Regarding "certified" hardware

User Support Hardware Issues
1

Copy pasted from github issue Improved certified hardware · Issue #7516 · QubesOS/qubes-issues · GitHub

The problem you’re addressing (if any)

Low spec certified hardware

The solution you’d like

Work with a vendor to provide higher-spec hardware

The value to a user, and who that user might be

Given the nature of qubes it swallows a lot of RAM. While people running a normal linux distro or even windows on 8-16 GB ram might be completely fine they will likely experience ram management issues on qubes (take it with a grain of salt since I only have 8). In particular I’ve seen several people mention they might need a windows qube due to company policy or some proprietary SaaS and they will most definitely start having issues.

Additionally all the certified hardware has screens 14" (nitropad t430) or much smaller which isn’t very good for most things I personally use it for in terms of gaming and videos. I wouldn’t ever personally spend the money for 32-64 gb ram and other upgrades on a laptop if it doesn’t have a >14" screen

All certified hardware only supports 16 gb ram at most

No certified hardware supports more than 1600x900, just 1920x1080 would be a major improvement

@anonaddict anonaddict added P: default T: enhancement labels 17 days ago

@DemiMarie

DemiMarie commented 17 days ago

I have 16gb RAM and I regularly run into out of memory conditions.

@brendanhoar

brendanhoar commented 16 days ago

I was very lucky when I ran into Qubes (2015? 2016?) via the Open Technology Fund (OTF) where a friend worked. Especially as I had already purchased a Thinkpad W520 in 2011 that supported 32GB TAM (4x RAM slots) once the 8GB DIMMs became available.

I find that if you must use large memory footprint HVMs (e.g. Windows) for some work, while also having several other non-sys VMs open, having at least 32GB of RAM gives breathing room that 16GB does not.

Also I do find that if/when browsers are in the mix, it’s useful to pause VMs you aren’t using (which happens to also temporarily remove them from memory balooning operations!) if time critical tasks or audio/visual work must be done in a different VM. Having the additional RAM means less fiddling with squeezing memory out of these other VMs (via several techniques) before pausing them is needed.

Anyway, the Thinkpad W520 (Sandy Bridge) and W530 (Ivy Bridge) are workhorses. Last I checked they were rather cheap on the used market. Be sure to get a quad core for 32GB RAM as some units were dual core supporting only 16GB. Then be sure the firmware is updated to the last version (2020?).

B

@andrewdavidwong

Member

andrewdavidwong commented 16 days ago

Based on our issue tracking guidelines, this does not appear to be suitable for qubes-issues . (Too general and not specifically actionable. Misunderstands how the hardware certification process works.) We ask that you please post this on the Qubes Forum or qubes-users mailing list instead. If, after reading our issue tracking guidelines, you believe we are mistaken, please leave a brief comment explaining why. We’ll be happy to take another look, and, if appropriate, reopen this issue. Thank you for your understanding.

2

Here is a way that can work:

  • @plexus already has a W530 with 32GB RAM and heads running
  • maybe some other community members (including myself) can replicate what he has done and help verify
  • him and/or Nitrokey and Insurgo could offer these devices for purchase (the more the community has done to verify it, the easier it becomes for them)
  • one of these vendors then needs to provide such a machine to the core team for ongoing verification

The exiting part here is that @plexus has already demonstrated that it’s doable. Maybe he will start a business selling these. Maybe existing vendors like Nitrokey and Insurgo will replicate his work. We are close.

People who would consider buying such a machine could post in this thread and thereby show how much interest there is.

3

The Librem is sold with Qubes OS installed and the Purism has ported both coreboot and heads to their hardware.

I don’t know why it’s not certified, but it seems like it could be a candidate for a more modern hardware platform.

4

@Sven i seriously considered selling hardware but ultimately I what discourages me is that i am one person and I cannot support a customer base while juggling my personal life, doing my other side projects all while helping being leadership at a CDN too.

I nearly got things going with the offer of some investment end of 2021 where I could have hired staff, but it fell through. Its a shame as I had some good talent lined up to be a part of it

The things I use at home have expanded far beyond the ‘known’ heads/qubesOs lenovo laptops. One of my unreleased successes was an intel x86 platform running heads, where the entire BIOS ME region was shrunk to 1K and contained nothing but the 0x encoded lyrics to Rick Astleys “never gonna give you up” - without it hitting a shutdown loop. Ive got several different desktop platforms running heads and QubesOS as my day to day workhorses. And there is a whole security suite of devices around the desktops and laptops that do way way more.

But ultimately, when it comes to a business - i cant do it alone and I cant do it for free. Ive tried to ask people over many months if they want to be involved but while some talk the talk, none walk the walk. If the investment had not fell through, I had some very good people who talk x86 (to the die level), ready to be involved. But it all fell through when the money did.

I was waiting until the new job settles in a few months and revisit it.

but, ultimately, yeah, W530 with heads and qubesos works. thats what im on right now.

2 Likes
5

Kind of same thing here. In addition to my job I have family to take care of (some of which are on their way to come and live with us, because their home country has turned into a battlefield). I could maybe help some folks to get their hands on a modified T430, but not as a business or under time pressure.

When things settle down a bit I will for sure replicate your work on the W530 (with your guidance I hope).

This is an opportunity though for the folks at Nitrokey and Insurgo who already have the infrastructure in place.

Anyone wondering about Purism/Librem … search the forum and please keep it out of this thread. We don’t need to do this again.

1 Like