I am new to qubes but I have read the documentation and watched some random YouTube tutorials but I would like some recommendations on other free resources or communities to learn from. I would appreciate any help. Thanks.
There is something that seemed weird to me when starting to learn how to use Qubes OS, itâs that there is a lot of community guides on this forum. So, check this:
And feel free to tell us what exactly do you want to learn
@HarryBo, do you have any idea of what specifically you are interested in learning?
Seconded
I just want a greater understanding on how to get around. I used to use windows and got comfortable with it but qubes has alot to it which I think I am probably oblivious to. I saw there were advanced guides on the documentation. I want to learn what is required for me to be more advanced and to comfortably get around.
I understand how to find all the tools and use the qubes manger well. I would like to know what else is important to learn and where to find it.
Here are a couple of approaches to organize your workflows:
See also:
Well, itâs still too broad to answer you correctly
@fsflover is right about the importance of partitioning your usage into different qubes. Itâs not something you will learn in the documentation, but by thinking about your own (and unique) way of using your computer.
Some generic questions could be:
- are you able to backup and restore your system? (should be your top priority)
- do you use disposable qubes when possible?
- same question with Whonix.
- are you able to restrict or allow some operations between qubes? (see RPC policies files)
@parulin is right. âMore advancedâ is like someone saying âI want to be more âprivate and secureâ.â⌠It doesnât really say much
It helps if you think of Qubes OS VMs as more like separate computers on a physical network (such as your home wifi).
Each separate computer has ways in, ways out, and their own set of rules that determine whether they will do what another computer asks of them (ACCEPT), tells the other computer âNo, I wonât do thatâ (REJECT), or just ghosts them completely as if they werenât there (DROP).
Similarly, all the network devices that the computers use to communicate with each other has a similar set of rules about who is allowed to talk to whom (ROUTING RULES/FIREWALL) and in some cases, what about (PORT FORWARDING).
If they do decide to allow them to communicate, then these network devices will also decide whether they will tell the recipient who the original sender of the message is (FORWARDING) or act as a middleman and put their own name on it (MASQUERADE).
Because of all of this, it is possible to control the information that each computer on the network can learn and become aware of, with very fine detail.
Such things like:
- What other computers are on the network, and where they are
- Which computer is allowed to send what information, and to whom
This is very useful if/when one of those computers goes rogue and tries to do something that it shouldnât. For example, if one of the computers wanted to ask all network devices for other information
If this was all just one computer (with shared resources like RAM, CPU, storage, etc.), then it could be possible that one program could actually read the data of another program, and learn some information, which you, the user, did not knowingly and voluntarily give out âon your termsâ.
For this reason, usually, on a (enterprise/large-scale) computer network, you will have each critical process on a separate computer, so that no outside interference can take place. It also limits, to a certain extent, the damage that can be done if a single computer were to go rogue. (Well, thatâs the theory, at least⌠)
This is one of the reasons why in Qubes OS, sys-net
and sys-firewall
exist.
disp4592
be like
âI guess sys-firewall
must be the router on the LAN network that Iâm onâŚâ
sys-net
be like:
âI have a wifi card, and not much else, but wow, sys-firewall
sure is chattyâŚâ
Meanwhile, sys-firewall
be like:
Qubes OS is easier to grasp if you think of it more like this. A single computer is essentially pretending to be all of this inside itself (VIRTUALIZATION).
Once you get your head around this, your creative mind will have no difficulty cooking up all sorts of âadvancedâ things that you can do with Qubes OS