(www.qubes-os.org)

441 points ploggingdev | 1 comments | 19 Nov 17 16:06 UTC | HN request time: 0s | source

Show context

snvzz ◴[19 Nov 17 17:00 UTC] No.15734641[source]▶

Their weakest point is the hypervisor, Xen, which while a better choice than Linux/KVM, is still extremely bloated and has a poor security history.

Thankfully, better designs such as seL4's VMM do exist, although it might need a little more work [1] until usable for the purpose.

[1] https://sel4.systems/Info/Roadmap/

replies(6): >>15734676 #>>15734739 #>>15734803 #>>15734841 #>>15734956 #>>15735067 #

dijit ◴[19 Nov 17 17:07 UTC] No.15734676[source]▶

>>15734641 #

Could you clarify "Better choice"?

I've been using KVM/Xen/VMware for some time and always enjoyed it. And since Amazon and Google especially are going all in on KVM I'm surprised to hear the Xen is a better choice.

replies(2): >>15734758 #>>15734812 #

hennsen ◴[19 Nov 17 17:20 UTC] No.15734758[source]▶

>>15734676 #

Amazon is going KVM?

replies(1): >>15734776 #

1. hennsen ◴[19 Nov 17 17:22 UTC] No.15734776[source]▶

>>15734758 #

Ah - https://www.theregister.co.uk/2017/11/09/aws_deletes_new_hyp...

Sorry for not googling before asking...

↑

Qubes OS: A reasonably secure operating system