Turn your IT hobby into a job!! Learn Linux and other skills with ITPro: ntck.co/itprotv (30% off FOREVER) *affiliate link 🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy TIMESTAMPS --------------------------------------------------- 0:00 ⏩ Intro 1:00 ⏩ What is Qubes OS? 3:55 ⏩ How Qubes works - App Qubes 5:40 ⏩ Service Qubes 7:41 ⏩ Qubes OS SYSTEM REQUIREMENTS 9:28 ⏩ STEP 1 - Qubes OS Install - Download Qubes 10:35 ⏩ STEP 2 - Virtual Machine Setup 13:33 ⏩ STEP 2 - Physical Machine Setup 15:46 ⏩ STEP 3 - Installing Qubes OS 17:17 ⏩ LINUX QUIZ CHALLENGE!! 18:42 ⏩ STEP 4 - Initial Qubes Configuration
One useful analogy that I explain to people about security. You basically have a slider. At one end is secure and at the other end is usable and your risk tolerance sets the slider position.
not neccesarily, even if your system is compromised at for example UEFI level(which every consumer computer is compromised at that level), if you can properly isolate your work environment then there is a good chance its still protected.@@Arachnoid_of_the_underverse
One of the reasons why they advise against using nested virtualization is because it negates some of the privacy benefits of Qubes. The Virtualized networking in Qubes is IMO it's best feature. The firewall isn't an add-on to the OS like other OSes but rather an integrated feature like Tails. You can completely control what packets leave your computer, choose what avenues they take (vpns, tor, proxy chains, et)., Create combinations. Whitelist/blacklist ips and apps. If you throw Qubes on a normal OS and virtualize it, the host OS will leak packets. If virtualized on Windows 11 things are even worse as Windows has practically become a keylogger.
quote: " If virtualized on Windows 11 things are even worse as Windows has practically become a keylogger." AMEN there. I've been on windows for decades and it gets worse and worse every year with tracking and monitoring.
@@surfingsub5854 And it's about to get way worse with AI integration,. Big brother is almost here. Putting aside the legal aspects , from a spying capability standpoint soon pretty much everything we do on our computers will be tracked by AI. I think once people understand the power that governments and corporations will have with AI running on our computers you will see a huge interest in OSes like Qubes. It's not quite average consumer friendly yet but from privacy capability standpoint it's far superior to any alternative I've tried. Tails is ok from privacy end of things but not as versatile. AI has its uses so I'll still use windows too but when I want privacy I switch to my linux box and a variety of virtual instances.
@@MrAw3sum Too long a list to write all the sketchy privacy things windows does but I can tell you the biggest one.... encrypted mystery telemetry. Windows computers are contacting Microsoft servers constantly and we have little clue what data they are sending. Microsoft is vague in describing precisely and there is no built-in feature to turn off telemetry entirely. THere is a third party tool called ooshutup10 that can shut off telemetry but if you are inexperienced I wouldn't recommend it. I don't use myself because turning of features with telemetry can have negative side effects and Microsoft can turn telemetry back on with any given update. It was too much of a time waster for me to use. The approach I would recommend for semi-privacy is get a second computer with some linux distro on it and use that when you want to do something more private. Don't use your real name or connect to any service that uses your real name when using it. Ubuntu would be good choice with a newb. (Qubes is still for advanced users at the moment). Maybe subscribe to a VPN service that you can also use on that computer. Keep in mind though, obfuscation is not pure anonymity. IMO only someone very experienced in tech has any practical hope of that online. And even then it's a lot of work and impractical for daily driver. If anyone plans to send nuclear secrets to North Korea from their home the NSA will get them lol.
I drank the QubesOS Cool Aid for a few months, but I got out of it. It's important to understand that, like all security models, this system is only able to protect you from the specific threat model it was designed for. In particular, QubesOS was designed to protect from information leaks caused by software flaws.
@@DarnIDidntKnowThat Ever hear your friend or family talk about how their social media account got hacked? Well... the account didn't get hacked *THEY* got hacked, by getting tricked into doing something dumb. By far, the largest percentage of "hacks" on the internet are social engineering, not software exploitation. QubesOS protects you to a very high degree of confidence from software flaws. It doesn't stop you from being dumb on the internet though.
I'll try to answer but obviously I can't read his toughts... Qubes OS is extremely good at compartmenting your activities (and no contrary to what @NetworkChuck said, setting up VMs is not as secure (there are some explaination in the Qubes OS documentation). But it won't protect you against tracking (cookies) unless you make use exclusively of disposable VMs via Tor (as your IP otherwise is the same from one Qubes to another from the perspective of web servers tracking you via Google/Facebook or whatever other tracker). You can have one of the most secure password manager (half of it, the wallet is in a disconnected from the network qubes, the other half is connected to clients Qubes leveraging PgP). The most important thing is I believe to help educate people about "true" security. Once you've spoken with people in this community you start to grasp how much you don't know about security when you though you were the boss using your Kali VM.
It's a cool idea but it's a pain for the avg user to navigate it etc. Installation can be a nightmare as well. I think it'll be another 5 years or so before it's more mainstream. Personally I want the VM manager stuff in a normal Linux setup. Take out the annoying stuff like separate keyboard copy buffers etc and just allow it to dumb paste into where ever but have the VM seperation and you've got my ideal OS.
@@skilletpan5674 If I'm being honest, QubesOS has other issues as well. I just didn't care to comment about them as it's likely to start an argument that I don't want to be involved in.
I used it for about 4 years as my main OS for my development machine with Debian in the VMs. I don't have too high security requirements, but I like the compartmentalization. There wasn't anything to hate in my opinion. It worked really well all the time - until recently. An update broke my install and I wasn't able to repair it. I tried NixOS, as I planned for a while, and I'm hooked and switched away from Qubes. Not as secure, but I can't resist the declarative configuration.
@infonotforsale-dx2nb It's easy enough to make backups. Security always comes with some inconvenience. It's a niche and therefore has limited resources. If you do need the security it's definitely worth it. If you don't need it then it's not so clear cut but they are very clear about who their target audience is. I don't see a reason to just discard it.
I so want to use Nix, but EndeavourOS has not given me a reason to change for almost two years now :( I do tinker with it on an old computer though. At least i have the config ready if i need to pull the trigger on my main one. :D
"nobody cares about it" until macos adds it. @@the_alien293 , you remind me of my brother who hates linux. that's exactly like saying that "i want the internet to run on fast hardware with software that slows it down" since windows is incredibly slow especially compared to linux. most of the websites on the internet are running of of some GNU based OS (or alpine linux lol)
Although a window manager like dwm is more auditable than xfwm and its related components, there are aspects of the qubes user experience that effectively require that the graphical interface have more functionality both through daemons and interface options. Inter-qube clipboard, inter-qube file transfer, managing allocation of hardware device access among qubes all require daemons to track clipboard usage, new right-click options in both the guest and the hypervisor interfaces, and a significant amount of python scripting to glue it all together. Personally, I'm trying to weigh the completed form of qubes' user experience (for lack of a better term) vs making containers and small VMs on a more minimal distro where I could run dwm and friends as the defaults.
