(www.qubes-os.org)

176 points TheFreim | 1 comments | 11 Jul 23 18:11 UTC | HN request time: 0.252s | source

Show context

DeathArrow ◴[11 Jul 23 19:21 UTC] No.36685995[source]▶

>Qubes OS is a free and open-source, security-oriented operating system for single-user desktop computing. Qubes OS leverages Xen-based virtualization to allow for the creation and management of isolated compartments called qubes.

What's wrong with containers? They are supposed to provide better performance than VMs. Are containers less secure?

replies(8): >>36686025 #>>36686033 #>>36686039 #>>36686046 #>>36686053 #>>36686059 #>>36686079 #>>36686206 #

1. tssge ◴[11 Jul 23 19:25 UTC] No.36686053[source]▶

>>36685995 #

Containers share the host kernel, thus the attack surface is as large as the kernel functionality that is exported to the container by the host (usually almost all syscalls).

In VMs as far as I know the attack surface is much smaller as the interaction between the guest and host kernel is limited.

↑

QubesOS – A reasonably secure operating system