Comment by fsflover
2 days ago
This is probably impossible and also not needed. Choose security through compartmentalization (instead of security through correctness that never works), if you really care about security.
Works for me with Qubes OS.
2 days ago
This is probably impossible and also not needed. Choose security through compartmentalization (instead of security through correctness that never works), if you really care about security.
Works for me with Qubes OS.
Do you daily drive Qubes? I'd be curious to hear about your experiences. I've been following the project from the sidelines for years, but haven't taken the leap.
Do you hate GPU acceleration? Do you hate using most hardware? Do you like using Xorg? Then Qubes is for you.
This is in jest, but those are my pain points - the AMD thinkpad I have can't run it, the Intel one melts yubikeys when decoding h264 video. The default lock screen can't read capital letters from the yubikeys static password entry. Qubes has a certain user that it caters to, I really wish they could get enough money to be able to cater to more use cases. It is not difficult to use it if it works for you.
GPU acceleration is coming: https://github.com/QubesOS/qubes-issues/issues/8552
> Do you hate using most hardware?
Nobody uses "most hardware". You may be unlucky with your hardware, then it's a problem. Or you can specifically buy hardware working with the OS you want.
> Do you like using Xorg?
What's wrong with Xorg?
2 replies →
Just FYI, there are some people that vastly exaggerate the security it provides. For the most part, you're just as safe using flatpak versions of applications.
When was the last Flatpak escape? Last VM escape from VT-d virtualization, which Qubes uses by default, was found in 2006 by the Qubes founder, https://en.wikipedia.org/wiki/Blue_Pill_(software)
3 replies →
Yes, I daily drive Qubes. It's an amazing feeling to feel in full control over your computing and not being afraid to open any links or attachments. Here is my Qubes OS Elevator Pitch: https://forum.qubes-os.org/t/how-to-pitch-qubes-os/4499/15
It's slow for tasks requiring GPU, but allowing GPU for chosen, trusted VMs is planned: https://github.com/QubesOS/qubes-issues/issues/8552
Qubes doesn't compartmentalize the image decoder in a web browser from the rest of the renderer, and if you're serving tracking pixels and can exploit image decoding, you can make serious mischief.
If you use Qubes correctly, then VM in which you go to untrusted websites is disposable and contains no personal information, so there is no mischief to make.
The web page you are visiting contains personal information, and that is where the mischief can be made. All that is required is for the website to incorrectly trust an image, either by not sanitizing a user-uploaded image or by embedding a third party image. Both trust bugs are rampant on the web, and both have caused problems in the past. Adding an improperly vetted image decoder is a sure-fire way to get exploit authors salivating.