QubesOS – A reasonably secure operating system

QubesOS is very cool but I've always thought it'd cool/better if it was a patchset or repo on top of an existing distro like Archlinux or NixOS. I think that would be useful so you could adopt features from QubesOS individually and swap out different components. For example, it'd be nice to use KVM (QEMU or even crosvm) instead of Xen or build a Wayland based system instead of X11.

There is actually a project which aims to do that: <https://spectrum-os.org>

Unrelated to QubesOS.

I guess adding more variation to QubesOS systems would make it less secure as there is more room for bugs.

If you have the skills to port the tools to KVM, please do so. There's a shortage of sufficiently paranoid low level sorts with the time and interest in the hacking on Qubes.

Getting it working on ARM is also of interest.

>For example, it'd be nice to use KVM (QEMU or even crosvm) instead of Xen

Or even better, seL4, for which an effort exists[0].

0. https://trustworthy.systems/projects/TS/makatea

They did consider KVM initially; I don't know how much things have changed and if they've reconsidered. The reasoning was that KVM's means of virtualization is too closely coupled with the Linux kernel, whereas Xen's hypervisor and dom0 are more separable.

> In Xen, at no point does the execution path jump out of the hypervisor to e.g. Dom0. Everything is contained within the hypervisor. Consequently itʼs easier to perform the careful security code audit of the Xen hypervisor, as itʼs clear which code really belongs to the hypervisor.

From the original 0.3 spec