In fact it is one of the core benefit vs having VMs, because if what is running in your graphics card guest compromised, you lost. With QubesOS (you don't natively have GPU/3D), each VM paint it's "display" using a virtual graphics card, the windows manager, which runs in Dom0 is copying this frame-buffer in your video card frame buffer. It also leverage this functionality to "remove" vulnerabilities in PDF (which may compromise your printer for example). It use a disposable VM to render the PDF, and another disposable VM to capture the image of the rendered PDF and then generating a PDF with all the pictures.... You loose the copy/paste functionality, but your target PDF can go in your safer research qubes without being a risk of compromising your PDF reader. All of this is "transparent" (if I remeber it is just a "send to PDF cleaner" type of right click menu.
Nothing is cooler than running windows 10, 11, Mac, Kali, Debian, Fedora, Mint, Ubuntu, & Arch all right next to each other in Qubes! I hope you will give 4.2 another chance! If you're committed to moving on to something else perhaps you would consider creating some content for the Xen hypervisor? Thanks for another informative video chuck! Looking forward to more!
I love Qubes. Sure there is a steep learning curve but once you got used to it it's hard to go back to a regular OS. Having an hypervisor running as the main OS on your computer allows for a lot of things, it goes beyond security. I keep using it not because I have to for security, but because I really love it.
Based on the title I was expecting an OS so locked down it was painful to just use. I know security does not equal usability. But Qubes OS looks awesome! As soon as you started spinning up VMs on the fly my mind was blown at how cool that was! There are some obvious drawbacks, like needing an ungodly amount of RAM for the more stuff you throw at it, but I'm sitting over here thinking, "I could actually daily drive this and it wouldn't be that bad! Realistically, I wouldn't daily it, just have some fun, and be aware if I ever need something crazy secure, I know the OS to go to. But this is very usable! Which goes to show, security, even really good security, doesn't always need to burn usability to the ground to be effective.
Ngl, the idea of "Why don't we just run each app in its own little sandbox" crossed my mind several times, but to see an OS spin up a whole XEN VM for it... Wow. Cool concept, and fact that they got it so far already.
The problem with this is, it will be hard to run programs (for a normal computer user atleast). For example lets say you download minecraft mods, and you use a mod manager. The program need to find minecraft order it to run.
@@RavDeBest lol that can be configured it is like docker the linkage is via uuids you can have parts of the Software running in the other part of the earth
Rufus is good, but have you tried Ventoy? It lets you create a bootable usb once, and then you can just drop iso's onto it, letting you select the right one through the bootloader.
I use Qubes OS as my daily driver. Good points are that i am so much faster than everyone i work with at spinning up test VMs. My Facebook etc is not visible in my work etc. Also if i share my screen in slack Qubes only makes windows visible in the qube that slack is executing in. The strict networking is great for testing our networking product. The things that suck are i have a new laptop and have been running the beta version with a few quirks. I sometimes find the USB camera can disconnect meaning i have to add remove the software device to the qube. Audio can sometimes be a little weird. However i do think it's awesome. I also have Windows and FreeBSD qubes up and running as well
@@jaredclark3231 it's okay. No sound and haven't got the clipboard integrations working yet. Speed wise it's okay but I've got plenty of RAM and CPU for it. Does what I need to test some windows software.
@@vk3fbab Damn. Yeah i keep hearing how buggy it is. I wonder if theres any way to fix that problem. If that gets fixed this distro would be bulletproof…
@@jaredclark3231 sound seems like a no go because someone needs to make a windows driver that can pipe the audio into pulse audio. Don't think it's high on anyone's radar. I think the clip board can work I just wasn't able to get it working and haven't gone back to look at it
I got a score of 100 points! (out of 120) The only question I didn't get was with Linux containerization. (Something I haven't messed with or learned about yet.)
Second google hit " But unlike a virtual machine, rather than creating a whole virtual operating system, containers don't need to replicate an entire operating system, only the individual components they need in order to operate. This gives a significant performance boost and reduces the size of the application."
Small correction! During the installation, a window from sys-whonix popped up asking you to connect/configure a tor connection. You say that it's asking if the whole system should be torified, but that's not what the prompt is doing. It's just asking whether sys-whonix should connect directly to the tor network, or if it needs to have a bridge configured. In fact, due to the nature of QubesOS, sys-whonix wouldn't be able to make that kind've system-wide change even if it wanted to.
Qubes runs so much better on physical hardware instead of in a VM. Much faster. I love it, but I use too many apps that don’t support linux so I’ve had to switch back.
@@trueriver1950 I had a lot of issues running Windows VMs. (I just couldn’t find the right settings for them at the time a couple years ago). My experience is all a couple years ago. Now I’m on Mac for work and don’t even bother with a personal computer.
That's the entire purpose of windows, Mac, and Android controlling the os, software and hardware markets... because they all are fully onboard with allowing and have govt tracking/spyware and back doors baked deep within the os. As do many 3rd party software such as quickbooks, browsers, email, social media, etc Every instance of being online is picked up through these operating systems, can be logged, cached, transmitted etc. and they can infiltrated the lan
Qubes OS was invented by my compatriot Joanna Rutkowska. So, one more reason to be proud. And by the way you should focus on the newest version and Qubes OS should be installed on hardware that is supported, what was written a long time ago on their website. I know about this OS since it has been released. I really like it.
@@surfingsub5854 The reason for the old hardware is Intel used in newer processors a backdoor to control your network, you may ask the NSA what it really does ...
Okay first things first before ADHD makes me side rail myself, I got two wrong (double guessed my self on the chroot one). Second thing, I love how you ended the video "I don't care I'm just still going to use Windows, Linux, & Mac". Keep on being awesome Mr. Chuck!
2 mins in......interesting! Simple idea but....complex creation. Never heard of this one, and i have no worries about privacy, well no major worries right now(future worries 100% given the worlds agenda lol).....but this is interesting. Thanks Chuck! and not even oddly enough, i had just made a cup of coffee🤘
As a tip for the ROG laptop you can also hit the BIOS menu by hitting escape (before the ROG logo pops up). You may need to press several times but once you figure out the timing, you can get it fairly consistently by just pressing once. Also this OS is interesting but I feel like it's more practical (for me at least) to use more established methods for making VMs. If you want to go the extra secure route, I'd prefer using Whonix in a VM but that may be me. Edit: Tails OS is not usable in VMs but Whonix is. I got them mixed up.
The absolute vast majority of my private info that is found on the "dark web" is due to the negligence of various organizations whether its a private company i.e. Sony, or a government organization i.e. OPM.
Great video Chuck, just installed Qubes on my new laptop. Wasn't as hard as you hyped it up to be glad to say. Probably because it's a brand new laptop
Practical things like that are not the focus of the system. We all know a security project is best when only guys hunted by the FBI are willing to put up with using it.
Impromptu Quiz: Welp, apparently I haven't meddled in CGroups yet; 90 points, also kudos to Qubes for using the old Windblows xp silver theme style & for making an OS that I would be putting on my dads laptop (if only it could handle it...)
00:01 Cube's OS is focused on extreme security measures. 01:40 Securely run multiple virtual machines on one computer 04:55 Templates help in maintaining and updating core applications. 06:44 Qubes OS treats Dom zero as the most trusted and critical part of the system 09:55 Setting up a secure OS using Rufus and VMware Workstation player. 11:36 Creating a virtual machine with Fedora 64bit OS 15:03 Disable secure boot and select boot options for OS installation 16:38 Installing Fedora 11 hoix with default options 19:54 Running your own virtual machines provides better security options
Fun fact: portable rufus installs exactly the same way that regular rufus does, the only difference is that it creates a properties file in the same directory that it is in. They explain it in their FAQ - "Difference between portable and non-portable versions".
haha, I haven't been to your channel in a long time, I even forgot how much you love coffee. I am an aspiring Systems Administrator. I am such a slow poke. Been wanting to get into IT for 5 years yet I still don't have my first IT job. Spring 2024 will change that. I'm not back, but just checking in. Subscribed for life. See y'all later.
