It is so polished that it is astonishing it was developed by one person alone! Props to Joanna Rutkowska. EDIT: It's actually made with help from another person - Rafal Wojtczuk. Both are talented people.
i've like the idea of qubes os ever since i heard of its inception several years ago. it was a Q/A with some lady high up or running th estart up or whatever. now if someone wants to ressurect the ideas at the core of the old bell labs plan 9 OS and merge it with Qubes Os that be dope af.
hmm.. this is very possibly exactly what I've been looking for.. as long as pci-e passthrough works right.. like as long as I can pass gpus to different VM's and get a looking glass window working :D
@@trtrhr Do you need a source for water being wet? If code can access a GPU directly, then that means they can access the drivers directly, which are running in ring 0.
@@KutAnimus Actually it does not because the whole idea of pci-e passthrough is to pass the whole device (GPU) to an VM. This means the drivers have to run on the VM and not on ring 0. GPU Drivers on ring 0 is exactly what happens when not passing the GPU.
Always thought if I was really concerned with security id just use an old computer with an equally old semi defunct os. Like a custom amiga with a custom version of work bench or something. Sure it'd have draw backs, but the chances of someone else having your setup and being out to mess with the one other person in the world running that setup is slim to non.
Security by obscurity and/or complexity, ask the Germans how their Enigma machines fared in WW2. The big failure with old and obscure machines is the lack of CPU horsepower to make and process keys, a slow machine makes for lazy small keys.
Are you nut! Most of the REAL hackers over 40 learned on old outdated systems that run in command line environments......ANY device connected to the net is vulnerable.
@@joefish6091 Yes, but what if there had been only one pair of enigma machines, would they have gone through the effort? If everybody decided to use PDP-11's running RSTS/E, then there would be incentive to go back to hacking RSTS/E. But not if jyst a handful of people do that.
No because the programs are all run inside VMs and have no idea the X11 even exists. I suppose some sort of timing attack / side-channel stuff could be relevant but nothing specific to X11.
If templates are shared between VMs then i see a possible attack vector if these templates aren't properly serialized, validated, authenticated, etc....which even then leads to other security concerns. Most secure out-of-the-box OS, yes!
If you talking about 14:03, I don't think they are shared. It just saves file on disposable one, sends it to up domain zero, then writes down to target vm.
The templates are shared yes but only from the template to the Qube and not the other way around. You only work in the Qube. And the template hasn't Internet access.
@@deprimat666 Screen sharing is a basic everyday home office requirement. Call it multimedia or whatever you want, I need it. And dual booting kinda defeats the whole purpose.
i disagree. TOS was made by scratch. he wrote his own compiler, and it was his own OS language (Holy C). also TOS was never connected to the internet. what makes Qubes lit af is its the best of both worlds (Sandboxing and functionality), unlike what TOS should have, and could have become. RIP
I've worked over 25 years in chip design and manufacturing. Today I have the opinion that there is no safe OS or software because inside the processor there is spyware protected by three layers that we cannot overcome.
@roque ceravolo 'Yes indeed You may have worked over 25 years in chip design and manufacturing(hats of to them). Today I also have the opinion that there is no safe OS or software of any kind out there because inside the new model processor and chipsets or even decades old ones, there is sinister ,ugly spyware(s) protected by three layers that we cannot overcome.Its the 21st century even moores law is coming to an end and we shall move to quantum mechanics.There is a whole community out there comprising of genuis minds who can even crack this thing up into pieces.For the current record i stand with you point of view.But i guarrantee in the near future you shall post your new found opinion on this forum.Peace to all and GOD Bless you roque ceravolo my dear.
@@aqniazi89niazi32 Thanks for your words. I know because I've seen what's hidden inside hardware and software. Even with three layers of spyware protection on the chips, it is possible to reverse engineer them in laboratories, chemically removing the widespread layers and seeing what is inside. The chip obeys unusual physical laws where geometry does function. It is the top of the state-of-the-art pyramid. I wish that God is always with you.
