Qubes OS thoughts

28 réponses [Dernière contribution]
Nickman
Hors ligne
A rejoint: 12/09/2016

Hi everyone I wanted to get your guys thoughts on Qubes OS, I've heard it is very good in regards to security, because it is basing it's security on isolation of parts of your internet life into what it calls Qubes, an example would be a part of your life is in the personal section, untrusted websites are in the untrusted section and work is in work.

It is not currently seeking to be added to the free software distro's list, because for the same reasons that Debian is not certified.

I don't believe anyone on here uses it at this time (obviously haha) but for people who have used it, or have had experience with it, what are your thoughts on it?

I've been considering downloading that as my OS, at least on my main computer and downloading trisquel on a notebook computer.

albertoefg
Hors ligne
A rejoint: 04/21/2016

I looked into it, it seems that they think the secure approach is to use a bunch of virtual machines to everything you need, so a virtual machine for your banking stuff, a virtual machine to your work stuff and so on.

I don't feel like is a distribution for productivity, as it requieres 4gb of ram at least, because of the virtual machines, imagine adding in top of this something like Pitivi or Kdelinve. But I am not sure if this software will work because:

You can't use your coumputer for gaming or anything else that requires 3d support https://www.qubes-os.org/doc/user-faq/#can-i-run-applications-like-games-which-require-3d-support

Also it doesn't want you to dual-boot which means you will lack all this software on that computer.
https://www.qubes-os.org/doc/user-faq/#can-i-install-qubes-os-together-with-other-operating-system-dual-bootmulti-boot

So you need a new powerful computer, to be able to use this distribution to do the same stuff you can do with a 2006 thinkpad.

They are ashamed of being a "Linux" distribution, so they mention GNU even less. https://www.qubes-os.org/doc/user-faq/#is-qubes-just-another-linux-distribution

I think the interface is pretty messed, you have to put a lot of attention to where are you doing what, which for most users won't work. As it requires paying a lot of attention and expend way to much time taking care of this.

It seems like an interesting option and probably secure.

But, for the most part a GNU/Linux distribution is secure, as most software is installed from repositories, most virus and malware doesn't affect GNU/Linux and even less won't work with no root permissions.

There are a few attacks that might work, but chances are a normal GNU/Linux user doesn't have to worry about it. If following a few basic precautions.

And if you want to do something sensible, you can always boot from a live DVD, do your thing and shoot down. Or even boot a virtual machine, though I understand is a different type of virtual machine.

It does what it is meant to do. But I feel like is a distribution for very few people with really sensitive information. Not for a workstation, so it depends on your needs my friend :)

Nickman
Hors ligne
A rejoint: 12/09/2016

Okay thanks for your thoughts Alberto, do you think security by isolation is a good idea that once trisquel gets a lot more developers that it could work on?

Geshmy
Hors ligne
A rejoint: 04/23/2015

I
recently installed Qubes on a laptop. I think the install couldn't
quite complete because my home network runs without dchp and I couldn't
find a way to tell it what IP it could use to get on the network.
Nonetheless, it did seem interesting enough to be worth a look. It came
with Debian and Fedora Templates installed and my impression is that
those OSes have their core programming stored in the Root where it is
untouchable so to update them takes some extra steps.

I have an email client running on an old laptop using OpenBSD and this
laptop seems so old it can't handle surfing the web very well at all so
email is all I use it for. My desktop pc has Trisquel 7 which I only use
to login to my bank every so often and get updates. My desktop pc also
boots up to, I think I am up to 7 different flavors of GNULinux now and I
have been using them for general surfing and to keep in touch with what
many of the different camps are achieving. My actual financial records
are kept on another laptop that seldom sees the internet (also openBSD).
When I use Belenos to go to my bank, I have the laptop beside me and
transfer information by hand to it. I play games on a Playstation. In
other words, I like the idea of isolating stuff, no bundles for me! At
least, if I ever get hacked, it will only go so far. But it does create
some headaches to do it this way.

