Really disposable (RAM based) qubes

It would be great to have this integrated into Qubes OS directly instead of a third-party script. People with threat models higher than average might be worse off if they do not manage to find this thread (or don’t know that this could help them). I for one need protection against forensics and this is integral to it, and I hope it is merged into Qubes OS as soon as the devs can.

2 Likes

Maybe just the simplicity of having @unman 's GUI install it, but I don’t see how that could be solved since this is a standalone script and not salted. Suppose if anything @ben-grande might consider working a varient up for Qusal.

Agree, the new laptop generation with DDR5 and up to 96GB RAM shows that RAM should not be any issue for Qubes OS anymore (in the upcoming years).

Maybe it is worth to summarize some cons and pros of really disposable qubes vs. default disposable qubes ?

Attribute Disposable RAM qube Default disposable qube Comment

It would be nice if devs put in some thoughts and also comment on a possible implementation effort.

1 Like

I for one need protection against forensics and this is integral to it, and I hope it is merged into Qubes OS as soon as the devs can.

This tool was never aimed to be anti-forensic and it can’t be relied on as such. Details were explained previously in the thread.

1 Like

It should, in theory. I haven’t managed to comment that proves it otherwise (sorry, would be great if you could point towards it), but having a VM which is completely ephemeral, and run on encrypted, plausibly deniable storage for assets it needs access to, will make them a part of good security posture for individuals who need them.

It’s essentially akin to the live-images of most desktop distros and how they don’t leave any trace after shutting them down.

It should, in theory.

Well, it actually does in practice but that is a partial side effect, not essential functionality, i.e. a non-goal. Partial = it removes the domU itself but traces of its existence remain in dom0’s logs due to how the whole system works. Additionally, the safety of domU’s erasure depends on how the RAM-based disposable is shut down. If you initiate a system reboot/shutdown while the qube is running, the cleanup part won’t work (hence one of the additional scripts).