"You plug a USB stick and VBox is like 'hey, d'you wanna use it in guest?'. " - I wish it worked like that. But now it's a major pain to actually configure. Well, maybe not with USB sticks, but with printers.
Hey there, great presentation. You say at the end that your laptop has 24 gigs of RAM (WOAH! I'm so jealous!), what would be the minimum you would suggest running it with? I know the docs say the min is 4 gigs but i feel you might suggest otherwise?
Hey Rory. Yeah since everything in Qubes is a VM, the more resources, the better. I would recommend buying some hardware you know to be compatible too. I went with a Lenovo Thinkpad because it seemed to have the most support. Check out some compatible machines on the list here: www.qubes-os.org/hcl/
Thanks for getting back to me. Downloaded the ISO last night and intend to have a crack at it in the next couple of days. Sounds like a great idea, just a little worried now about resources, that's if the laptop i have to work with is on the list (touchwood).
Such courage! Good luck trying it out! If you're feeling generous, post back the results of the install to the Hardware Compatibility list to improve the community overall. So the next guy with a touchwood will know. The biggest thing for compatibility is the virtualization features on the processor (VT-x / VT-d)
It's recommended to have 16gb (by CEO of Qubes), 8gb is minimal. Duo to i have only 4gb, it works fine :) But i can use only up to 4vms, sys-net, sys-firewall, personal (only watching video and web browsing). So if you would like to test qubes, you can do it :)
Thanks Profnob, The testing will only be with a couple of apps, email and browsing so the 4vm's are enough to get an idea of how difficult it is to run as a daily driver.
You would typicacally set up 'vault' qubes that hold your data. You can back up only those. Or back up more if you want to also back up (part of) your setup.
this os is on my list for the next computer upgrade if i get a ryzen 5950x. What about SR-IOV can it support it or can it do some magic trick to assign a Gpu to a specific vm ?
Locks that can unlocked if users are paid for the data rather than having it stolen. Is there a mobile communication apps that protects contacts not being shared, as my understanding is mobile security is poor?
If you use hardware virtualization the situation improves drastically and you don't really need that much more. Also I suppose you aren't really going to use Qubes OS to play the latest steam games or something
@@erwindee7384 Depends on many things. I would give it a shot and see if it works (you don't lose anything trying) but I suspect that if you really want to play the very latest games (as in released within 1-2 years back) and have a video card not well supported by Linux you will have problems. I look forward to the day Linux supports all video cards as well as Windows does but that is the one thing Linux does lose in (not a fault of Linux in any way, but simply a side effect of not being the dominant desktop OS).
@@erwindee7384 not gonna work. qubes does not have gpu acceleration. its too much attack surface. if you really want a paranoid gaming setup, install linux (or windows) on iscsi, and make snapshots for different games / apps. or just get a console and dont worry about it :-)
Hey Mark. Good questions. Since I use this everyday for work, I decided to stay on 3.2 until 4.0 is finalized. I can't afford to fight bugs while I'm working. My laptop is a Lenovo ThinkPad T460 Core i7-6600U 2.6GHz 24GB 256GB SSD 14" Type 20FN-CTO1WW. I chose it from the Qubes Hardware compatibility list. There are probably some newer ones that would work better by now. ThinkPads in general have pretty good support.
Don't waste you time installing this OS the newest ver is 4.0.1 there is so many bugs in it,you can't install it the previous ver is no bargain either.
@@flamesredinconito6474 truth be told I did alot of research including trying to install it on desktop s the only pc laptop that it works great on is Dell works great just upgraded to new os.
I haven't heard of that feature of OS/2. Was that fully implemented, for example in Warp, and natural to or was it more of a planned feature. Anyway OS/2 is closed source so it's really disqualified for verified trust. I'm going to read up on it, because I actually like OS/2, but if you'd share your experience I'd happily read it.
@@FreeScience actually, that is the basis of how OS/2 operates, each app in a separate VM... I ran it for like 10 years, and still occasionally load it up on my old laptop just to keep "fresh" on how to use it.