One thing though that I worry about is the wifi router. It sees
everything and short of looking for a firmware update on a regular basis
I really don't know much about how one goes about keeping it secure.

albertoefg
Hors ligne
A rejoint: 04/21/2016

You have pointed 2 more dowsides to this approach: 1. Update virtual machines requieres extra steps and can't be done automatically.

2.- All of this is pointless if you happen to use a compromised router. Which could use a malicious DNS to point you to a different website than the one you think you are using, like a fake bank website.

Now I am not saying do not use it, but rather, it seems like is not the right approach to think that security is something the operative system has to take care of, instead of teaching the users to be careful.

Джордж
Hors ligne
A rejoint: 11/28/2015

@alberto
I respect your opinion but I don‘t understand why some people here on this forum read so much into things ("They are ashamed of being...blabla"). What‘s your point?
If you had taken the time to read a little more than you would know that „they“ also prefer hardware that can be audited/isn‘t possibly backdoored, that they are opposed to Intel‘s ME, that they would use corbeoot/libreboot and so on. There are many discussions and blog posts regarding these topics.
The OS itself can be too much at first but with anything in life you got to try and read in order to gain knowledge. The interface isn‘t messed at all. In my mind it is pretty clever and is in constant development so useful features can be added.

You are right in saying that a powerful machine would be best but be careful because you would have to meet other requirements in order to be able to use some or all features (especially with regard to virtualization). Even with a less powerful machine one should be able to get a nice setup working. There are different VM in development or even usable right now but you have to search a little for the projects (e.g. Mirage firewall that uses 32MB of RAM).

Who needs dual boot anymore? Who needs a CD/DVD-ROM these days? You could use a caddy and swap drives for different use cases.

My understanding is that gaming and GPU intensive tasks are difficult at the moment but I haven‘t really tried.

I think that the Qubes OS is one of the if not the most interesting OS out there. You have to invest time in order to appreciate all its features and possibilities. If you do, I think you will be surprised.

Does the average Joe need it? No, but you have to ask yourself what do you need? One of the most popular passwords in use is something like 12345. Most people don‘t have a clue what they are doing online and they don‘t mind until something happens. So, where do you start? Probably not with the Qubes OS but you might end up there because cybercrime is on the rise and your right to privacy is being restricted more and more these days. With Qubes you can combine different approaches on one machine, for example, use VM that are not connected to the internet, making it very hard to get exploited. This could be office work, password manager, data-/mail archive...anything you can think of. Each of these things has its own VM not connected to each other.
You can use different VM for surfing the net. You can connect one VM to a VPN and leave another one to the clearnet. You could use a TOR VM in order to acquire bitcoins, you can create a bitcoin-wallet VM. There are lots of approaches for your everyday use.

As far as I know it is even possible to use libreboot or coreboot for Qubes on the ASUS board. I think I remember some people talking about using it already.

albertoefg
Hors ligne
A rejoint: 04/21/2016

I think I expend enough time, I mean in my post I do acknowledge that it seems pretty secure and that it seems it does what is meant to do.

I also pointed some dowsides. That they on their website point. Like the lack of OpenGL, which means if you work in something like design, architecture, videogames, video edition, and similar, you will probably have problems, also if you like games or have kids who like games.

Hence the dual boot talk, but hey you can't dualboot to do that stuff, so you will need a second pc if you need that, which kind of defeats the purpose.

I also said that this kind of protection, from my point of view, is an overkill for most users (i never said All of them) because if you follow a few basic steps and precautions a GNU/Linux is very secure.

I also mentioned interface from what i assume would be the use of a normal user. Who would have trouble seeing 2 or 3 different web browsers or libreoffice.

It is also a system that seems to be designed to be used by the same person, as it has a passwordless root https://www.qubes-os.org/doc/vm-sudo/ and https://www.qubes-os.org/doc/user-faq/#is-qubes-a-multi-user-system

Recently I've started to learn about social engineering and thats the exact reason why I think this approach is even worst for most users. As it teaches them to care even less about that 1234 password, because hey, their computer can't be affected by cybercrime right?