18:34 I got 60 points. I embarrassingly got the second noob question wrong because I thought su means switch user and assumed that the su in sudo must mean the same thing. I knew about systemctl because of a brief adventure in Arch where I had to use it A LOT! I got the second expert question right only because I knew it couldn't be A, B or C, not because I actually understood what D meant lol. That was fun though, haha.
I really enjoyed the questions segment. It was really well done, nicely made, fun to learn from and challenging to someone who is learning. Great content mate keep it up and thank you!
And here I always thought OpenBSD was the most secure OS. This one just feels like overkill, but considering some of the threats out there maybe there's no such thing as "overkill."
I've got 120 but last 2 questions was kind of guessing by choosing what sounds more reasonable, or by eliminating definitely wrong answers because I used chroot couple of times before and the only thing I remember that it is applied to directories.
I experimented with Qubes OS, and while it offers some interesting features, the initial setup can be quite time-consuming, especially when configuring multiple virtual machines (VMs) and installing various applications. Customizing VMs or updating default ones can be a bit of a hassle, and I encountered issues with the performance of GNOME Desktop Environment (DE) VMs. Additionally, switching the dom0 to KDE resulted in app display problems, so I opted not to make that switch. Regrettably, I found myself exhausted from the extensive tinkering required, even before personalizing my guest VMs or attempting to set up a Windows VM. Eventually, I decided to install a different operating system on my disk. However, this process also proved challenging due to the modifications Qubes makes to the disk, making it somewhat cumbersome to override. at the end I just went back to Nobara KDE.
"Nobara KDE" - Yes, great work there. On one of my laptops it works great. On high-end desktop though too many instability issues and Windows VM builds and boots first time but after rebooting main computer and coming back the Windows VM hangs and won't run anymore. Hoping that Fedora makes some other updates in 40 to correct such issues. I simply don't have time or energy to tinker with it. Do love it on my laptop though.
Nice! Have you tried the BlackOut stuff? I just got my first bag the other day and.... It's seriously the best coffee I ever had. Just throwing that out there, from one coffee lover to another.
Qubes OS is my favorite OS that I've used, ever, bar none. Sure, Mint and Debian and even Kali are nice, but Qubes just sits right with me. I daily drove it for about a year and, for me, the learning curve wasn't nearly as steep as people claimed. Maybe I just didn't unlock its full potential, maybe it's Maybelline. Either way, Qubes is a fantastic OS and I can't recommend it enough to those who are paranoid. Edit: I now remember that it didn't ship with the firmware that my laptop needed to connect to Wi-Fi, but once that was taken care of, it was smooth sailing. Getting the drivers was a bitch tho, I still have them on a flash drive somewhere in a folder labelled "Emergency Linux tarballs"
I run multiple live Tails instances inside of isolated Qubes for each context of my life while running it all virtually on an air-gapped homelab that only connects to the internet via morse-code transmitted over HF CB Radio via Tor 😂
Windows 10/11 does have built-in feature, similar, but not the extreme like Qube, it allows you to open and instance of Windows running on a hypervisor completely isolated. Edit: It's called Windows Sandbox
I don't know kasm workspaces has an option to erase everything if you log out. I'll probably just stick with that is it works really well and it's super simple to set up.
Chuckkkkk please upload more frequent videos!!!! I learned a lot from you within the past 2 years! There is literally nothing left to watch. I would love to see more RPI videos Hacking videos, LETS DIVE IN!!!!!!
Funny, reminds me of the old secure VAX VMS OS, from the 80s. Every application had almost 200 permission flags, for devices and operation. A super pain to administer, this seems to be a lot simpler. Thanks
One question, you used Rufus with DD mode . How do you recover that usb after writing in DD mode ? Is it even possible to revert it to unbootable usb storage?
@@volvo09 I did it once, and then tried to create a partition but Diskpart failed to create one. And then the flash drive died .When I connect it to my PC Windows recognizes something is connected to it but not as a storage device , nor a disk .
I'm not a software guy, but this sounds like it operates a lot like BlackBerry OS10/QNX. From what I've read about BBOS10 (it's a mobile OS, but I'm sure it would run just fine on a PC as QNX does, which it's based) it 'sandboxes' applications so that they can't disrupt the core of the OS. It also had/has separate environments that can't be crossed over (work/personal work spaces)... it was essentially two phones in one device, and I believe there were dual SIM models that would assign each SIM to its own work profile. QNX is also a Hypervisor OS (type 1 as well). It's used in almost all automotive, industrial, medical systems etc.
Some help please … * Upon booting, I'm greeted with two error messages: Line 1: "Error: File '/boot/grub2/i386-pc/efi_gop.mod' not found." Line 2: "Error: File '/boot/grub2/i386-pc/efi_uga.mod' not found." * Despite the errors, the installation menu briefly appears less than a second after booting.The menu includes options such as "Install Qubes OS," "Test Media and Install Qubes," and troubleshooting options. * Upon selecting "Install Qubes OS," I encounter a black screen with a blinking white cursor (_). * I successfully installed Qubes OS on this same computer approximately one year ago without encountering such issues. Any suggestion ?
What other purpose could a online title serve? Whenever someone dislikes what they've clicked on, then it's clickbait. Every title is clickbait. That's literally the one & only purpose of a title. Thanks for pointing out what titles are for.
@@bruhda7469 My definition of clickbait is having a video where the title and thumbnail are different from the video content and the "I hate it" part made me think he'd have points towards why not to use it.
I got lucky on the Cgroup question, I was unsure but I went with my gut and said C so I actually got a 120! Great video and a cool OS I might have to poke around if I can pick up a laptop to play with
I followed alot of guides on how to install that operating system and you were the only one who explained about understanding if your computor is capable of running it but anywa I just gave up on linux all together never got any of them to run correctly.
9:09 Cant run on a VM (Which I do understand, as running a VM on a VM gets some seriously weird issues lol) which is a real bummer :( I was hoping to do a test run on it in VM and I ain't setting up a duel or multi-boot for it on my main system. You know I will attempt to run it on a VM though lol just out of curiosity :) Otherwise without Qubes, I have every other OS available in a VM which I can run at any time and bin if it gets compromised :) Well done video so far :) > 10:49 I typically run off VirtualBox, but interesting that VM Player works, which means I could likely get it up on VBox with the right settings :P Me wonders if the test was on VBox 6.x or 7.x? 15:55 Just be aware if you are running VBox on Windows you may need to turn off "Hyper-V" in Windows features. It messes with the virtualization, on virtualization on Virt... issue that Qubes warns about. I had issues with some other OSs on VBox because of it. I think it steals focus or interferes with the hardware virtualization you just covered so VBox can't use it correctly. > 20:12 I kind of like my own Ubuntu build that has a kind of light Lubutu feel about it with some select security upgrades. Only takes about 30sec max to shutdown a compromised session, restore the default .vdi/,vhd and reboot :) > Thanks for taking us over Qubes :)
i have used kali for years dual boot with windows 11. i tried qubes os on my pc, and when booted i had no idea at all where to begin from, i could not connect to the network, etc. but after watching this video i now have a clue where to begin from. after taking my cisco ccna i know what type one and type two hypervisor and the whole video was awesome to me.
