Given how common supply-chain vulnerabilities have become, I’m surprised more teams haven’t adopted Qubes. To compromise a Qubes setup you’d need a Xen sandbox escape which is possible but vastly more difficult than running a simple bash script from a post-install script.
I’ve daily-driven Qubes for about a year and it’s been easier than I expected. The main drawback is gaming because you need a second GPU and the GPU passthrough setup is annoying. I don't game much, so I use the CPU's integrated GPU for dom0 and reserve my dedicated GPU for general hardware-acceleration e.g. smoother youtube playback.
this is a good OS but mainly because using it will be a little impossible without considering certain things.
if you do consider those things you could do almost as much on other systems (bsd mainly but also linux to a degree). hw isolation is not, but if that is what you defend against you better make sure you do all other things 100% right 100% of the time.
it does serve a real purpose for hw isolation and imho if you need that level of security is pretty much the only option outside of a custom build which would amount to something with similar properties.
still it would not help against certain hw based attacks. mainly evil maid type of things. not a rogue cpu or nvme drive...
Given how common supply-chain vulnerabilities have become, I’m surprised more teams haven’t adopted Qubes. To compromise a Qubes setup you’d need a Xen sandbox escape which is possible but vastly more difficult than running a simple bash script from a post-install script.
I’ve daily-driven Qubes for about a year and it’s been easier than I expected. The main drawback is gaming because you need a second GPU and the GPU passthrough setup is annoying. I don't game much, so I use the CPU's integrated GPU for dom0 and reserve my dedicated GPU for general hardware-acceleration e.g. smoother youtube playback.
this is a good OS but mainly because using it will be a little impossible without considering certain things. if you do consider those things you could do almost as much on other systems (bsd mainly but also linux to a degree). hw isolation is not, but if that is what you defend against you better make sure you do all other things 100% right 100% of the time.
it does serve a real purpose for hw isolation and imho if you need that level of security is pretty much the only option outside of a custom build which would amount to something with similar properties.
still it would not help against certain hw based attacks. mainly evil maid type of things. not a rogue cpu or nvme drive...