←back to thread

Qubes OS: A reasonably secure operating system

(www.qubes-os.org)
441 points ploggingdev | 3 comments | 19 Nov 17 16:06 UTC | HN request time: 0.462s | source
Show context
magnat ◴[19 Nov 17 19:48 UTC] No.15735557[source]
Joanna's (Qubes OS Founder) blog [1] is a gold mine when it comes to hardware-software boundary security. Especially "State considered harmful" [2] and "x86 considered harmful" [3] papers are eye-openers.

[1] https://blog.invisiblethings.org/

[2] https://blog.invisiblethings.org/papers/2015/state_harmful.p...

[3] https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf

replies(4): >>15735998 #>>15737955 #>>15738236 #>>15739388 #
jstewartmobile ◴[19 Nov 17 21:21 UTC] No.15735998[source]
That's why I don't get Qubes. She knows what a steaming pile PC hardware is, and decides to write a spinoff OS for it???

Seems like she'd have more effect designing hardware.

replies(3): >>15736035 #>>15736356 #>>15736980 #
1. dillon ◴[19 Nov 17 21:29 UTC] No.15736035[source]
I believe I remember reading she aims at solving the issue of hardware and software vulnerabilities. I can't find the source, but she mentions that there's too much code out there that it would be impossible to secure everything.

Qubes' design means hardware and software are all separated so a vulnerability in one doesn't mean exposing another.

I like that in their docs they mention an approach they take and when it isn't secure[0]

That being said the main point of security contention is the admin (dom0).

[0]: https://www.qubes-os.org/doc/copy-paste/

replies(2): >>15736238 #>>15736467 #
2. jstewartmobile ◴[19 Nov 17 22:13 UTC] No.15736238[source]
But those two things are not independent. If your hardware is fundamentally broken, hypervisors can only paper over so much.

Between the twilight of Moore's law, and the success of open-source software, I just don't see that much long-term value left in x86+PC.

3. fghtr ◴[19 Nov 17 23:06 UTC] No.15736467[source]
I think you mean this paper:

https://blog.invisiblethings.org/papers/2015/state_harmful.p...