You may feel that that gives the impression it's something to get excited about but. Your teaching people who have to take time to grasp what you're saying. I've noticed that this is a common problem with many other TH-camrs too slow down. Yeah I can set the speed
Network Chuck! OMG! I don't know why I watch your vids. More often than not your vids are way beyond my mental capacity. This one exceeds all previous instances of me watching while I entertain the fantasy that I could one day understand the complexities of the machine that currently sits in front of me. I surrender. Am I watching the rest of this vid? No. Am I gonna watch more NetworkChuck vids? No doubt. But I think I'll dig into the archives and find something a little more my speed. Like something your kids can do. Btw the drinking game suggestion didn't help...
So, it's a Xen system with preconfigured templates for VMs for apps and different things and a bit of GUI to make it fairly usable. It was just a matter of time till somebody made something like that. Not sure what took them so long. Yeah, I'm sure it's cool if you need that kind of security, but it's not for everyone. It's resource-hungry and slow and a bit cumbersome to use compared to normal OSs.
Considering the steep hardware requirements, I fail to see how this is any better than a Virtualization server running something like Proxmox VE and you essentially creating a VM for each app you want to use.
I don't know how... but I was looking at the 2nd to last question and i figured it was either A or B regarding cgroups and namespaces... I was wrong, as it was B and not A. But the fact that I was close to being correct surprised me because I didn't think that I'd be at least 80 percent correct for the entirety. I used linux rigorously because I wanted to do virtualization so that I can make windows.. a "mostly" enclosed gaming vm. But that aside, I think I should get back into computers again... I learned a lot in linux and experienced a lot in server hardware.
Not gonna lie, I never expected the devil effect from Network Chuck at the end of the Linux quiz. It caught me off guard and scared the absolute bejesus out of me. I got 60 points :'(
Qubes is used allot in central America by journalist its considered the best way to report on corruption especially when the government is more then willing to eliminate negative reporting This is not ment for your standard oh no my personal data, this is for life or death research And i respect it as such
6:30 Management cube. You didn't count this cube in your lower right tally. Thank you so much for this video and all this great content. But this did ruin my day.
I wondered for a long time if the Qubes Devs were aware of the BDSM link between Dom and master when they choose Dom0 to be the master. However: Turns out however that the term comes from Xen. So if the pun was deliberate then point the finger at Xen.
Lol I guess that would be funny if intentional, but I doubt it. "Dom" is so similar to "domain", and there's already a precedent for 0 being the most privileged (like ring0 in CPUs)
Such great scripting and editing, yet the filthiest laptop screen I’ve seen in years. Dear god, man, run a wipe over stuff before you film it! Much love and subbed
I tried a test build on an old rig (i7-2600k) and it threw up a slew of errors during installation about the age of the hardware and missing vital hardware support for virtualisation or encryption support (going on a 4 month old memory there). I found USB support for the console kept failing, it just looked like something that wasn't workable unless you had far more contemporary hardware. A real shame because I was curious to see how this worked in a practical sense too.
Turn your IT hobby into a job!! Learn Linux and other skills with ITPro: ntck.co/itprotv (30% off FOREVER) *affiliate link
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
TIMESTAMPS
---------------------------------------------------
0:00 ⏩ Intro
1:00 ⏩ What is Qubes OS?
3:55 ⏩ How Qubes works - App Qubes
5:40 ⏩ Service Qubes
7:41 ⏩ Qubes OS SYSTEM REQUIREMENTS
9:28 ⏩ STEP 1 - Qubes OS Install - Download Qubes
10:35 ⏩ STEP 2 - Virtual Machine Setup
13:33 ⏩ STEP 2 - Physical Machine Setup
15:46 ⏩ STEP 3 - Installing Qubes OS
17:17 ⏩ LINUX QUIZ CHALLENGE!!
18:42 ⏩ STEP 4 - Initial Qubes Configuration
Ok
Where did you get the 1TB SSD?
I am using internal SSD, what do I do for that?
So what happens if the template gets hacked? e.g. if a hack makes its way into Fedora, and you update? There goes your isolation.
hey im 15 a pentester think we can Collab if so reply to this comment or reply on one of my videos
One useful analogy that I explain to people about security. You basically have a slider. At one end is secure and at the other end is usable and your risk tolerance sets the slider position.
This is Over simplified way saying it for a Complex system.
Inverse correlation
@@fuzzytincan piss
You are only as secure as the weakest part of your system.
not neccesarily, even if your system is compromised at for example UEFI level(which every consumer computer is compromised at that level), if you can properly isolate your work environment then there is a good chance its still protected.@@Arachnoid_of_the_underverse
One of the reasons why they advise against using nested virtualization is because it negates some of the privacy benefits of Qubes. The Virtualized networking in Qubes is IMO it's best feature. The firewall isn't an add-on to the OS like other OSes but rather an integrated feature like Tails. You can completely control what packets leave your computer, choose what avenues they take (vpns, tor, proxy chains, et)., Create combinations. Whitelist/blacklist ips and apps. If you throw Qubes on a normal OS and virtualize it, the host OS will leak packets. If virtualized on Windows 11 things are even worse as Windows has practically become a keylogger.
quote: " If virtualized on Windows 11 things are even worse as Windows has practically become a keylogger."
AMEN there. I've been on windows for decades and it gets worse and worse every year with tracking and monitoring.
how is windows 11 like a keylogger and how do you stop it? I disabled some of the widget things and personalization things.
@@surfingsub5854 And it's about to get way worse with AI integration,. Big brother is almost here. Putting aside the legal aspects , from a spying capability standpoint soon pretty much everything we do on our computers will be tracked by AI.
I think once people understand the power that governments and corporations will have with AI running on our computers you will see a huge interest in OSes like Qubes. It's not quite average consumer friendly yet but from privacy capability standpoint it's far superior to any alternative I've tried. Tails is ok from privacy end of things but not as versatile.
AI has its uses so I'll still use windows too but when I want privacy I switch to my linux box and a variety of virtual instances.
@@MrAw3sum Too long a list to write all the sketchy privacy things windows does but I can tell you the biggest one.... encrypted mystery telemetry.
Windows computers are contacting Microsoft servers constantly and we have little clue what data they are sending. Microsoft is vague in describing precisely and there is no built-in feature to turn off telemetry entirely.
THere is a third party tool called ooshutup10 that can shut off telemetry but if you are inexperienced I wouldn't recommend it. I don't use myself because turning of features with telemetry can have negative side effects and Microsoft can turn telemetry back on with any given update. It was too much of a time waster for me to use.
The approach I would recommend for semi-privacy is get a second computer with some linux distro on it and use that when you want to do something more private. Don't use your real name or connect to any service that uses your real name when using it. Ubuntu would be good choice with a newb. (Qubes is still for advanced users at the moment). Maybe subscribe to a VPN service that you can also use on that computer.
Keep in mind though, obfuscation is not pure anonymity. IMO only someone very experienced in tech has any practical hope of that online. And even then it's a lot of work and impractical for daily driver. If anyone plans to send nuclear secrets to North Korea from their home the NSA will get them lol.
