with all the talk of spying these days I took a look around to find a secure way to compute and have come across Qubes OS https://www.qubes-os.org/ what do you guys think of the concept? is there anything else like it and what can be done to make the OS better without sacrificing Security?
From an security standpoint its really a amazing concept. Everything is separated into its own little VM. The NICs run in their own security context, the firewall does, you can have multiple browser windows open that no absolutely nothing from each other as each window actually can be its own VM.
The hypervisor is fairly good walled from the network, and you can "aledgedly" create your own programs starting in one of the predefined security contexts (green, yellow, red) or make a vm for, lets say... thunderbird.
I had given it a shot. Yes it... uhm.. works. Convenient? no; easy? no; great looking as of todays standard? to me yes; secure? id say more than anyhting eles; usable out of the box? NOO ^^
If your curious, and want to experiment... dig into virtualisation and think that security is way beyond and above convenience => go for it and let me know how it went =)
I've tested it, it's pretty interesting. Once they add UEFI support it will be able to run on most newer laptops.
Things like this should become the standard for journalists, activists, and others who really need to keep their computer secure and compartmentalized.
Qubes OS is an architecturally perfect operating system. Perfect in every way.
It offers 100% application compatibility with all known applications in all known configurations. It's capable of both seamless integration of fully trusted domains/applications/operating systems and insecure ones at the same time. That is, it allows native Linux apps run on linux while also allowing any version of Windows to run on windows side-by-side. I'm not sure OS/X is supported atm, but there's no fundamental reason why it couldn't be.
Qube OS allows for delivering literally-native performance of heavy graphics applications like games via IOMMU extensions. Not "near native" but NATIVE performance on ALL games that can run on x86 hardware. (wendell did a video on it a while ago actually but on Arc Linux instead, QuebesOS is uses a Fedora based backend so same OS basically)
Two downsides. 1) Extremely deep hardware support required
The IOMMU related features are what provide most of the security both cpu + chipset need to support it. In addition, a dual gpu (such as an iGPU + dedicated) is also required to get the performance required in critical apps (such as when gaming). Operating Systems exist to run applications after all, not the other way around.
2) High Complexity
This technology has been around for a while (~5 years? in consumer grade stuff). QubesOS is really just a shim over fedora that manages a type 1 hypervisor (Xen atm) for VMs. The idea behind the project is to reduce the complexity over time (tackle issue #2). Type 2 hypervisors have been around for a while as well, but are architecturally ugly and don't really provide the performance required in critical apps. Type 1's have the performance but are unusable as desktop OSs.
QubesOS can be set up with IOMMU offering everything: high performance, high application compatability, high security, granular control of applications and resource management. Thus, Qubes OS is the perfect OS.
My recommendation is that If your hardware supports it and you don't mind the complexity. Go for it, and whatever your next system is, it should support IOMMU and have a dual GPU (iGPU+dedicated) just to run that OS.
An OS has 2 jobs. Run the hardware and run applications. Qubes OS does neither. It doesn't even try.
That's what sets it apart from any operating system that's come before it. The founders argue that it's not even an OS, just a layer of software above a hypervisor to manage VMs, a concept never attempted before at that level (Type 1 hypervisor). No other OS/hardware/software configuration can do this while still offering native performance of applications, 100% application compatibility (via heterogeneous VM stacks) and yet still be suitable for native use on desktop level systems.
This is my favorite screenshot. And the one right before looks like a Debian one.