In this blog post, I tried to share my thoughts about Qubes OS, because it’s really hard to describe it to someone when they ask why would someone use that. I’ll talk about it in our internal knowledge sharing session at my job later in the week, that was the opportunity to gather thoughts before making some talk with slides 
I’d be curious to read your opinions about that
One point you made caught my eye. That the OS seems understaffed. I use grapheneos for mobile. I was impressed how frequently they update and the speed of deployment. I think they are very well funded by corporations. I’d love to see corporations funding QubesOS to get the production team the resources they need.
GrapheneOS is not “very well funded by corporations.” The project does have some investors but nothing to the extent of your phrasing. Proton held a Lifetime Account Charity fundraiser this past December in which the company raised over $784,000 (they contributed $100,000). GrapheneOS was among those who Proton donated 100% of the proceeds to.
I heard the likes of Jack Dorsey have donated large sums. Louis Rossmann has mentioned that his boss contributes to Graphene. Additionally in interviews with graphene developers they mentioned that had good funding, but were actually looking for people to hire.
Idk how you define corporate, but I’d like Qubes to receive the financial support it well deserves!
Suppose I was representative of a large company. Lets say, Boeing Aircraft. I travel to other countries to develop aircraft sales, at least in the hundreds of millions of dollars. I have competitors who want to know all the details of potential contracts, so they can make a better offer. I have governments which have a hand in the pie. Investors around the world want to know that a contract will, or will not be signed. so they can jump the market for investment.
I would need to use Qubes on the machine that I communicate with my home office. My primary contacts at the home office would need Qubes, (Secretary. Managers) because Security requires both ends are secure.
I like to think of this group, because it is the business users who could fund the development of Qubes to make it more accessible for everyone.
How about a University student, who has an idea which can be developed. From Junior High school on I knew a fellow who used to brag his IQ was = well high. He believed that he was entitled to the successes of other people. That is Money. He was smart enough to insert himself between a creator of value, and someone who would pay for work, ideas. To put the money in his own pocket.
More common is the bright university student, who, the moment he graduates, to work for any company he must sign away any potential idea and patent rights. Perhaps an engineer who will be a cog, and his financial successes is mostly marking time to get a retirement. Today companies like to dump their experienced workers, who are aging into vesting into the retirement funds. into unemployment, so their retirement is the minimal government provided retirement.
I like people who can create value, who can enjoy their success. These people make life better for all the rest of us. They need a secure means to develop their projects, communicate their ideas such that they can succeed.
Anyone whose financial success in life is large enough they need to protect themselves from thieves. Which become more a product of how easy it is to use a secure computer product than how truly large their bank, investment accounts are.
Anyone for whom they do not want to be annoyed by “Surveillance Capitalism.” If it is reasonably easy, which for the average user today, I am not sure Qubes is.
I believe it implicit in this conversation, that there are substantial numbers of people whose knee jerk reaction to the word Encryption is, If a person is not doing anything illegal, they do not need Encryption, all that Security stuff.
So they must be up to no good, so no one should be developing or using computer software.
Want banks to run without Encryption?
If you believe that you are entitled to keep what you have earned, accomplished; Those people need to practice good computer security.
Human Sanity. Well, must be an expert who can write about loss of privacy for all peoples, instead of me.
I have the right to protect myself from those people who choose to believe, decide that they know, what I think, and that must be such a danger that they should take action against my well being.
For some, It is ease of use that will define whether they use Qubes.
I also lock my front door when I leave the house.
Must be a more succinct way to say all this.
I find spreading the word is always a great way to contribute, so thank you for that.
I’d have couple of suggestions, not to say subjection 
Hard learning curve.
For whom? For instance, for those who used to use VirtualBox-like software, for sure not? Even them under Windows, they almost for sure tried Linux and probably even Android as VMs. Further more, take my toddler into consideration. He doesn’t know neither Windows, neither Qubes. Which is harder for him? The same at worst. But I’ll tell you. Windows. Because he doesn’t know what Windows is, that is he never saw it. He’s been taught how to start VM, and how to handle it in order to fire up cable TV app. Qubes is his native surrounding.