As I said I think it is a best approach for most users to follow a few basic precautions, like use password managers, use only software repositories, don't trust email and so on.

Джордж
Hors ligne
A rejoint: 11/28/2015

Like I said, I don‘t have a problem with your opinion, although it seems to me you made up your mind pretty quickly. That is part of today‘s zeitgeist; one has to live with the fact, that a lot of people only read the headlines and then pretend to know everything. They fill the gaps with their own story. Anyway, I find your posts a little condescending. That‘s what bothers me. I guess you never even installed Qubes.

I agree with you that it is important to follow basic precautions and that for most people a GNU/Linux system should be enough. I just wanted to point out, that there is much more, that can be done, if need be. You always sacrifice convenience for the sake of privacy.

In your commentaries you are comparing apples and oranges. Of course, you would still need strong passwords as virtualization has nothing to do with securing an online account. I don‘t know what put the idea into your head that Qubes or any other security focused operating system was keeping people from being careful? I find that conclusion illogical. I think the opposite is true. People who already mastered the basics might want to learn more.

Maybe it is overkill and hopefully I don‘t need that much security. I like to try out these things because it increases my awareness to matters related to computer security. Also, it is fun.

Nickman
Hors ligne
A rejoint: 12/09/2016

I really like all these thoughts, I've been looking for external HD drives to install trisquel on, however I'm stumped as to what drive to get and also I've been looking at other Operating systems like Dragora as well, what are your guys thoughts on both of those questions I'm concerned about using the live USB, because I'm worried I'll screw something up and I can't install a live CD because my computer doesn't have a CD slot

Nickman
Hors ligne
A rejoint: 12/09/2016

Okay thanks Heather, if you go to my topic entitled New Computer specs, the info for my computer is on there

runner8
Hors ligne
A rejoint: 03/04/2015

*Qubes Is YOU a system “*out *the *box” smart to use, recommend to read his documentation little by little by what can contribute to the hour to use the system.

In my experience with the system would stand out:

From my scarce technical knowledge, this system covers appearances of security that the conventional monolithic operating systems does not reach them, that is to say, the purpose of *Qubes is YOU do more difficult this hypothetical *game *over to the that a monolithic system finds constantly exposed.

The metaphor perhaps could draw as if a system treated of an army, with what sail, with the host, with the king? No, in *Qubes sail with a first line of army (*AppVM) with which no only sail, but you also execute all your programs, if this line falls or is engaged, don 't happen nothing, clone another, created another.

Backwards of this first line where execute our programs, finds the second line of our army (*Templates), these only serve to install, have denied the access (by defect) to connect further of your repositories, can update them with a pair of clicks and install also graphic or by commandos. But if it is line fell or went committed, neither there would be *game *over, install or clone others, reproduce the same without *concern you neither be “defeated”.

And from further back in the army, finds the old *dom0, offline to increase his security, he is the host, yes, that with which handled us in monolithic systems, if he falls or arrives to fall, all fall, here yes would be *game *over, therefore, the logic means to be possible to touch the minimum to *dom0, update and little more.

If to level of system to one liked him this logic, the controllers of the *USBs (*HDD of external storage, *pendrives, even the keyboard if it is *usb) also would not have to touch the host, because they could engage to the system, therefore, in *Qubes a *AppVM (*sys-USB) is the one who commissions of all the controllers *USBs , with access to the host? No, it could result dangerous, with access from a *AppVM, this loads (by defect) to the start, and only allow him changes to level of user

In the technical appearance recommend the reading of for example this article with regard to the concept of isolation in monolithic systems

https://theinvisiblethings.blogspot.nl/2011/04/linux-security-circus-on-gui-isolation.html

Concept of flexibility by what this logic means, *drivers of printers no reliable, what would do in a monolithic? Perhaps litter the system, possibly not knowing if the system finds engaged through some simple *drivers of printer, in *Qubes You, can devote a *Template for this function and later, *disconnect the *AppVM that is serving you to print, scan increasing his security.. What a *driver or software no reliable that can result you useful does not engage your system.

