Security and privacy is always has been important to everybody.We do like to keep things in check all the time.In this day n age everything runs on software.Which always inherently vulnerable to attacks (aka they call it bugs :P). Most of device now connected to internet and runs on Operating systems that we have no idea of, what they are doing and to whom they sending our information’s.
Recently i’m using a new type of approach to Operation System called “Qubes OS“.Its a quite interesting little OS with Virtualization base on Linux. I like Unix-like OS’s because of there different variants,stability, customization and It’s free to use. I personally like Debian GNU-Linux because it stability and wide range of hardware support.
Qubes os purely focus on the security.Designed around the concept of security by isolation, by using domains implemented as Xen project virtual machines.which is making the isolation seamless through an innovative architecture that minimizes the amount of trusted code.Qubes uses virtualization to isolate different applications. This means that your web browser will be in a separate environment than your file browser.
Website : Qubes OS
The installation process was fairly easy.It’s like Debian installation, where you choose language, timezone and then how you want to install the operating system on your harddrive. I installed without encrypted .But you can chose with encryption with LVM. Im using a old laptop, it was laying around.The pc not very good for Qubes os but for testing it will do the job.If you like to run lot of VMs better have Powerful computer. Qubes os kinda power hungry when you want to have many VMs.Any quad core with more than 4-8GB ram will do.
Check your hardware before install. Hardware Compatibility List
After a successful installation you need to reboot the computer to later configure on how you want to use Qubes. If you are an expert you can create templates(VM’s) on your own, but the default creates few VM’s for you such as work, web, untrusted and disposal etc.The default settings and still get good security and utilizes of the concept.
Now the things i like about Qubes….
- Total Isolation
Qubes locks down each and every parts by separate and compartmentalize its environments. Each component of the OS is relegated to a domain structure that is isolated from all other domains.Virtualization operates on two fronts “software and hardware”. So hardware controllers are separated into a domains such as USB controller and software gets into domains with varying different trust levels.
The concept is a very wired if you coming from windows or OSX platforms. You can have multiple domains running on the desktop at the same time. Its like space between spaces :). They appear on the screen as windows running applications in a traditional Linux desktop.But the application are running in separate VMs within Qubes Eco system. The barriers between domains are rigidly enforced, even performing simply copy and paste from one domain window to another requires procedures and authorizations.
- Self-Destructing or Disposable
If you open a disposable domain, whatever you run and whatever data you generate from apps within it cease to exist when you close that domain.They can be created for a single task and once that’s complete they’re totally gone.For instance open a web browser in a disposable VM, you can do whatever you want like bookmark sites, add them to your favorites, save cookies. Once you close that browser, everything from that session is gone. Open another web browser in that disposable VM will show nothing saved from your previous session.
With any domain, there’s a option to open something in a disposable VM. Therefore, if you download a file in a work or personal domain, you can right-click and open that file in a disposable domain.This is an excellent means to avoid contaminating a domain. If you download a file from an untrusted source, you can save it in your work domain and execute it in a disposable domain.
Personal i like the concept of these kinds of approach with OS .But you kinda need to be use to it, before use it as your daily driver.I can say this is way better than windows or mac in terms of security and applicability. Felt really secure and user friendly. It does have a learning curve, but that’s security in a nutshell.Hope this will the future of Desktop Operating system Architecture.