Look at Bromium - implemented micro virtualization to allow hardware
isolation. Shipped vSentry from Windows 7, now bought by HP and offered
in their products.
It’s definitely behind the scenes.
Look at Bromium - implemented micro virtualization to allow hardware
Actually, @unman, I edited out a reference to my mother. Its not there in my post. Save the lecture.
For the record, when I think of my mother, when I reference her in my words, I think of a non-technical user that would have enough spine to ask the question, “Why am I doing this?”. That’s exactly the figure I want to invoke. If I want to denigrate someone (by virtue of an attribute like gender) I’ll make it very clear.
I’m sorry, but I say this now, said this yesterday and will probably say this tomorrow.
I got a Qubes USB and no-one walked away, because there never was anyone there in the first place. Apart from relying on the good-but-not-always-perfect graces of a forum.
Forums are hit and miss. I’ve had great help, but I’ve also had none at all. Case it point - when my VPN stopped working, despite some well-meaning posts I didn’t get any practical help. I reinstalled my whole Qubes OS to get past the problem. Someone said that’s the “nuclear option” and its true - I was down to my nuclear option.
I’m not continuing this.
@tree - I’m glad you edited your post. Unfortunately, as an email
consumer of the Forum I don’t see such edits.
Equally unfortunately, other readers are not privy to your thoughts,
only your words: that’s why it’s important to choose them wisely.
My lecture was a reminder for all users of this.
Let’s leave it there.I never presume to speak for the Qubes team. When I comment in the Forum or in the mailing lists I speak for myself.
I'll then reply "hidden" about edits
- FWIW, even using the web UI, I had to check the edits he made (via the diff thingy) to make sense of your exchanges ^^ I was like “Why is he talking about his mother o_O ^^”
- [rant] so this (redacted) forum software can’t send you a mail with the new post when people edit it ?! Pfff …[/rant]
About Joanna's "rant"
As much as I think I get her point (feminism, no finger-pointing), sorry but this is “puritanism vs language facility”. You can be the worst jerk talking/writing really well, and writing “bad” stuff without meaning it.
It’s the mentalities we should change, not the language !
Two examples, “rant” may not be adapted to describe what Joanna wrote, but I used it to be fast and descriptive enough. I would use a more precise word in my mother tongue (FR). Also, I have a gay friend who sometimes talks about himself and other gays as “faggot” (I don’t know if it’s an insult in EN, but imagine it is).
And because we’re in those dumb times, or rather because of some uneducated idiots, I have to precise that man**==**woman (even if man !==woman ^^ For those who don’t know, in some computer languages like PHP, “==” does not mean the same as “===”).
But maybe philosophical/rhetorical stuff like that does not belong here ? ^^ In that case, sorry …
Back to Qubes, I think the missing doc is :
“How I did that before → How to do it on Qubes”.
I’m thinking something like the Rosetta Stone for Unix, but more than just a table.
(I know -I- can start it, but for now I can only -test- Qubes, nested under another dom0).
Why this doc would be useful ? Because even as a seasoned sysadmin by trade (20+ yrs) and a Xen “power user (debatable^^)” (5+ yrs), I find it hard that Qubes is changing at the same time the USER experience, and the ADMIN experience !
I went concise, but can enhance.
I also agree with unman’s point “It’s easy to underestimate the grooming that has taken place for
familiarity with Mac and Windows, yet users struggle there too”. Like Windows changing its interface each version …
Imagine a user with no previous IT/otherOS experience starting with Qubes, this would become his “new normal” !
Let’s install Qubes in schools ! \o/
About that, still offtopic, sorry ...
Can Qubes be used from LTSP-like setups ?
Kinda related, is someone working on a new Live version of Qubes ? From a really short discussion with Marek in Feb 2022, I remember reading between the lines that he would be happy to have a Live version.
What makes Qubes OS so great? The ability to have many compartments on a single machine. But that requires one to be able / free to do so.
How many users can freely choose which computer they use for work?
How many can choose what OS that computer runs?
Not many. So there goes the ‘work’ domain. The vast majority of users are doomed to use a corporate issued Windows PC full of “endpoints” and without any administrator rights. Maybe they get a Mac. Same thing. No freedom to choose.
What about the ‘personal’ domain? … email, messaging, photos, web browsing, streaming, casual gaming. What are the stakes here for most people? Not very high. Follow the most basic principles and more than likely you’re OK: don’t share/reuse passwords, don’t store anything embarrassing in the cloud, lock your device with a pass code. For most people this isn’t even a PC. More likely their phone, tablet or Chromebook. Apple and Google do a reasonably good job of keeping the average Joe out of trouble. So there is little pressure here.