Also flexibility by all what can you occur from this logic, all what mean to install programs to level of user or to level of system can mean a lot of ease to find a better form to order, separate, isolate some uses of others, administer what results you more reliable or less reliable without having to engage your system.

In the question that tackle to the games, could install small games, emulators and all this world, and for big games, from *aventurarse to happen a second graphic card *virtualizando or easier devote a *HDD with an exclusive monolithic system for this.

In the computing, can exist today a *chaos in the concept of “comfort” and do reference to him because it is a subject. All comfort or all ease never travels alone, always accompanies of his corresponding difficulties, of his corresponding call “small letter” or “*hit in the eggs”, ease *feeds to difficulty and difficulty *feeds to ease, would not work the one without the another. Therefore, when it treats of ease and of comfort of course that also it is treating of difficulty and of discomfort, but of what really they treat for us, is of the possibility to recognise an and again the trace of our results, the advantages or disadvantages that arrive and can find between our eases and our difficulties

Conclusions not to lengthen me more:

it Is true that the computer security so much and in what ours information could result committed, is a subject that can extend to a lot of more areas, as for example, the *fingerprint that can leave one when sailing, the information that leave in computers(servers) that are not ours neither have any control on them, the *Bios of the majority of the *Pcs (*x86), or who is serving us Internet?, and all the *chaos that can surround to connect machines ones with other (Internet)... The problems of security probably are part of what is and expects us, increasing. It is possible, although I do not have neither idea, that to measure that the hardware go being more and more powerful, was a goodbye definite to reduce our system to a monolithic system, by questions of basic security as it corresponded *previously to the classical fashionable past “install you a *antivirus”.

The objectivity is born and nourishes of the subjectivity, the world do it smaller when we shut us in objectivities and refuse the subjectivity. Therefore, perhaps it was not a prank this that the greater security find in the ignorance and the greater freedom in the peaceful and the sober. Perhaps it do not remain him another to the computer security that tackle to this ignorance, that arrive to find this in the encrypted or in the isolation of parts of our system.

Sry for this English, It is a translate by apertium

hack and hack
Hors ligne
A rejoint: 04/02/2015

It's not for anonymity (not as fine-tuned as Tails), but for maximum security.

I'd love to make parts of my OS completely unavailable from the web though, or even from other parts of my OS, though it seems it takes some time to get used to the way Qubes work.
But I'm not sure I need this much security. Plus seeing how much time I've spent on configuring my OS the way I want it (not even fully done yet), I'd get insane with Qubes with it's hardware support issues inside each VM.

Most likely, I'd use different strategies:
- for banking and shopping (I don't mind using both in the same browser), and maybe for some rare and specific browsing, I need JavaScript, which means a dedicated browser firejailed. If I can, I'd use either another instance, or another browser altogether for the rare JavaScript browsing that's not banking nor shopping.
- for untrusted stuff, maybe a VM without external connections. Actually I don't even need that. Actually it could be good to try a package withought messing my main install. Nah, I don't even need that).
- for personal stuff, I'd use a browser without Javascript and also Firejailed, so that anything happening happens in a dedicated virtual folder, nowhere else.
- not being online when I don't need to (I could make a shortcut for that, though I doubt it would work for Ethernet connection).

This suits my personal needs. It's maybe not as safe, but It's good enough IMO.

Oh, and Tor for decent anonymity. Looking for personal medical info for example, though I need to think this through, and see what browsing would be a logical choice for anonymity. Else, I'd just use my normal non-js browser, which is OK, but not as good.
Tails is for the pros, the journalists etc. I'll probably never use it.

Nickman
Hors ligne
A rejoint: 12/09/2016

I don't think I'll ever use tails either

albertoefg
Hors ligne
A rejoint: 04/21/2016

Why??

