Qubes OS: Security Oriented Operating System

Thanks, Mr. Chris. I have been reading about this OS already. Never thought you would make a video about it, let alone entering the secure computing domain.
The U.S: intelligence community and your own government as part of the Five Eyes alliance, are against this as they are enemies of privacy and secure civilian communications.
Not only you are the best, now you are also the bravest teacher. Thank you very much.

The real question is why we didn't get something like this twenty years ago. Forty years ago, the answer was simple: No personal computer networking, and not nearly enough memory. Thirty years ago: still not quite enough memory and personal computer networking was mostly limited to BBSs. Twenty years ago, when the Internet was taking off and the first few generations of viruses and malware were infecting Grandmom's computer and she had no idea why it was slowing down so she just lived with it, this is exactly the sort of thing that was needed.

I'm so grateful to you for introducing Qubes to the wider audience. I believe we need more privacy and security tools for wide population more than ever now. Qubes is so innovative and helpful.

Using that OS would probably expand the minds of most computer users.

One can not become sad when a new video from Explaining Computers arrives in the inbox. Thanks for the good introduction on Qubes

Nice to see someone building an OS to simplify the use of multiple virtual machines. It’s going to help those advanced users for sure.

Let's go and take a ..............closer look. And relax

You pick the best topics from extremely wide ranges of technology... it seems like whenever I find some new gadget or software that is interesting you have already done a video on it

I haven't used Qubes in years. Joanna is a brilliant developer! Thanks for bringing attention to such an undervalued privacy tool! At first, I thought you were running this on ARM SBC and was very intrigued. But you are brave for submitting a Celeron to all this workload.

It is such a cool operating system, it should be renamed “Ice Qubes”. Looking forward to your next video!

Looks like a user friendly combination of Jails+Bhyve on FreeBSD.... very nice indeed!
Thank you Christopher, you manage to educate & entertain in equal measure....very much appreciated...

I found your channel when I was looking for things to do with my Raspberry Pi, but I like that your channel varies from week to week. Sometimes it's hardware, sometimes software. Thanks.

This is a great idea for an operating system. On the occasion when I have a file I'm not quite sure about, I sometimes use an old laptop as my 'virtual' machine to open it. I can see where Qubes would be very handy indeed. Thanks for another great video! On an unrelated note, yesterday my Odroid XU4 arrived. My wife was in the room when I said 'not to worry, Mr. Sicissors will get us in'. Her look was priceless!

I gave Qubes a run roughly 6 years back now and just couldn't come to grips with it at the time - thanks heaps for this great explanation Chris... might be time for another spin round the block with this 👌

I Started Watching Your Video But Got Off On The Hardware So Much, I Had To Go Watch (Like & Comment) Your Video From April Featuring The Board Itself. You Sir Will Always Rock!

Thanks for presenting this. I've heard about the OS before, but I didn't give much thought into it as I didn't know all of it's use. As usual, you have broken it down into very clear and concise concepts.

I have just watched an excellent and informative video on an OS that I will never use!
Well done Chris...

I am blown away - that OS is absolutely amazing. Thanks, as always Chris!

Very interesting. There are a lot of features provided by the CPU vendors that are included so that wise system programmers can lock things down. This OS takes advantage of some of these arrangements. I am interested in learning more :-)

Just got the notification, and here I am. Can't miss a moment.
Qubes is an amazing OS for someone wanting virtual system environment.

Will I use this? Likely not but fascinating nonetheless. Perhaps more important for me is the relaxing interlude I get every Sunday morning, so valuable during these times. Thanks Chris!

You definitely need to explore this thing more by testing out a windows template and by doing some performance tests with stuff running on native operating systems vs their virtualized variants.

The concept is great! No need to use Vmware/Virtualbox to operate multiple OS in one machine.

Brilliant as usual

I've watched a few videos on this OS, and found yours to be the best tutorial, and presentation. Thanks as always!

As the computing power available to us supersedes our ability to even make effective use of it the majority of the time, an operating system like this that puts virtual machines front an center of everything becomes more than just a grand security experiment, but entire in-home mainframes could be possible that could be running any operating system ever.
The ease by which a person with one, big, powerful machine that they maintain and upgrade can provide sandboxed computing environments for an entire household with just a few clicks excites me more than the security implications.
Everything else is networked dumb terminals. Most people won't WANT to do that, but .. I do. Something about that idea just excites me a lot.

Excellent introduction to Qubes OS.
Only watching it now as I am new to the channel.
Clearly there is security value in separating different tasks in
different virtual machines. But attack vectors will still exist.
The cross-cube copy mechanism being a case in point.
The Windows sandbox could be used in a somewhat "similar" way.
But already people are discussing how to hack it.
Cross VM hacking is not unknown.

