←back to thread

QubesOS – A reasonably secure operating system

(www.qubes-os.org)
176 points TheFreim | 1 comments | 11 Jul 23 18:11 UTC | HN request time: 0.224s | source
Show context
legrande ◴[11 Jul 23 19:15 UTC] No.36685913[source]
What kind of threat model requires someone to use Qubes? I know Snowden uses it and there's even a testimonial of him on the Qubes site recommending it. Is this for people on 'lists' or are high value targets because they visited the wrong site or said something the authorities didn't like and their machines are now being targeted?
replies(6): >>36685957 #>>36685977 #>>36686014 #>>36686031 #>>36686103 #>>36686127 #
thoughtbag ◴[11 Jul 23 19:23 UTC] No.36686014[source]
I know what Theo says about (x86) virtualization[1], but I think it's still useful to virtually separate your random browsing the web from things like health and banking, or where you keep your ssh keys (if you don't use a Yubikey or similar to keep it off your laptop) -- or other secrets.

You can be a victim of a random drive-by, you don't have to be a person on a "list".

[1] https://marc.info/?l=openbsd-misc&m=119318909016582

replies(1): >>36686341 #
Syonyk ◴[11 Jul 23 19:47 UTC] No.36686341[source]
Yeah. He's probably right. When we first saw Meltdown/Spectre/etc, and he preemtively disabled hyperthreading out of an abundance of paranoia, turned out he was right...

It's all broken, all the way down. However, compromising a browser or kernel is still a lot easier than compromising a hypervisor. At least in terms of number of known exploits.

Qubes tends to make very limited use of the riskier parts of Xen anyway, though. A lot of the security notices for Xen don't apply to Qubes because of how they've configured things or what features they use.

replies(2): >>36686544 #>>36687745 #
1. thoughtbag ◴[11 Jul 23 20:05 UTC] No.36686544[source]
He's been right more times that I can count. Abrasive guy for sure, but he has decided not to suffer idiots. And he does what he does for himself; we are lucky beneficiaries.

Agree wrt your arguments; it's also why I write this in a browser in a VM that is not used for anything else than this sort of thing, and periodically I will roll back to a recent snap shot with a clean browser.

(I do not use Qubes, but I do like their work.)