t “get anything” out of the DoS. The threat potentially has a high level of technical knowledge (perhaps they are a cybersecurity professional) but does not have significant resources (they might be wealthy on an individual level, but lack the resources of governments or businesses).

QubesOS can help protect this person by following the refrain of “security by compartmentalization” (which I won’t expand on much because much has already been said about it). In addition, the easy access to Tor will help hide (at least some of) their browsing activity from an attacker who can probably compromise a home router.

  1. The Targetting Evader

This person does not want targetted ads. Perhaps they were previously engrossed in an unhealthy corner of the internet, and ad targetting has tried to pull them back into it after they escaped. This person does not necessarily object to ads in principle: they might be fine with banner ads based on the contents of the page or general advertisements that go to the most popular sites, they just don’t want advertising based on a detailed understanding of their browsing history.

QubesOS can help protect this person by making it easy to separate and/or get rid of trackers. Separation happens with the traditional compartmentalization logic: use a separate qube for logging into Facebook as you do for shopping on Amazon. It also makes it easy to get rid of trackers by using disposables for the majority of browsing activity.

  1. The Developer

While QubesOS is rightfully associated with security as a primary focus, it is rather unique in that it uses Xen on a desktop distribution. This is done to facilitate security by compartmentalization, but developers find it useful to have clean environments for testing (disposables), to share preconfigured environments (templates), etc.

QubesOS helps this person manage their work by minimizing the cost of VM start-up and creation as well as providing integrated tools for interacting with VMs as a user (not all developers whi might want to make use of VMs are VM developers).


You might be looking for this page:


There was a blog article from Kyle Rankin focusing on threat models:

Relevant quote:

1 Like