PC Gaming? VR stuff? Video-editing? Crypto-Mining? … all special use cases requiring direct hardware access or specialized hardware. Most people will have a dedicated desktop machine for these things. They are possible with Qubes OS but surely we can agree: non-trivial and just maybe not even a design priority.
So who needs or wants to use a reasonably secure desktop OS that enables compartmentalization?
- people with a professional need to keep data separated, confidential and being able to choose their tools (military/government, lawyers, actual investigative journalists, security consultants…)
- people at high risk of compromise (activists, celebrities, unlucky minorities in repressive regimes…)
- enthusiast (because they can and enjoy the process)
So I don’t think Qubes OS will ever be “standard”. Because “standard” users don’t have the freedom to choose or the need for this level of compartmentalization. It’ll be a niche solution for specific groups of people and those people (except for the enthusiast) actually need it. And once the need is identified there really is not much choice. Qubes OS pretty much is it, except for specialized military solutions (e.g. SecureView).
However, if Windows qubes would integrate as seamlessly as Fedora/Debian qubes do. Basically as it once was with Windows 7 but maybe even more smooth and with USB and sound/mic/camera … then there would be a much better chance of capturing more of the professional users who have to use whatever corporate IT gives them. I don’t mean to start a thread about FOSS, Wine etc. – there just is a ton of existing Windows-only software tailored for specific business use cases that won’t run (well) on Linux without major investments. When Qubes OS is ready to run these business apps well, then I personally see a pretty juicy market for companies to offer support / maintenance / certification / training contracts and aid business in adopting Qubes OS. dream When we get there I might even join or start one myself.
It does not belong here at all and anyone who cares about this community should avoid posting such thoughts here. In case it’s not obvious:
- It has nothing to do with Qubes OS!
- Members are bound to have widely different views sparking heated conversations.
- Such conversations will take away focus from Qubes OS and make some reluctant to further participate in this community.
This goes for any and all topics not directly related to Qubes OS.
I started using Linux when 1.x was the current version, you can’t even compare the difficulty in using early Linux and what Qubes OS is today. People were saying the same thing about Linux, it’s only going to be used by a small group of nerds and no one is ever going to take them serious, and here we are today.
Proton was able to find a lot of success with secure email, and I think Qubes OS has the potential to do something similar for the desktop.
Proton’s success shows that there are people willing to pay quite a lot of money for privacy and security focussed products, but they are not willing to give up much convenience.
Ubuntu was able to find success by making a clean and simple Linux desktop, and other desktop systems derived from Ubuntu were also able to find some success.
I also don’t think Qubes OS will be the desktop standard, but I do think there is a growing market for security and privacy focused product, and Qubes OS could become the standard in that segment.
Ah, many nights just to get the X window system to start… that’s when I walked away for ~15 years.
I agree. Ubuntu helped users get their established workflows running with much less resistance then other distros at that time. I get @unman’s point too. You can get non-technical people to be productive on Qubes OS with proper assistance and some training at the beginning.
But for wider adoption I strongly agree with @GWeck we need to get better Windows integration (seamless GUI, robust USB, performant/robust audio/mic/webcam). It’s not a popular position to take, but this really is what holds us back the most with the general public. It’s not about learning to use FOSS software, it’s about availability of specific software the user has no real choice over but is forced to use.
That’s my point. In the niche of security focused desktop operating environments outside the military, it already is the standard (by virtue of being the only game in town). All other attempts are either abandoned or lofty promises without deliverables.
I agree, it’s even more than reasonable, it should be the default (do you remember General Motors Replies to Bill Gates ?). I agree that “brainwashed” was kinda extreme.
I don’t agree, why can’t “normal” users benefit from Qubes security ?
Sorry for another car analogy but that’s like saying “you use your car mostly for groceries, so no Turbo for you !”.
I somewhat agree with the second part, but disagree for the first part : most of the commands and principles used in Qubes are Qubes-specific (even Xen cmds and opts are wrapped). But maybe I’m too dumb or lazy ? ^^ That’s why I’d like a Rosetta stone for Qubes.
(another old ref: “wanna learn distro X, install distro X, wanna learn GNU/Linux, install Slackware”).
There are many different use cases but my point is, the IT depts of some companies -should- install Qubes by default, and their sysadmins can then teach the users. I’m thinking about press agencies, strategic corps, etc, you named a few. It would have many advantages for the project.
Aaaah the 90’s, I remember stuff in the RedHat manual, warning you to take extra care of your CRT monitor config, as you could really break/brick it ! (Just learnt why).
Thanks for the info, but then isn’t that true of all “secure mail” providers, and we’re back to PGP ? Is JS the only way to get pwned ?