I enjoy learning from this channel your videos are very well thought out and flow nicely so staying tuned is easy.

A very ambitious project.

Good to follow-up with a video on the Windows "Sandbox" feature.

Deffo looks like one for a test drive and possibly much more.
Thanks for that!

As usual you give us valid and brilliant information. I just started with Qubes OS two days ago, after i found a laptop that could run it. Just took me 1½ years of waiting. And I was wondering how to install like Libress in Qubes OS. Because i could not get access to the internet. But you show us how, so now i gratefully can continue my new quest with Qubes OS. I hope you will make more stuff about Qubes OS.

Hi Chris. Just want to thank you for your great in depth technical videos. I used to watch Twit TVs Screensavers way back when it was very technical but they transitioned to just talking about phones and of coarse the show is now gone. Hope to keep seeing more of your great videos for a long time to come! Thanks again!

WOW! Extremely interesting video Chris. Fastest 17 minutes I've spent in quite some time. Well Done. Thanks.

I've known Qubes OS from the first release and I can say it the most secure OS I can think of. Great desktop OS.

अभिव्यक्ति के दो ही लक्ष्य होते हैं, अगर बंधन में हो तो तुम्हारी अभिव्यक्ति होगी बंधन को तोड़ना और अगर मुक्त हो तो तुम्हारी अभिव्यक्ति होगी मुक्ति का गीत, इन दो के अलावा बाकी अभिव्यक्तियाँ नहीं है, वो विक्षप्ता है। आध्यात्मिक अर्थों में अभिव्यक्ति मात्र आत्मा की होती है। मन और शरीर के माध्यम से आत्मा अपने आपको अभिव्यक्त करती है, मन और शरीर का उचित प्रयोग भी यही है कि वो आत्मा कि अभिव्यक्ति के साधन बने।

We use this pretty exclusively to maintain our client's networks, nice to see a video about it!

Excellent - somewhat familiar with Linux and seeking security and privacy but couldn't make head nor tail of Qubes until your video - thank you!

Very interesting. I have been doing something similar with both physical and virtual machines for years. Curious about high level security and also concerned about the single point of failure. Then again most people don't have a Windows domain in their house like I do.

Another clear, interesting and well structured video. Thanks, Chris

5:58 Looks like you didn't quite go with the defaults. You can see the tick appear on the "... updates over Tor ..." option. Perhaps you double clicked where only a single click was needed. ;)
Anyway, nice video Chris.

OK, I always enjoy your videos, but this one has me more animated than usual on a Monday morning!

Thank you, Chris. Great presentation! I, too, am impressed with Qubes thanks to your excellent introduction. I will download 4.0.3 and play with it myself. I have heard of it before but never really looked at it until now... and I can see it really is impressive! *Can I suggest a part II to this?* Could you demonstrate a Windows Template? I would like to see you install that template and make a Windows Qube and add some common applications like say Office or even just Word? If you choose to do so, could you also pick higher-end hardware to demo on? The Odyssey X86J4105 was good for this exercise but adding a new Windows Template I think will require say a 16 GB System with a fast M2 drive and a modern i9 Intel or 39XX AMD processor?

An excellent video, as usual . I'd never before heard of Qubes OS. What a fascinating concept!

I know of Qubes because Snowden mentioned it in an interview. He uses it. He probably even gave the Devs feedback on it.
Its a very interesting indeed

Fascinating...I loaded to a dell E7240 ultra-book which has a 512gb msata drive and 8gb of memory and it seems to be quite happy. I did have to fiddle a bit with usb drivers but well worth the effort...connected to my wifi without fuss but much faster via Ethernet and the UI is very pleasing to navigate...Thanks 👍 !

Remember your PC build with that 40GB SSD? And that small case? Back in 2014. I am from those ages....

Thank you, Chris. Great job. Your videos are always worth the time to watch. I learn something every time.

I’m impressed Prof, this is the ultimate sand boxing of apps on one system. I like it.

Alright... this OS is pretty slick. I thought at first the separate virtual machines were only limited to 4 at a time because of those squares at the top, I didn't expect that to represent 4 individual desktops.

It is interesting to see Xen used in the workstation / client arena, I suppose it only makes sense and yes very nice wrappers around the xen tools to create dom U's via templates which is very similar to the text only templates for server grade installations.
Haven put this on lower grade hardware the demo here just goes to show how robust / mature the XEN VM archetecture is and should be a testiment to it being the best solution for any VM requirement. Linux has a number of VM options those being XEN , VMWare , QEMU , VirtualBox , KVM each has its pro's and con's and use case.
This was a good overview of a good use case for Xen.