Nickman
Hors ligne
A rejoint: 12/09/2016

Well, that's not entirely true, I may use it at some point, but it's really for the pro's of GNU/Linux and I'm not (at least not yet)

hack and hack
Hors ligne
A rejoint: 04/02/2015

What Heather wrote. It's just fully tweaked for max anonymity. Of course, for example if you connect to a mail account you created while not being anonymous, then you're not anonymous anymore.
So the only difficulty is the behavior of the user online.

Else it's nothing special. But that also means that it's hardly an OS for normal use.

I mean only using Tor once in a while is enough for the anonymity level I seek.

SuperTramp83

I am a translator!

Hors ligne
A rejoint: 10/31/2014

>Well, that's not entirely true, I may use it at some point, but it's really for the pro's of GNU/Linux

As easy as any debian based distro, only technical skill required is point and click. It is maximum privacy for the layman, that's the goal and the purpose of Tails.

Nickman
Hors ligne
A rejoint: 12/09/2016

Well thank you for the kind words Heather, the only thing for me about Tails is that I'm in college and I log into the canvas website which requires typing in my ID for college, so I'm not exactly sure how I could be anonymous on my college website or the websites where I work on my assignments.

Geshmy
Hors ligne
A rejoint: 04/23/2015

Your college would know you logged in so you can get credit for your homework etc. If you use tor in tails your ISP wouldn't know because the first thing that happens is tor sets up an encrypted channel to the tor network. No doubt they probably know you used tor but that would be all. That's no crime.

You can get tor for Trisquel or almost any OS but I found that it didn't always work unless I found the right tweaks (and I'm no pro either) but tails seemed to come pretweaked you might say. The PC just needs permission in the BIOS to be able to boot from usb first if available (assuming you install it to a flash drive).

If you have the time you might give tails a try. It's a lot easier than QubesOS I would say and also, it's a live OS so if you don't think it fits your needs all it cost you was a flash drive and you can always reformat that and use it for something else.

Nickman
Hors ligne
A rejoint: 12/09/2016

I thought I've seen some people say on here that you shouldn't use a flash drive because the code could basically be changed only so many times, before it becomes useless.

Magic Banana

I am a member!

I am a translator!

Hors ligne
A rejoint: 07/24/2010

You can make a live USB without persistence though.

Nickman
Hors ligne
A rejoint: 12/09/2016

Okay, I'll try that, what do you mean by persistence Magic?

albertoefg
Hors ligne
A rejoint: 04/21/2016

That nothing will be saved to USB and everything will disappear.

http://linuxliveusb.com/en/help/faq/persistence/67-what-is-persistence

Magic Banana

I am a member!

I am a translator!

Hors ligne
A rejoint: 07/24/2010

That. In the "Startup Disk Creator", choose "Discarded on shutdown, unless you save them elsewhere". See the "Trisquel (Graphical)" section of https://trisquel.info/en/wiki/how-create-liveusb

Nickman
Hors ligne
A rejoint: 12/09/2016

Okay thanks guys

Geshmy
Hors ligne
A rejoint: 04/23/2015

An 8 GB flash drive can be had in the Seattle area for about $4 or $5. According to https://tails.boum.org/install/debian/index.en.html you need at least 4 GB. I put it on a flash drive housed in metal with a hole so that it fit my key ring. Thought that was kind of a cool way to go, I've always got it with me even though I seldom use it. Flash drives are probably more prone to wearing out.

Installing it to a DVD would be cheaper.

Nickman
Hors ligne
A rejoint: 12/09/2016

I unfortunately don't have a DVD/CD slot on my computer

SuperTramp83

I am a translator!

Hors ligne
A rejoint: 10/31/2014

Tails on a DVD is unbearably slow. Not recommended.

Geshmy
Hors ligne
A rejoint: 04/23/2015

I downloaded the latest Tails. They now have a tails down loader plugin for Tails that does the download and then verifies it with a click of a button. Pretty user friendly. I hope it's secure.

Burned it to a DVD and it actually runs pretty well on my desktop. Looks like Gnome 3.

While a thumb drive can be altered, a DVD -R can't. But it wouldn't be any good to carry on your key chain.