Tips/advice for Qubes as a productive daily driver

Much of the discussion on here is focussed on security or making some specific configuration work at all - as it probably should be, considering what Qubes is. However, I’m interested in something different: How to make the most out of Qubes as a daily driver.

Let’s assume Qubes generally works as intended on the device you’re using and your threat model is somewhere between the average person and Edward Snowden. Security is always an important factor, but you also want to get some serious work done, and have the freedom to choose your path with both of these in mind. What now?

This is meant as a fairly open question, so I don’t want to specify it much more than that. Needs differ and just like with security, it always comes down to your personal circumstances. Nevertheless, I hope that by sharing experience and ideas, we can all make this great system a bit more liveable for all of us.

I’ll also leave this link here, because it’s a good place to start and will otherwise probably come up anyways:

I’d only recommend sticking to your threat model. By that I mean being reasonable about what level of compartimentalization you need and trying to stick to creating as few qubes as your threat model allows, so that you don’t end up running more than your hardware can support at any given time.

The more qubes you run at the same time, usually the more noticeable performance costs will become. It is certainly possible to create your qubes in a way that requires many of them to be running to perform the tasks you need to perform. I’d recommend being mindful of that, and planning ahead, or be ready to adjust your setup as you learn more about your system and what you find acceptable.

1 Like

Most of the qubes I use for work are basically just standalone Linux workstations, that does a specific task, e.g. development, office applications, etc. They are for the most part internet connected, but I don’t run web browsers in any of them.

For me, the difference between using Qubes OS and traditional Linux is mostly copying files between qubes, and using USB devices.

I’m very much in the average person group, I don’t try to pretend I’m Snowden, or that I need anything close to his opsec. I don’t try and overcomplicate my system, I avoid security features I don’t feel I need, and generally just try to make my Qubes OS as close to a traditional Linux desktop as possible.

Doing task A in qube A and task B in qube B is enough for me, I don’t need 100 templates and multiple layers of split qubes.

1 Like