@@MrAw3sumits very penetrable
I drank the QubesOS Cool Aid for a few months, but I got out of it. It's important to understand that, like all security models, this system is only able to protect you from the specific threat model it was designed for. In particular, QubesOS was designed to protect from information leaks caused by software flaws.
pls elaborate?
@@DarnIDidntKnowThat Ever hear your friend or family talk about how their social media account got hacked? Well... the account didn't get hacked *THEY* got hacked, by getting tricked into doing something dumb.
By far, the largest percentage of "hacks" on the internet are social engineering, not software exploitation.
QubesOS protects you to a very high degree of confidence from software flaws. It doesn't stop you from being dumb on the internet though.
I'll try to answer but obviously I can't read his toughts... Qubes OS is extremely good at compartmenting your activities (and no contrary to what @NetworkChuck said, setting up VMs is not as secure (there are some explaination in the Qubes OS documentation). But it won't protect you against tracking (cookies) unless you make use exclusively of disposable VMs via Tor (as your IP otherwise is the same from one Qubes to another from the perspective of web servers tracking you via Google/Facebook or whatever other tracker). You can have one of the most secure password manager (half of it, the wallet is in a disconnected from the network qubes, the other half is connected to clients Qubes leveraging PgP). The most important thing is I believe to help educate people about "true" security. Once you've spoken with people in this community you start to grasp how much you don't know about security when you though you were the boss using your Kali VM.
It's a cool idea but it's a pain for the avg user to navigate it etc. Installation can be a nightmare as well. I think it'll be another 5 years or so before it's more mainstream.
Personally I want the VM manager stuff in a normal Linux setup. Take out the annoying stuff like separate keyboard copy buffers etc and just allow it to dumb paste into where ever but have the VM seperation and you've got my ideal OS.
@@skilletpan5674 If I'm being honest, QubesOS has other issues as well. I just didn't care to comment about them as it's likely to start an argument that I don't want to be involved in.
I used it for about 4 years as my main OS for my development machine with Debian in the VMs. I don't have too high security requirements, but I like the compartmentalization. There wasn't anything to hate in my opinion. It worked really well all the time - until recently. An update broke my install and I wasn't able to repair it. I tried NixOS, as I planned for a while, and I'm hooked and switched away from Qubes. Not as secure, but I can't resist the declarative configuration.
+1 for NixOS. Switching from Arch for the same love of declarative configuration, it's brilliant.
@@Ethorbit gonna read about it now
me too i was distrohopping for like 6 month i started my journy with distro hopping
@infonotforsale-dx2nb It's easy enough to make backups. Security always comes with some inconvenience. It's a niche and therefore has limited resources. If you do need the security it's definitely worth it. If you don't need it then it's not so clear cut but they are very clear about who their target audience is.
I don't see a reason to just discard it.
I so want to use Nix, but EndeavourOS has not given me a reason to change for almost two years now :(
I do tinker with it on an old computer though. At least i have the config ready if i need to pull the trigger on my main one. :D
TempleOS is way more secure
😂😂😂😂😂
Yes
It even protects you against STDs. 😷
Nah Redox, Slax, MenuteOs are secured by default
Lol!
Too bad you missed the official release of QubesOS 4.2, it has a lot of improvements to the GUI
But that would disrupt his narrative
who cares for this shitty complex os
@@the_alien293then why are you here
@@the_alien293 It's optimized for security, not convenience
"nobody cares about it" until macos adds it. @@the_alien293 , you remind me of my brother who hates linux. that's exactly like saying that "i want the internet to run on fast hardware with software that slows it down" since windows is incredibly slow especially compared to linux. most of the websites on the internet are running of of some GNU based OS (or alpine linux lol)
I'm kinda more surprised to see this has a gui and a desktop environment😅
REAL
@@notafbihoneypot8487 Hi, the real notafbihoeypot!
@@Spinetap less code less bugs so yes WM are more secure
Although a window manager like dwm is more auditable than xfwm and its related components, there are aspects of the qubes user experience that effectively require that the graphical interface have more functionality both through daemons and interface options. Inter-qube clipboard, inter-qube file transfer, managing allocation of hardware device access among qubes all require daemons to track clipboard usage, new right-click options in both the guest and the hypervisor interfaces, and a significant amount of python scripting to glue it all together.
Personally, I'm trying to weigh the completed form of qubes' user experience (for lack of a better term) vs making containers and small VMs on a more minimal distro where I could run dwm and friends as the defaults.
In fact it is one of the core benefit vs having VMs, because if what is running in your graphics card guest compromised, you lost. With QubesOS (you don't natively have GPU/3D), each VM paint it's "display" using a virtual graphics card, the windows manager, which runs in Dom0 is copying this frame-buffer in your video card frame buffer. It also leverage this functionality to "remove" vulnerabilities in PDF (which may compromise your printer for example). It use a disposable VM to render the PDF, and another disposable VM to capture the image of the rendered PDF and then generating a PDF with all the pictures.... You loose the copy/paste functionality, but your target PDF can go in your safer research qubes without being a risk of compromising your PDF reader. All of this is "transparent" (if I remeber it is just a "send to PDF cleaner" type of right click menu.
Nothing is cooler than running windows 10, 11, Mac, Kali, Debian, Fedora, Mint, Ubuntu, & Arch all right next to each other in Qubes! I hope you will give 4.2 another chance! If you're committed to moving on to something else perhaps you would consider creating some content for the Xen hypervisor? Thanks for another informative video chuck! Looking forward to more!
I love Qubes. Sure there is a steep learning curve but once you got used to it it's hard to go back to a regular OS. Having an hypervisor running as the main OS on your computer allows for a lot of things, it goes beyond security. I keep using it not because I have to for security, but because I really love it.
Based on the title I was expecting an OS so locked down it was painful to just use. I know security does not equal usability.
But Qubes OS looks awesome! As soon as you started spinning up VMs on the fly my mind was blown at how cool that was! There are some obvious drawbacks, like needing an ungodly amount of RAM for the more stuff you throw at it, but I'm sitting over here thinking, "I could actually daily drive this and it wouldn't be that bad!
Realistically, I wouldn't daily it, just have some fun, and be aware if I ever need something crazy secure, I know the OS to go to. But this is very usable! Which goes to show, security, even really good security, doesn't always need to burn usability to the ground to be effective.
After about a week, qubes just works for me. Yes it takes some tweaking. But honestly I don't see how I could go back to a 'normal' system
Ngl, the idea of "Why don't we just run each app in its own little sandbox" crossed my mind several times, but to see an OS spin up a whole XEN VM for it... Wow. Cool concept, and fact that they got it so far already.
It's an interesting concept. I typically just run a heap of VM clients side by side for much the same results.
The problem with this is, it will be hard to run programs (for a normal computer user atleast). For example lets say you download minecraft mods, and you use a mod manager.
The program need to find minecraft order it to run.
@@RavDeBest lol that can be configured it is like docker the linkage is via uuids you can have parts of the Software running in the other part of the earth
@@adriancoanda9227 Yes I think you can but Normal user wouldn't know. My cousin doesn't even know how to check Ram till now
@@RavDeBest Solution: download both within the same Qube, let's say... a "Minecraft" Qube? Am I missing something?
Rufus is good, but have you tried Ventoy?
It lets you create a bootable usb once, and then you can just drop iso's onto it, letting you select the right one through the bootloader.