Even for casual users, I wouldn’t say it’s hard to learn. I’d rather say it would need time to adjust to it by changing habits and routines on one’s own benefit eventually , for example.
Each “IF” I’d replace with “When”. Try this and re-read it. It might sound completely different for better.
At the end, under “Cons”, I think I would state “Nothing”, because I sincerely think there is no valid reason not to use Qubes. There is always a way to achieve what is needed, or will be at worst at some point while preserving self-security. Everything else is most probably excuse not to invest in one’s self, either by means of time, or money.
My best
Thanks for your feedback. I made the If => When change, I agree it’s a lot better. I’m not a native English speaker and this kind of change rarely come to my mind.
As for the Cons, I prefer to keep it this way, because it’s a Cons for me first, and it’s the same for the learning curve, from my point of view and my audience PoV, we already know how to use a “traditional” system, and switching to Qubes OS requires learning new workflows, new vocabulary, new habits.
I agree that someone who would grow up using Qubes OS may don’t feel it “hard” because they would lack experience to compare with something else.
A lot of your examples are of people who have a lot of resources, who can pay for a secure system. They don’t need qubes, honestly.
What qubes gives is an entirely open source, free (as in beer) system for those who are not able to pay for a proprietary solution. I doubt the president of Boeing could give a rat’s hindquarters about that; he has an entire IT department behind him.
(And some of these solutions would be “in house” or provided by the customer who imposes the security requirements. E.g., if working for the US government as a contractor, the US Government might supply some of your systems, and the security is by definition good enough for your customer at that point.)
So the really big corporations aren’t going to care (and if they make their money spying on you online, they will be actively hostile to QubesOS). Medium sized companies unable to afford an IT infrastructure, and individuals…yes, that’s our target “market.”
Virtual Machines in Qubes OS are called Qubes, most of the time, you want them to be using a template (Debian or Fedora for the official ones). If you install a program in the template, it will be available in a Qube using that template. When a Qube is set to only have a persistent /home directory, it’s called an AppVM. In that case, any change done outside /home will be discarded upon reboot.
First off I am very glad to see people writing stuff like this. I occasionally get to advocate for QubesOS, but where I go it’s largely people for whom a computer is an appliance; they just want it to work so they can watch cat videos.
This paragraph is close to the very beginning of solene’s article. I don’t know who her target audience is, but this paragraph for example assumes a fair amount of knowledge about linux. (e.g., it’s implicitly assumed that programs don’t get installed in /home. True, but does the audience already know that?)
It will be OK if you’re talking to general Linux knowledgeable; if you’re talking to a bunch of guys who think the brains of the computer is in the monitor, then maybe not!
that’s really not my audience
Virtual Machines in Qubes OS are called Qubes, most of the time, you want them to be using a template (Debian or Fedora for the official ones). If you install a program in the template, it will be available in a Qube using that template. When a Qube is set to only have a persistent /home directory, it’s called an AppVM.
I have a small pet peeve about the capitalization of “qube.”
I was actually unsure when I wrote that. I’ll fix it
Hi Steve,
Yeah perhaps I stretched in looking for an example. What I also thought about were some of the data breaches from allowing everyone on a company server unlimited access to all the data on the server.
Or perhaps, you could offer your thoughts on:
Data Breach on a Credit Report company:
Or the hack on US Government classified documents:
\https://www.wired.com/story/the-untold-story-of-solarwinds-the-boldest-supply-chain-hack-ever/
These companies would be expected to be technically competent. Whether they were gigantic or not.
It is my impression: Well; I know an individual who did work from home during Covid. Their company provided laptops, (which could have larger screens and keyboards plugged into them) which ran Windows 10, Security Software-from I think Norton. and a piece of software that gave them an encrypted connection to their corporate servers. and employees were forbidden to use the laptop for any personal purpose. Company probably valued in the Billions of dollars. But using Windows?