* EC Fires up Qubes demo* Clock just happens to be set to 1:37 PM in 24hour time. Nice.

Great video for a cold, quiet sunday.

Very interesting concept for an OS. Thank you for this great introductory video about it.

Thank you for another very informative and potentially useful video and OS solution scheme. Virtual operating systems have long been touted for their benefits for security, but I've never heard an adequate explanation about how to prevent the virtual machine layer itself from being compromised. If that happens, especially without detection, the keys to the entire kingdom are lost. In fact, I'm completely sure the usual suspects are working very hard to make that happen, if they haven't already succeeded. We've added all manner of security mechanisms and protocols to the traditional layers, but what security provisions are designed and built into the virtual layer that might give us assurance? Yes, I know Qubes is an "open source" system, but I don't believe that is sufficient, anymore than it is for any other open source product.

I really appreciate the time you take editing. Nice video

Cool idea that seems pretty complex to set up but I'd imagine it'd be pretty easy to use once you got used to it.

Nice looking OS and vid, I just realised theres a merchandise page :) brilliant, can't wait for my first Sunday cuppa tea with Mr Scissors..

Interesting concept. Software companies like Microsoft and Apple that use proprietary OS's would be challenged to adapt to such technology. With so many flavors of OS's available, the eventual necessity of a standard OS such as Qubes may end up being promoted by hardware manufacturers!

That's pretty amazing. My PC probably can't run it, but the next I build might be a qubes machine.

Quite interesting. Not something that I can see myself using. But, a very informative video as usual. Well done, Sir!

I use Qubes as my main OS and can't live without it.

Very interesting. It would be nice to understand any performance penalties imposed by this additional security.

Hi Chris,
Nice Sunday afternoon tech mood created by you on weekly basis :)
Indeed those days is a good choice to protect yourself; socially, biologically and digitally as well...
I am using virtual machines for quite a while but the devs of this OS is having a different yet interesting approach. For a nubie like me is similar with Docker but with a desktop environment.
By the way, are you planing a video about Docker ?
And also I noticed you "switched" from Mint to Ubuntu ;)

Afternoon sir. Hope you're doing well and keeping safe!

Tips: If you use "dnf" to install program. You don't need to "turn on network" on template qubes.
Also fedora 32 is released. That's mean Fedora 30 will get EOL soon. Consider switch to fedora 32 template VM
You can follow TemplateVMs form QubesOS User Documentation for more information

Kinda reminds me of Bromium which got acquired by HPE last year. Of course, Qubes goes a bit further by taking privacy onto account with Tor, so that's nice, and it's also open-source.

I don't care where I placed in the comments, I enjoy your videos on Sunday mornings with my coffee and breakfast :)

Nice coincidence. I just was looking into this this week. The inventor is a very smart woman, Joanna Rutkowska, and she is definitely looking out for us. I trust her. Which is saying a lot. And the OS seems to have thought of everything, including obscure things.

Love your stuff and love your style. I teach IT professionals and usually find some cool nuggets in your videos. I will admit, though, that one of my pet peeves is folks pressing Apply then Okay. That's redundant. Apply saves your changes but leaves the dialog open so that you can make more changes. Okay saves your changes and closes the box. No need to do both.

What an interesting and novel approach to an OS. Based up the video, its seems that the user really needs to choose a specific template to serve as the basis of all of their qubes. Otherwise, the user would need download and install apps for each of the templates, taking time and storage space. Thanks for an outstanding video both in terms of the introducing the Qubes OS to the community and the excellent productin values you bring to each of your videos. Keep up the excellent work.

Glad to see qubes getting some press!
1. when installing, you dont need to make a root password. just a disk and user pass. dom0,the controlling vm, is already root.
2. when adding software to a template, dont enable networking! its off to protect the template. theres already a proxy, by default running from sys-firewall, for software installs. you can turn it off, for example, for software downloaders.
3. the fedora-30 templates are no longer supported. update to fedora-31 or fedora-32, which should be out by the time you read this.
4. you can customize and have multiple dispvm templates since qubes-4. for example, you can add noscript and a malware blocker to firefox in a dispvm template, maybe make that your default, and keep another dispvm untouched for other uses.

i accidentally fond this channel while looking for zorin os

Amazing. They need a tester to see how your system will perform with this OS.