Yep... Yummi is similar. I prefer Rufus tho. Purely preference.
That is cool, so you can easily make a USB stick with multiple bootable ISO's?
@@volvo09 yep
@@volvo09 Yumi is a good tool... Add multiple iso del isos any of em easily at will. Without formatting constantly.
@@volvo09 Yes, exactly.
I only found out about it fairly recently myself.
I use Qubes OS as my daily driver. Good points are that i am so much faster than everyone i work with at spinning up test VMs. My Facebook etc is not visible in my work etc. Also if i share my screen in slack Qubes only makes windows visible in the qube that slack is executing in. The strict networking is great for testing our networking product. The things that suck are i have a new laptop and have been running the beta version with a few quirks. I sometimes find the USB camera can disconnect meaning i have to add remove the software device to the qube. Audio can sometimes be a little weird. However i do think it's awesome. I also have Windows and FreeBSD qubes up and running as well
Sadly thr support for GPU acceleration isn't so good yet. Nowadays even basic browser applications require graphics acceleration to work normally.
How well does the Windows qube run?
@@jaredclark3231 it's okay. No sound and haven't got the clipboard integrations working yet. Speed wise it's okay but I've got plenty of RAM and CPU for it. Does what I need to test some windows software.
@@vk3fbab Damn. Yeah i keep hearing how buggy it is. I wonder if theres any way to fix that problem. If that gets fixed this distro would be bulletproof…
@@jaredclark3231 sound seems like a no go because someone needs to make a windows driver that can pipe the audio into pulse audio. Don't think it's high on anyone's radar. I think the clip board can work I just wasn't able to get it working and haven't gone back to look at it
I got a score of 100 points! (out of 120)
The only question I didn't get was with Linux containerization. (Something I haven't messed with or learned about yet.)
Second google hit " But unlike a virtual machine, rather than creating a whole virtual operating system, containers don't need to replicate an entire operating system, only the individual components they need in order to operate. This gives a significant performance boost and reduces the size of the application."
Small correction! During the installation, a window from sys-whonix popped up asking you to connect/configure a tor connection.
You say that it's asking if the whole system should be torified, but that's not what the prompt is doing. It's just asking whether sys-whonix should connect directly to the tor network, or if it needs to have a bridge configured. In fact, due to the nature of QubesOS, sys-whonix wouldn't be able to make that kind've system-wide change even if it wanted to.
Qubes runs so much better on physical hardware instead of in a VM. Much faster. I love it, but I use too many apps that don’t support linux so I’ve had to switch back.
Can't you spin up a Windows Qube for those apps?
Did you try? If so what went wrong?
@@trueriver1950 I had a lot of issues running Windows VMs. (I just couldn’t find the right settings for them at the time a couple years ago). My experience is all a couple years ago. Now I’m on Mac for work and don’t even bother with a personal computer.
That's the entire purpose of windows, Mac, and Android controlling the os, software and hardware markets...
because they all are fully onboard with allowing and have govt tracking/spyware and back doors baked deep within the os.
As do many 3rd party software such as quickbooks, browsers, email, social media, etc
Every instance of being online is picked up through these operating systems, can be logged, cached, transmitted etc. and they can infiltrated the lan
Qubes OS was invented by my compatriot Joanna Rutkowska. So, one more reason to be proud. And by the way you should focus on the newest version and Qubes OS should be installed on hardware that is supported, what was written a long time ago on their website. I know about this OS since it has been released. I really like it.
Great testimony. About the same thing here 😀
Yes, I love the idea, but OLD and SLOW hardware is the issue. They really need support for modern state of the art HIGH END systems.
@@surfingsub5854 The reason for the old hardware is Intel used in newer processors a backdoor to control your network, you may ask the NSA what it really does ...
Pleasantly surprised to see this OS in your channel. Been following Invisible Things Lab like eternity, a talented team.
Okay first things first before ADHD makes me side rail myself, I got two wrong (double guessed my self on the chroot one). Second thing, I love how you ended the video "I don't care I'm just still going to use Windows, Linux, & Mac". Keep on being awesome Mr. Chuck!
2 mins in......interesting! Simple idea but....complex creation. Never heard of this one, and i have no worries about privacy, well no major worries right now(future worries 100% given the worlds agenda lol).....but this is interesting.
Thanks Chuck! and not even oddly enough, i had just made a cup of coffee🤘
Found your channel recently (The video about Tails OS and the Darkweb) loving the content so far my man. Happy holidays.
Very glad I found this channel. I did not know about the different window colors in Qubes.
Glad I'm not the only one who loved that feature...
As a tip for the ROG laptop you can also hit the BIOS menu by hitting escape (before the ROG logo pops up). You may need to press several times but once you figure out the timing, you can get it fairly consistently by just pressing once. Also this OS is interesting but I feel like it's more practical (for me at least) to use more established methods for making VMs. If you want to go the extra secure route, I'd prefer using Whonix in a VM but that may be me.
Edit: Tails OS is not usable in VMs but Whonix is. I got them mixed up.
Tails isn't meant for VMs. Whonix is. (Whonix is bundled in qubes)
@@aliceryan7053 thanks for the catch. Updated my comment accordingly. I don't make use of either so had to look it up.
The absolute vast majority of my private info that is found on the "dark web" is due to the negligence of various organizations whether its a private company i.e. Sony, or a government organization i.e. OPM.
Great video Chuck, just installed Qubes on my new laptop. Wasn't as hard as you hyped it up to be glad to say. Probably because it's a brand new laptop
If we had no winter, the spring would not be so pleasant; if we did not sometimes taste of adversity, prosperity would not be so welcome.
I could see making this my main OS someday when it's developed a little more and I can spin up a windows gaming qube for blizzard-like windows games.
Practical things like that are not the focus of the system. We all know a security project is best when only guys hunted by the FBI are willing to put up with using it.
@@edhahaz wat
You can do that already with pci passthrough if you have two gpus.
@@paulchatel2215 is the support for it better now? 4-5 years ago, it was really on the edge (mainly due to buggy firmware from NVidia)
Impromptu Quiz: Welp, apparently I haven't meddled in CGroups yet; 90 points, also kudos to Qubes for using the old Windblows xp silver theme style & for making an OS that I would be putting on my dads laptop (if only it could handle it...)
This is kinda how Xbox's OS works. Every game is run in a virtualized environment. It's secure but it's resource intensive
00:01 Cube's OS is focused on extreme security measures.
01:40 Securely run multiple virtual machines on one computer
04:55 Templates help in maintaining and updating core applications.
06:44 Qubes OS treats Dom zero as the most trusted and critical part of the system
09:55 Setting up a secure OS using Rufus and VMware Workstation player.
11:36 Creating a virtual machine with Fedora 64bit OS
15:03 Disable secure boot and select boot options for OS installation
16:38 Installing Fedora 11 hoix with default options
19:54 Running your own virtual machines provides better security options
Fun fact: portable rufus installs exactly the same way that regular rufus does, the only difference is that it creates a properties file in the same directory that it is in. They explain it in their FAQ - "Difference between portable and non-portable versions".
haha, I haven't been to your channel in a long time, I even forgot how much you love coffee. I am an aspiring Systems Administrator. I am such a slow poke. Been wanting to get into IT for 5 years yet I still don't have my first IT job. Spring 2024 will change that. I'm not back, but just checking in. Subscribed for life. See y'all later.