@@magnaman1963 Thanks. I still haven't found any detail on the mechanism, but since OS/2 generally run on pre VT-x/amd-v hardware I would suspect the term "virtual machine" is slightly different in this context.
@@FreeScience The term Virtual Machine has been around a LOT longer than you realize. How the OS/2 implementation of this was done is by running each application in its own "sandbox" completely separate from other applications and the core OS/2 kernel itself. It would make a copy of the OS/2 Operating system in each window and when that window closed everything NOT saved from virtual space to physical space was lost forever.
That's the point and beauty of it. Any OS you use can be compromised by someone specifically targeting you aka "motivated attacker". It's like having an airbag, hope you never need it bit you're glad when it's there. This one just *prepares for it* by not saving information and diversifying your risk by being able to use multiple/disposable VMs that runs on ram and will wipe itself when closes. Unless your ram is ripped out and flash frozen with an aerosol coolant, theres no recovering shit.
Good question. I don't have a lot of experience with Tails, but I always though that Tails was meant for getting online with privacy but not intended to be your daily OS. Like I don't think you can save files and such with Tails (don't quote me on that). Qubes on the other hand is designed to be the primary OS on your desktop that you use every day. Here's a little comparison I found between the two: lifehacker.com/linux-security-distros-compared-tails-vs-kali-vs-qub-1658139404 imo Whonix (built into Qubes) essentially does the same thing as Tails. So you sorta have a Tails VM already in Qubes.
Ah good to know. Still, I don't think I would try to use Tails as my daily driver. Not sure it was designed with that in mind. Qubes, on the other hand, is designed for that. Do you use Tails as your main OS?
The best way to truly avoid evasion of third parties is building your computer components from scratch. Buy your video card, processor, network card from offshore companies and make sure the firmware installed for your components is from an open source organization. NSA has, multiple times, breached firmware through exploits provided by the dev's of network cards in Iranian computers to spy. Once you got the hardware down, find an old version of windows XP CD installation on ebay. Install XP on your newly built computer and then add Anonabox to your router to convert all your traffic to TOR and prevent leaks. Finally, go on internet explorer, install TOR, and then install Qubes OS over the TOR browser. Put Qubes OS on a micro SD card and use this as your storage device. You can find articles online on how to install linux distros on sd cards. Make sure you install chipsec on Qubes to monitor any possible attacks on your bios, like rootkits etc. and use wireshark to monitor your original network (ISP). Once you got Qubes which comes with TOR, use a pluggable transport > TOR - > VPN to prevent fingerprinting and tor usage monitoring by your ISP. Good VPN's would be Private Internet Access. Use a host country like Iceland for your online activity. You have now created a secure operational security.protects no logging policies and is outside of 14 eyes of intelligence.
@@friendsinsolo2312 I can't finish your comment. [only use hardware with open source firmware or you'll get exploits] true, seems fair enough to me [but use windows xp] oh no, it's terminal, I'm sorry, but you're dumb
Ubuntu is dying.. Mint has a gone to a Buster Debian release and it is lacking, like really for a laptop, but a 4+ core one with a huge hard drive, 16gb+ and default treats other drives as plugin drives by default.. sooooo I'm going to try Cubes on a workstation as I have a few of 'them' auto authentuicvate HP OS disks from the passt Vista chow for now..
It's probably a decently secure OS, if you plan to use it as a file server, or any other occupations where documentations is your primary functions eg lawyers and journalism. Otherwise, for memory intensive applications eg CAD, graphics program etc, it may be impractical. Note: I'm in research phrase for this OS only, haven't tried it.
Great but - Never use a smart tv as a computer monitor while IT is connected to the internet. It can spy on your screen activity. My Sony plays up when I discounted the internet from it when using it. As if it has a sissy fit that I did that.
I have a question with its having separate VM that if attacker target Qubes OS then would'nt he go for center point of failure? I mean every VM must connect to one point and if he can crack that code then he might be able to get there isn't it? I'm just wannabe I just want to know if that's possible and if isn't then why not?