I guess some of the features of Qubes would not be useful. Then again, they individuals were not warned about how their routers could be corrupted by someone else on the network going to sketchy websites. I know some at home employess used really old routers, old modems. Teenagers in house, who . . . well, they are teenagers.
I repeat, it is not only important the person traveling, (in my example) who must be concerned about the Security of the information on their own laptop, but those at the corporate office.
I left out of my original statement. I was informed by someone who flew US fighter planes that the plane had parts made in many different countries. Part of selling the fighter plane to other allies, those countries wanted a piece of the money to be made manufacturing pieces for the plane.
Used to be a movie on the Canadian designed, and built AVRO plane, which was never built because AVRO needed the US to buy the plane, and it was required that the plane must use a US built Jet engine, which was technically. Although the other part of the story was that the then President Eisenhower was convinced that ICBM’s would be far superior to SuperSonic planes. His administration not willing to over rule some other part of his administration to allow the plane to be built with the original jet engine.
My point being: contract negotiations can be as complicated as - getting the Olympics into a particular city. Bribery might be a better term.
In my own sandbox of my life. I am annoyed that others might try to look over my shoulder and try to take whatever value I might create, and take it for themselves.
Qubes is meant for Personal Desktop. Not really the software for corporate Servers. Although I understand, Servers use Virtual machines.
I welcome your criticisems of my examples. Maybe you have more to provoke me into Thinking.
Not so sure … “a friend of a friend” works for a large Aerospace company, and … bummer ! They decided to go fully online, on a google server ! Yes, you read it right.
email is relay to google email, document sharing same, calendar same, etc …
To me, it’s like claiming: “hey, terrorist 3 letters agency, here is all my data for you”
Anyway, that’s their (unfortunate) choice.
On my side, I use (try to, when I will be bale to instal it the way I want) Qubes because:
and allow me to brag about it to my friends and colleagues, when I tell them about the Qubes.For modern games, heavy multimedia and such, I keep my T440p, personnaly upgraded to 105% of its official limits … which will die with me same as my Blackberry.
No feelings when Qubes. Only security haha. No, seriously, I wanted to add: and, it’s not the false-sense (feeling) of security.
Unless you are encrypting the daylights out of it before it hits the port leaving your computer, putting sensitive stuff onto a google server is just about as stupid as surfing the web in dom0, or making your backups to a disposable.
And even with all of that encryption, I’d still be hesitant to put my stuff on Google. They might just delete it out of spite when they can’t mine it so they can push crass ads at you.
And this was some company’s hot-shit new way of operating?
Maybe these big companies actually do need qubes…or at least their IT departments need firing.
This is off topic Please make a new thread to discuss this further.
Sadly, it’s mostly not the IT departments but their bosses outside IT, with no idea what IT is at all. 
Yeah, true. I was overly harsh and I apologize to any IT guy reading this (unless they are in the minority who really do think this is reasonable).
Most IT people I IRL personally know understand these things. One quick indicator is they almost invariably have black tape over the cameras in their monitors–or make sure their monitors don’t have cameras.
They end up taking the brunt of dealing with the stupid decision to “deploy” Windoze 10 or 11 and having to try to make it secure, then when it turns out it wasn’t despite heroic efforts…
There’s a lot of focus, and rightfully so, on the security and usability of QubesOS. May I proffer some second order consequences of compartmentalization that may be interesting too? One of the reasons I so very much love QubesOS, once the security posture has become routine, is that it motivates focus.
You see - by compartmentalizing apps one can, as a second order consequence, compartmentalize their focus. My virtual desktops are mapped, 1-1 and onto, to my qubes. And so when I switch to that virtual desktop, I inhabit a state of focus on that thing. In a world where much of tech behaves like cellphone kiosks at the mall, where toaster popups behave like sales people competing for your attention, this alignment is welcome. And there’s a reduction of clutter as well.
Is any of this exclusive to QubesOS? No. DEs have long supported virtual desktops. It’s not an OS specific thing. But with QubesOS, it goes with the grain, the current. Not against it.
I find that I am looking more and more to return to “long form thought” in my daily routine and QubesOS helps with that.