Using only Qubes: All Eggs in the Same Basket?

fiftyfourthparallel · May 21, 2021, 2:02pm

As much as I like Qubes, wouldn’t this be putting all your eggs in one basket? If an adversary wanted to target you, he’d just have to find his way through Qubes; or suppose the code gets updated with something malicious–you’d be utterly owned in either scenario. Both aren’t trivial to accomplish, but you get my point.

adw · May 24, 2021, 11:26am

It depends on your perspective. From a pre-Qubes point of view, using just one conventional OS is putting all of your eggs in one basket. Switching to Qubes allows you to set up many different baskets (run many different OSes) and spread your eggs among them. From that perspective, using Qubes is the exact opposite of putting all of your eggs in one basket. It’s a meta-OS.

But you can always go one meta level higher and pose the same objection:

“But you’re using the same meta-OS (Qubes) on all of your machines.” → Diversify meta-OSes

“But you’re using all x86 machines.” → Diversify architectures

“But you’re using computers for everything.” → Diversify into postal mail, telephone calls, radio, morse code, smoke signals, slide rules, abaci, etc.

“But you’re a normal human doing normal human things with other normal humans.” → Diversify into genetic engineering, strong AI, technological singularity, cyborgs, mind uploading, FTL travel, first contact with extraterrestrial sapient lifeforms, etc.

deeplow · May 24, 2021, 11:41am

This same question was asked by the the SecureDrop team when migrating from a multi-computer environment to a qubes-only one. Their answer was: Qubes is worth it:

(also, moved these posts into its own discussion as I believe it’s work exploring)

adw · May 25, 2021, 3:17pm

To be fair, it sounds like their current position is a bit more tentative than that:

While we are strongly committed to piloting the use of Qubes OS for SecureDrop, no final decision has been made to move to this new architecture. This decision will require a full audit of this new approach, consideration of alternatives, and extensive validation with SecureDrop’s current user community.

However, I consider this a good challenge for Qubes OS.

deeplow · May 25, 2021, 4:43pm

Well, that line hasn’t seen changes for 3 years. A lot has changed since: they’ve been through at least two audits and invested thousands of developer hours at this point.

So, yes. While it hasn’t had the final OK. I would say Qubes has been up to the challenge

adw · May 26, 2021, 9:23pm

Good point!