I didn’t say they can’t benefit from Qubes OS, but not everyone needs Qubes OS.
If you are not getting targeted by skilled attackers, and just need to worry about malware, you can just use an immutable OS with basic sandboxing.
If someone asks which car is good for picking up groceries, you probably also doesn’t tell them to get a tank, not unless they are living in an active warzone.
There are some specific people out there who actively resist learning about computers for whatever reason. The response I’ve seen typically is playing helpless in various forms, but I’m sure there’s other responses to learning opportunities. In one case, even knowing which cable to plug in where can be a challenge, because the person refused to learn what shapes various ports are, and what they’re named.
Given that user caricature, we can make a statement about the size of Qubes’ audience: If Qubes requires any amount of learning/training/background knowledge to use, there will be people it is not a good fit for. The more learning/training you have to do in order for Qubes to be useful, the smaller the group of people who can use Qubes.
We can add precision to that idea: If using Qubes requires strictly more knowledge than using Linux (ie, anything you can know about using Linux is just as relevant/just as required/just as useful while using Qubes), then the people who can use Qubes will be a strict subset of the people who can use Linux.
With that chain in place, there’s now a couple of ways to counter the impact of the above. Unfortunately, I don’t know if any of those counters are true, so I’ll let the people who know better than I do mention them instead.
So that’s the barriers to entry. Does an outsider who doesn’t understand security understand what the benefits are to using Qubes? If not, or they only perceive minimal gain, why would they work through the barriers to entry?
Without a good answer to those questions being commonly known, the best we can do (as far as I know) is figure out how to remix flatpak to use podman containers, or train systemd to namespace/containerize services by default.
I came up with an aphorism a few days ago:
“If you know computers fairly well, I cannot recommend Qubes enough. If you don’t know computers, I cannot recommend Qubes.”
…no tank for you!
Yes and yes
Of course not.
I know Qubes is not adapted to everyone yet. But all my point is in this little “yet” !
As mentioned above, at some point a lot of IT stuff wasn’t for everyone, yet nowadays almost everyone on the planet is using the smallest of its form everyday (or every minute, but I digress) ! Another ref: remember the IBM manager saying something like “why would normal people need/use a computer at home ?!”.
Ok, Rome wasn’t built in one day, but maybe there should be 2 or 3 Qubes flavors to help adoption ?
- the “raw/base” flavor, which is the current Qubes version
- the “user ready” flavor, which could come with various pre-installed qubes, covering the most “normal” use cases, with user qubes and most used SW with shortcuts and stuff
- and most importantly to overcome the HW barrier, a Live version to test the HW before installing ? Note that it’s also an appeal to motivated users to resuscitate this. I may be interested, but it’s a bit daunting (Slax once had good guides explaining in detail how it works).
I know, this would be even more work …
(PS Sven, thx for your answers, I’d like to know more but that would be a little offtopic)
I don’t know if you need 2-3 different version.
The single biggest issue I had when I started using Qubes OS was the themes, I understand why the color coding is used, but the borders make the UI look so ugly.
You can change the theme, but you need to do it in both dom0 and the domUs, I probably spend 2 days getting the UI to a point where it “felt like home”.
If there was a “Qubes OS for casuals” with some clean preinstalled themes and few UI tweeks, it could probably improve the first impression.
Here you see how different tastes may be, probably caused by previous experience: I come from a Windows environment and still sometimes have to do with the borderless windows that Microsoft finds so good for Windows 10. So, for me, the window borders in Qubes are quite a help to distinguish windows placed one over the other, whereas, in Windows 10, you often don’t know which content belongs to which window - which just leads to confusion.
Having the possibility to change the themes according to one’s preference is a big help in Qubes. In Microsft Windows, you just have to swallow what Microsoft finds good, and you just wonder why your stomach hurts so much.
I color my windows by changing the color of the theme, I do this for the GTK theme and the terminal.
The signal value is a lot weaker than the standard Qubes OS borders, and I’m not trying to say the standard borders should be removed, it should be an additional option.
It could be possible to make a theme that allows users to have a desktop that looks more like a traditional Linux desktop, and still use the Qubes OS domian color coding. For casual users trying Qubes OS for the first time, it could make the desktop more inviting.
This may be teaching users the wrong hint but if this is the “make it or break it” for some to use Qubes, then it’s not a bad thing. Better than no compartmentalization at all?
I am in the process of installing it. It took me a lot of time to disable and enable various bios settlings to be able to even run the installer (see my post, and the issue that was pointed out to me by another user). It’s hard to even install it.
Then, there are usability problems: limited hardware support, limited battery life, CPU and RAM intensive, not taking advantage of GPUs and in fact having problems with GPUs and tasks that take advantage of discrete GPUs.