18:34 I got 60 points. I embarrassingly got the second noob question wrong because I thought su means switch user and assumed that the su in sudo must mean the same thing. I knew about systemctl because of a brief adventure in Arch where I had to use it A LOT! I got the second expert question right only because I knew it couldn't be A, B or C, not because I actually understood what D meant lol. That was fun though, haha.
Noob = 10 pts
B ls ✅
A switch user/do ❌
Intermediate = 20 pts
D ps ❌
C systemctl ✅
Expert = 30 pts
D ❌
D ✅
also 60 points, but i just did all the noob and intermediate questions
@@M1szS Not bad! I should have gotten those. Not enough coffee is my excuse. 😅😝
I really enjoyed the questions segment. It was really well done, nicely made, fun to learn from and challenging to someone who is learning.
Great content mate keep it up and thank you!
And here I always thought OpenBSD was the most secure OS. This one just feels like overkill, but considering some of the threats out there maybe there's no such thing as "overkill."
Same! When I think of a secure OS, I always think of OpenBSD.
I'm human are you accepting new patients and clients into your service.
OpenBSD is more secure simply because the code base is small and thoroughly and frequently audited.
Holiday-Happy to Headache in 14.2 minutes. Seriously, thanks for explaining this.
I've got 120 but last 2 questions was kind of guessing by choosing what sounds more reasonable, or by eliminating definitely wrong answers because I used chroot couple of times before and the only thing I remember that it is applied to directories.
I used this for a longggggg time. Loved it! But on older hardware, like what I had, it was a bit slow
I experimented with Qubes OS, and while it offers some interesting features, the initial setup can be quite time-consuming, especially when configuring multiple virtual machines (VMs) and installing various applications. Customizing VMs or updating default ones can be a bit of a hassle, and I encountered issues with the performance of GNOME Desktop Environment (DE) VMs. Additionally, switching the dom0 to KDE resulted in app display problems, so I opted not to make that switch.
Regrettably, I found myself exhausted from the extensive tinkering required, even before personalizing my guest VMs or attempting to set up a Windows VM. Eventually, I decided to install a different operating system on my disk. However, this process also proved challenging due to the modifications Qubes makes to the disk, making it somewhat cumbersome to override.
at the end I just went back to Nobara KDE.
"Nobara KDE" - Yes, great work there. On one of my laptops it works great. On high-end desktop though too many instability issues and Windows VM builds and boots first time but after rebooting main computer and coming back the Windows VM hangs and won't run anymore. Hoping that Fedora makes some other updates in 40 to correct such issues. I simply don't have time or energy to tinker with it. Do love it on my laptop though.
90/120. Missed the cgroups question, dang it. But probably pretty good for less than a year of using Linux.
My favorite channel, the coffee is ready❤
Nice! Have you tried the BlackOut stuff? I just got my first bag the other day and.... It's seriously the best coffee I ever had.
Just throwing that out there, from one coffee lover to another.
Qubes OS is my favorite OS that I've used, ever, bar none. Sure, Mint and Debian and even Kali are nice, but Qubes just sits right with me. I daily drove it for about a year and, for me, the learning curve wasn't nearly as steep as people claimed. Maybe I just didn't unlock its full potential, maybe it's Maybelline. Either way, Qubes is a fantastic OS and I can't recommend it enough to those who are paranoid.
Edit: I now remember that it didn't ship with the firmware that my laptop needed to connect to Wi-Fi, but once that was taken care of, it was smooth sailing. Getting the drivers was a bitch tho, I still have them on a flash drive somewhere in a folder labelled "Emergency Linux tarballs"
I run multiple live Tails instances inside of isolated Qubes for each context of my life while running it all virtually on an air-gapped homelab that only connects to the internet via morse-code transmitted over HF CB Radio via Tor 😂
+ over DMR 256 AES multi key encryption
you have a cb or a hackrf ?
all that just to use chrome for your banking because the website doesn't support firefox
Anything less would be like living in a glass house with your pants down
nice concept, so it's more like a collection of VMs running side by side... interesting.
If only windows was built like this, it would be almost perfect.
Windows 10/11 does have built-in feature, similar, but not the extreme like Qube, it allows you to open and instance of Windows running on a hypervisor completely isolated.
Edit: It's called Windows Sandbox
@@ChrisAzure Yeah, but everything about it is proprietary. Is it really secure? Who knows!
I don't know kasm workspaces has an option to erase everything if you log out. I'll probably just stick with that is it works really well and it's super simple to set up.
No matter how secure an system is it doesn't protect against human errors.
Chuckkkkk please upload more frequent videos!!!! I learned a lot from you within the past 2 years! There is literally nothing left to watch.
I would love to see more RPI videos Hacking videos, LETS DIVE IN!!!!!!
If paranoia had paranoia
Very interesting video. I got all questions right, but I got last two of them, almost by chance.
DO NOT run a VM it compermises the whole point and security of it.
Run Pubes- I mean QubesOS on a VM*
For a daily driver, no. On other other hand, if I just want to try it out, why not throw it in a VM before committing to bare metal?
@@ralphm6901 then just spin up VMs, it would be counterintuitive to Do it any other way.
@@ralphm6901 Just create a partition
Funny, reminds me of the old secure VAX VMS OS, from the 80s. Every application had almost 200 permission flags, for devices and operation. A super pain to administer, this seems to be a lot simpler. Thanks
i thought the most secure OS was AS/400... not known by the many :)
I like the portrait mode face-cam - I don't know why, but it really reminds me of that big head from Power Rangers in their HQ :D
which one?
One question, you used Rufus with DD mode . How do you recover that usb after writing in DD mode ? Is it even possible to revert it to unbootable usb storage?
I believe if you just do a "clean" command using diskpart (windows) it'll remove any bootable flags and partition data.
@@volvo09 I did it once, and then tried to create a partition but Diskpart failed to create one. And then the flash drive died .When I connect it to my PC Windows recognizes something is connected to it but not as a storage device , nor a disk .
Best TH-cam of the month. Thanks for this - I need it.
Don't use vmware!
Why?
@initiald975 closed source, proprietary and crap. There's a wide, wonderful world of better options.
@@RonnieReddbro 💀 it ain't a virus man I used it no virus I was free. Probably have the worst antivirus in the world 😭
Yeah right, until you tried to set up a 3D accelerated Windows VM and realized your IOMMU is totally borked and VBox and VMware are the only options.
@@wilsontulusqemu
I'm not a software guy, but this sounds like it operates a lot like BlackBerry OS10/QNX. From what I've read about BBOS10 (it's a mobile OS, but I'm sure it would run just fine on a PC as QNX does, which it's based) it 'sandboxes' applications so that they can't disrupt the core of the OS. It also had/has separate environments that can't be crossed over (work/personal work spaces)... it was essentially two phones in one device, and I believe there were dual SIM models that would assign each SIM to its own work profile.
QNX is also a Hypervisor OS (type 1 as well). It's used in almost all automotive, industrial, medical systems etc.
Some help please …
* Upon booting, I'm greeted with two error messages:
Line 1: "Error: File '/boot/grub2/i386-pc/efi_gop.mod' not found."
Line 2: "Error: File '/boot/grub2/i386-pc/efi_uga.mod' not found."
