I’m considering to install Qubes, but I have some doubts to invest time into it, hopefully you can help:
I get that XFCE is probably lighter than Plasma, but I want to vomit when I see XFCE.
AFAIK other DE don’t work well with Qubes and the KDE (desktop environment) | Qubes OS says available version of KDE is 3.2(what the actual…).
I use Plasma 6 almost 2 years now. Can I expect it to be available for the next release?
I have serious doubts of what Qubes brings to the table at the end of the day in terms of security vs convenience.
My 2cents are that if three letter agencies are interested in me, they will definitely find a way.
Currently I use hardened arch/debian with as little as 16-32 GB of RAM and integrated GPU and firewall to block everything and anything I’m not interested at, and they do everything I ever need or prob will need, and my needs are not tiny and growing.
So I’m very skeptical about that, as it’s not a simple switch for me.
Hi @makuzzioni
Thanks for you interest in Qubes.
I only see one question in your post.
I’m considering to install Qubes, but I have some doubts to invest time into it, hopefully you can help:
You should probably read the FAQ to understand why the KDE version is
set behind. But that doc report is outdated - on an updated 4.2.4. plasmashell is
5.27.8 and Frameworks 5.108.
Yes, you could expect a move to 6.
Your current system is monolithic, but if it suits your threat model,
that’s fine.
You must be aware that the major offering of Qubes is the
compartmentalisation of user activity and data. You could use the same
firewalling that you currently have, within the 16GB limit, and run
hardened Arch/Debian on network connected qubes, and have the additional
benefit of separation between security domains, and the availability of
disposables.
But if you’ve read the introduction you know this already.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
As for the other part, yeah, I didn’t formulate the question, but the dilemma is that Qubes AFAIK solves one issue, but creates another. I’ll try to explain.
You say I can do the same thing as I do now within the 16GB limit etc, but I highly doubt that:
GPU won’t be accessible and that’s a huge factor.
The amount of overall hardware resources(CPU, RAM) must be way greater(it will go to the dom0, sys-net, sys-usb etc)
Qubes is very hardware limited
For me, all or mostly all of my important things are happen within the OS itself, so if it’s hacked, it’s hacked in Qubes and non-Qubes the same way and Qubes doesn’t provide me any significant benefit except huge pain in the ass with the above limitations.
Joanna made it clear that this was personal view. In any case being a
professional in one area does not qualify you in others - security v UX,
programming v politics, etc etc. This is obvious.
I am currently working on a laptop with 16GB, and 14 running qubes. As
always, it entirely depends on what you want to do and what are your
priorities. This you have not said.
I do not understand your point 1 since it seems inconsistent with your
earlier comment re GPU.
Allocation of resources is covered many times. You can reduce amount to
dom0 from the default, use mirage-firewall, reset amounts set for most
qubes, etc.
I do not find Qubes hardware limited, but then I pay attention and am
guided by the experience of others. Look at the HCL and recommendations.
It reads as if you have already made up your mind, so I am unclear on
the purpose of your post.
On your current setup, a bug in your browser can expose all your data.
In Qubes, a bug in the browser will expose only the data in that qube -
if you have followed good practice and use disposables, this will be
minimal loss.
The same for phishing - if you follow good practice, such attempts will
have minimal impact, whereas on your current set up you risk losing all
your data and perhaps that of your friends/employers.
Of course, Qubes is not a panacea - it attempts to deal with one area of
risk. If you are happy with your current situation that is your choice.
But do make informed decisions.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
For my part, I used qubes-OS 4.1 and 4.2 with dell M6500 with 12 GB of Ram (a laptop from 2011/2012 I think)! And it was just good. Some AppVMs like sys-net, sys-firewall or sys-usb don’t need a lot of memory. By reducing the memory of these virtual machines, you gain even more RAM. At that time, I also had an HVM window and everything works like a charm My new laptop is in the HCL but it wasn’t when i buy it, work like charm. I had another laptop with Qubes 4.3 (lenovo T470) with 16Go of RAM, it work very well.
So, @makuzzioni , I think I can say that Qubes-OS is not so limited in terms of hardware…
I have Qubes OS on my personal laptop (NovaCustom w/ 96GB of RAM) and on my work one (ThinkBook w/ 16 GB of RAM).
On my personal one it works better (obviously).
But on my work one it is perfectly usable.
The only annoyance I have is that, sometimes, after the first boot of the day, it takes a lot of time to complete boot+login (it can take easily 10/15 minutes from entering the LUKS passphrase until it is usable after login). But that is, I repeat, sometimes.
I haven’t bothered to try to diagnose why it is taking so long, I’m waiting to be able to replace that ThinkBook with another NovaCustom (or similar) with also 96 GB of RAM.
I must thank you for answering my questions, I know I’m difficult to please and very selective, but I guess you understand that it comes from that it’s not an easy move to switch. I just don’t want to invest my money, time and energy into something that at the end will not satisfy my needs.
Alright, so KDE being ugly is not a factor since Plasma 5 is available and 6 will come next.
RAM is also not an issue.
What comment? I have systems with direct connection to 4k 77/65 inch TVs and they have integrated GPU that work smooth, but with Qubes the GPU won’t be available on these systems. Unless I missed something.
No, I’m just trying to check if it’s worth it.
You convinced me.
The only and major limitation for me now is the GPU.
My new laptop is in the HCL but it wasn’t when i buy it, work like charm. I had another laptop with Qubes 4.3 (lenovo T470) with 16Go of RAM, it work very well.