That is certainly possible but dom0, the central point of failure, is the most protected part of the OS. To break into it an attacker would have to go through great lengths considering that it doesn’t even have network access. It certainly is plausible since an attacker could technically break into one of the vms through whatever attack and then break out into dom0. However, this makes it a lot more secure than other OS because of the great lengths an attacker would have to go through to compromise the whole system (whereas windows for example all you really need is to run a script and you own the system). So it certainly is possible for that to happen but what you described of ‘hacking’ the code where the vms connect would be incredibly difficult considering the lengths the qubesOS go to protect that.
@@meowcachow9846 ohk. Thanks alot this fulfilled my curiosity. Btw that's a great cat right there. I'm gonna learn alot of things first and then delve into exploitation stuff, I don't like that ethical hacking courses you can never make great zero day exploits out of it though. For eg , how would you discover SQL without knowledge of it.
@@jonathanbush6197 Upgrading from Windows to another OS such as Linux while keeping programs and data = Migration; just as you might upgrade from Windows 7 to Windows 10.
well the "Recommended" system for Qubes OS is 16gb of ram, and the minimum 4gb, if you have enough ram, you can, but if someone gets your host machine for qubes they will have all your qubes vms, so i guess it serves no purpose, and like he said in the presentation regular VM software is designed to be easy not secure, so keep that in mind.
@@GabrielM01 ok, i see.... so, Qubes has not really sense to be on a VM. it's a OS for regular use. can i run Windows 10 on Qubes VM? (i need some softwares only available in Windows 10 OS) and how much performence do i lose doing it?
@@willch7481 i was researching that, i found out you can run a windows 7 vm with seem less windows, meaning that the programs would generate just a window and you would not have to have a full windows window open, its a bit strange but i think you got it, but i also found out that this is really sketchy to do, but you can try, if you really need this try running Qubes in a VM JUST TO EXPERIMENT with this, then if you feel like you know enough to put it on your real system and do the shenanigans to make a windows 7 vm with seem less windows, then you install it
@@GabrielM01 i see... but i really need to run windows 10 only softwares. I'll try it to see how it works but, which other options to run Windows 10 would i have? create a VM inside of a Qubes VM (Qube) to run it? run it from a USB like VM? Xen VM could be other Qube for running other OS in Qubes? what about to run Qubes inside a Qube (VM) of a Qubes (this one running as Base OS)? (i really do not know Qubes enough tho)
Hi living in Ireland and feeling like im am totakky restriced in everyway. People a starting to wake up to whar is going on. Internet security is a must ,
Masterplay yes, but that's counter to the entire point of Qubes. Now, if your Windows install gets compromised, Qubes could be too. See: www.qubes-os.org/doc/multiboot/
The bad thing about these OS's is the creators, even with millions of dollars WILL NOT KEEP UP THE RESOURCES TO KEEP THEM GOING, UPDATED AND MAINTAINED!!! SO IT IS A WASTE OF TIME MOSTLY...🤔🤔🤔🤔🤔🤔🤔 WHAT GOOD IS IT OF ME TO YOU A SECURITY RESOURCE WHEN THE MAKERS WILL NOT INVEST IN ATLEAST 30,50,100 YEARS OF MAINTAINING WHAT IS NEEDED FOR THE MASSES TO KEEP THEMSELVES SAFE???
An example of this is when the Shadowbrokers (hackers) leaked the previously unknown NSA 0 Day (EternalBlue) that lead to the creation and spreading of the Wannacry ransomware worm because no one was patched against the attack. threatpost.com/leaked-nsa-exploit-spreading-ransomware-worldwide/125654/
Here I Can Comment, Mais Celui De La Chaine PSES Avec Benjamin, ON PEUT PAS, Et C Comme Ca Pour Tout Ces Vidéo, En$*^! FR, Mais Portant Je Suis Sur QubesOS A Sa Dernière Version.