* Despite the errors, the installation menu briefly appears less than a second after booting.The menu includes options such as "Install Qubes OS," "Test Media and Install Qubes," and troubleshooting options.
* Upon selecting "Install Qubes OS," I encounter a black screen with a blinking white cursor (_).
* I successfully installed Qubes OS on this same computer approximately one year ago without encountering such issues.
Any suggestion ?
NVIDEA GPU?
Hey how can I build/modify os for my raspberry Pi
DId you not see the system requirements part?
I now see time and space in 4 dimensions due to how much coffee has been consumed from the word "cube."
Clickbait title
What other purpose could a online title serve? Whenever someone dislikes what they've clicked on, then it's clickbait. Every title is clickbait. That's literally the one & only purpose of a title. Thanks for pointing out what titles are for.
What do you expect from chuck
@@bruhda7469 My definition of clickbait is having a video where the title and thumbnail are different from the video content and the "I hate it" part made me think he'd have points towards why not to use it.
I got lucky on the Cgroup question, I was unsure but I went with my gut and said C so I actually got a 120! Great video and a cool OS I might have to poke around if I can pick up a laptop to play with
Qubes OS is for professionals. Not for the average wannabe.
Lol
Not really. QubesOS makes it really easy to run fast and private Virtual Machines since it uses a type 1 hypervisor
Been using qubes os for about 4 years now and its amazing i love it.
I want a pack of balloons
My score was 90 🎉🎉🎉, I wasn't knowing the difference between cgroups and namespace 😅, thanks for sharing 😊
In all honesty, im glad you finally made this video.
I followed alot of guides on how to install that operating system and you were the only one who explained about understanding if your computor is capable of running it but anywa I just gave up on linux all together never got any of them to run correctly.
Thanks to show the bios staff, lot of pros keep that to get money, thanks for your content🎉 Merry Christmas 🎉
Wohoo I only failed at the last one, great video as always Chuck
Imagine taking a shot every times he said Qube, i would've died 5 minutes in
i enjoy drinking coffee while following your steps :>
9:09 Cant run on a VM (Which I do understand, as running a VM on a VM gets some seriously weird issues lol) which is a real bummer :( I was hoping to do a test run on it in VM and I ain't setting up a duel or multi-boot for it on my main system.
You know I will attempt to run it on a VM though lol just out of curiosity :)
Otherwise without Qubes, I have every other OS available in a VM which I can run at any time and bin if it gets compromised :)
Well done video so far :)
>
10:49 I typically run off VirtualBox, but interesting that VM Player works, which means I could likely get it up on VBox with the right settings :P Me wonders if the test was on VBox 6.x or 7.x?
15:55 Just be aware if you are running VBox on Windows you may need to turn off "Hyper-V" in Windows features. It messes with the virtualization, on virtualization on Virt... issue that Qubes warns about. I had issues with some other OSs on VBox because of it. I think it steals focus or interferes with the hardware virtualization you just covered so VBox can't use it correctly.
>
20:12 I kind of like my own Ubuntu build that has a kind of light Lubutu feel about it with some select security upgrades. Only takes about 30sec max to shutdown a compromised session, restore the default .vdi/,vhd and reboot :)
>
Thanks for taking us over Qubes :)
I like this. Just compartmentalize everything. Forced organization. Maybe I'll finally keep tabs on what I have running on my PC.
Why did I watch this at 07:55am. Now my head hurts
i have used kali for years dual boot with windows 11. i tried qubes os on my pc, and when booted i had no idea at all where to begin from, i could not connect to the network, etc. but after watching this video i now have a clue where to begin from. after taking my cisco ccna i know what type one and type two hypervisor and the whole video was awesome to me.
0:52
Ive been up 19hrs. Thanks for the coffee break reminder.
9:14 Such a pity you didn't scroll a little bit more down 🤪
I have that laptop and I love it !!!!!!!
Def also make sure you put it on hardwear that has/supports coreboot
Wow Mr. Chuck, enabling iommu inside of a nested type 1 hypervisor. Ballsy my friend. Ballsy.
LOL, good to see you are human too. So much polish in presentation, perfect beard but the screeeeen @13:51 *scream* :D
You may feel that that gives the impression it's something to get excited about but. Your teaching people who have to take time to grasp what you're saying. I've noticed that this is a common problem with many other TH-camrs too slow down. Yeah I can set the speed
Interesting, bythoway the background music is fire 🔥🔥🔥
I love your work Network. When I grow up, I want to be like you.
Network Chuck! OMG! I don't know why I watch your vids. More often than not your vids are way beyond my mental capacity. This one exceeds all previous instances of me watching while I entertain the fantasy that I could one day understand the complexities of the machine that currently sits in front of me. I surrender. Am I watching the rest of this vid? No. Am I gonna watch more NetworkChuck vids? No doubt. But I think I'll dig into the archives and find something a little more my speed. Like something your kids can do. Btw the drinking game suggestion didn't help...
So, it's a Xen system with preconfigured templates for VMs for apps and different things and a bit of GUI to make it fairly usable.
It was just a matter of time till somebody made something like that. Not sure what took them so long.
Yeah, I'm sure it's cool if you need that kind of security, but it's not for everyone. It's resource-hungry and slow and a bit cumbersome to use compared to normal OSs.
This is really interesting. Thanks a lot. Have you heard about TAILS OS?
Me and it's awesome
Considering the steep hardware requirements, I fail to see how this is any better than a Virtualization server running something like Proxmox VE and you essentially creating a VM for each app you want to use.
I don't know how... but I was looking at the 2nd to last question and i figured it was either A or B regarding cgroups and namespaces... I was wrong, as it was B and not A. But the fact that I was close to being correct surprised me because I didn't think that I'd be at least 80 percent correct for the entirety.
I used linux rigorously because I wanted to do virtualization so that I can make windows.. a "mostly" enclosed gaming vm. But that aside, I think I should get back into computers again... I learned a lot in linux and experienced a lot in server hardware.
The conclusion was unfounded. I feel you have to prove any other solution is faster or more secure.
Not gonna lie, I never expected the devil effect from Network Chuck at the end of the Linux quiz. It caught me off guard and scared the absolute bejesus out of me.
I got 60 points :'(
Qubes is used allot in central America by journalist its considered the best way to report on corruption especially when the government is more then willing to eliminate negative reporting
This is not ment for your standard oh no my personal data, this is for life or death research And i respect it as such
6:30 Management cube. You didn't count this cube in your lower right tally. Thank you so much for this video and all this great content. But this did ruin my day.
This is awesome! Thank you so much Chuck!
I wondered for a long time if the Qubes Devs were aware of the BDSM link between Dom and master when they choose Dom0 to be the master. However:
Turns out however that the term comes from Xen. So if the pun was deliberate then point the finger at Xen.
Lol I guess that would be funny if intentional, but I doubt it. "Dom" is so similar to "domain", and there's already a precedent for 0 being the most privileged (like ring0 in CPUs)
Such great scripting and editing, yet the filthiest laptop screen I’ve seen in years. Dear god, man, run a wipe over stuff before you film it!
Much love and subbed
I tried a test build on an old rig (i7-2600k) and it threw up a slew of errors during installation about the age of the hardware and missing vital hardware support for virtualisation or encryption support (going on a 4 month old memory there). I found USB support for the console kept failing, it just looked like something that wasn't workable unless you had far more contemporary hardware. A real shame because I was curious to see how this worked in a practical sense too.