I believe Chrome OS uses similar features (although not as advanced) for added security and reliability. For example: All Chrome OS updates are installed to a back up copy of the Live OS in the back ground. Once the Chromebooks reboots it boots into the second copy. This redundancy of the operating system solves so many of the problems Windows 10 has with updates.
I have read everything is "sandboxed" in Chrome OS. My understanding is There are multiple Virtual machines for Chrome, Android, and Linux.
The main built in security features of Chrome OS is also depended on its ability to run different VMs.
For example, every use account get fully encrypted in a separate VM that has its own unique settings and applications.
That is why High End Chromebooks like the Originsl Core i5 Pixelbook are a great choice!. I bought the Corei7 Pixel book.
I also like the settings of Chrome OS. It is very simple and straight forward. Just search for anythimg you need to change in the settings search bar and you will find it with ease.
The only confusing thing about Chrome OS is the multiple app stores and the fact that files downloaded to the local SSD are not backed up by default and when you delete them you can not undelete them. (There are no trash cans for the local SSD as users are meant to use the Goggle cloud storage as their primary storage).
Also note worthy is the amazing support for peripherals (drivers) in a plug and play fashion.
Lastly, the way 2nd and 3rd monitors are supported are impressive in Chrome OS.
All of that to say Chrome OS offers some of this functionality and more in a seemless fashion for the casual users.
That being said, I am very impressed with Qube OS. This was anotherfantastic episode. Thank you! 😊😊

Excellent Chris, I will give QubeOS a try, thank you very much!!

Secure environment for things you have to keep secure, but things you want to keep, I think I would always backup in the most reliable and simple way possible. It would be a bad thing if you had multiple need if media locked so you could never get it back. there are cases when you may need good security and this seems to be a pretty good way of doing it.

I originally found this channel while browsing without an account and just now remembered I didnt subscribe. Now I get to catch up from the past month or so!

I’m very tempted to start using cubes. I like the concept of it, and it’s not too far from what i do now with arch. This doesn’t take care of all of ones security needs, but can really help out a lot. being careful with what cube one is using at any point is very important. Still, it’s an amazing idea

This is kind of the promise of MS application guard, but it's been so slow coming that it feels like it's never going to happen. I will be using this almost immediately.

Looks like a VDI server, but just in a single tiny SBC.
Great video in sunday evening in korea, thanks sir.

That's a very interesting and innovative use of virtual machines, definitely very cool!

Very interesting. Nice security via virtualization

This is quite a neat OS. I think I might convert one of my systems to this for testing untrusted websites. I like it.

That is indeed the best OS innovation i have seen in a long time. Thank you.

Interesting OS a multi implementation VM system its all sandboxed and secured on its own box .something that smells bad gets the toughest box thanks for the look around this OS professor Christopher.

6:41 I note that the time on the clock is 13:37. Which is, of course, the best time.

Excellent video!
The only thing I would add is you should never set a root password at install. It's more secure to only access root through 'sudo', and this is the default implementation in most popular distros such as Ubuntu.

Wow !
This OS is something else isn't it.
Great video as usual .
Thanks EC.

Hi Chris,
Perhaps have a look at Ventoy sometime - it installs once to a USB stick - then you can copy multiple ISOs to the second partition it creates. Select the image from Ventoy's boot menu and it starts up as usual. Very handy for situations like this - just throw the ISO on to your Ventoy stick instead of having to find a spare drive. Also saves from having multiple drives for frequently used images. I've been trying it out with Linux Mint, CloneZilla, UBCD, FreeDOS and a few Windows 10 installers - all working OK so far.

It’s all in the qube!

Pretty Cool... Like different containers preconfigured. Very useful. Thanks for sharing 👍

This would do wonders in a less secure system like Windows, which tends to give privileges to anyone who asks.
I would like to reinstall my Windows and start things anew by having a sandbox in place, running most of the programs in it. That way I can keep the system clean for a longer period of time.
All this would be much easier with Qubes OS in place!

Would like to have seen how to save a snapshot of a non-disposable Qube for use as a disposable Qube. Also installation of additional command-line software (development environments, etc.) in Qubes.

Thanks Chris!
Please consider revisiting the current version of Qubes....

Thank you Mr. Sissors, it's a brillant video 👍👍👍

Listening this Sir, I learn English language also. He is perfect !!!

I was just watching a video about the contributions of Linux to the world other day, being virtualization one of them. This... is another whole level. It's just amazing.

Chris might I suggest using Stellarium as one of your test programs. It's multi platform, exercises the graphics capability, looks great and we could take a ride to a distant object in space rather than the a boring word processor with Hello on the screen.

Very cool concept thanks for the detailed video