Very restrictive, the vast majority of us want and need to run windows and also a second OS like this but that does not consume all your resources. It will never get ahead for this reason.
She's Polish dude. She's not the only Dev. And the code is open source. If you're worried about a back door, then go ahead and audit their source code to prove it. Otherwise your are spreading unsubstantiated FUD.
@@mattysouth3718 It was just a joke. If people are dumb enough to make decisions based off of stupid comments under a youtube video, then they've got bigger problems. Qubes is great.
It is so polished that it is astonishing it was developed by one person alone! Props to Joanna Rutkowska.
EDIT: It's actually made with help from another person - Rafal Wojtczuk. Both are talented people.
Do they work for the government?
Excellent presentation
that door analogy is good, I like it, will "borrow" it.
i've like the idea of qubes os ever since i heard of its inception several years ago. it was a Q/A with some lady high up or running th estart up or whatever. now if someone wants to ressurect the ideas at the core of the old bell labs plan 9 OS and merge it with Qubes Os that be dope af.
Plan 9 lives on via www.vitanuova.com/
+1 for resurrecting Plan9
You're absolutely right about putting locks on our OS........!
hmm.. this is very possibly exactly what I've been looking for.. as long as pci-e passthrough works right.. like as long as I can pass gpus to different VM's and get a looking glass window working :D
Keep in mind that GPU passthrough adds a lot of attack surface.
@@trtrhr Do you need a source for water being wet? If code can access a GPU directly, then that means they can access the drivers directly, which are running in ring 0.
@@KutAnimus Actually it does not because the whole idea of pci-e passthrough is to pass the whole device (GPU) to an VM. This means the drivers have to run on the VM and not on ring 0. GPU Drivers on ring 0 is exactly what happens when not passing the GPU.
Always thought if I was really concerned with security id just use an old computer with an equally old semi defunct os. Like a custom amiga with a custom version of work bench or something. Sure it'd have draw backs, but the chances of someone else having your setup and being out to mess with the one other person in the world running that setup is slim to non.
Security by obscurity and/or complexity, ask the Germans how their Enigma machines fared in WW2.
The big failure with old and obscure machines is the lack of CPU horsepower to make and process keys, a slow machine makes for lazy small keys.
Are you nut! Most of the REAL hackers over 40 learned on old outdated systems that run in command line environments......ANY device connected to the net is vulnerable.
@@joefish6091 Yes, but what if there had been only one pair of enigma machines, would they have gone through the effort? If everybody decided to use PDP-11's running RSTS/E, then there would be incentive to go back to hacking RSTS/E. But not if jyst a handful of people do that.
Good idea. How I get Tails to boot on an abacus?
X11 seems to have a lot of security and design issues I wonder if these could compromise the whole system....
No because the programs are all run inside VMs and have no idea the X11 even exists. I suppose some sort of timing attack / side-channel stuff could be relevant but nothing specific to X11.
If templates are shared between VMs then i see a possible attack vector if these templates aren't properly serialized, validated, authenticated, etc....which even then leads to other security concerns. Most secure out-of-the-box OS, yes!
If you talking about 14:03, I don't think they are shared. It just saves file on disposable one, sends it to up domain zero, then writes down to target vm.
The templates are shared yes but only from the template to the Qube and not the other way around. You only work in the Qube. And the template hasn't Internet access.
Damn, lack of support for screen sharing is a dealbreaker for me. Does someone know whether this limitation still exists in the current Qubes version?
It’s purpose isn’t really for multimedia. And haven’t you heard of dual booting?
@@deprimat666 Screen sharing is a basic everyday home office requirement. Call it multimedia or whatever you want, I need it.
And dual booting kinda defeats the whole purpose.
@@SaHaRaSquad Someone at my work who's running qubes is able to do screensharing. Don't know how though
There is definitely a method to do so. Just not by default you'll just need to configure the screensharing yourself and I'm sure it'll work
Excuse me, I know some time pass but, how did you get cpu/mem usage on manager? What ver of manager was it?
almost sounds like....temple OS! at least the segmentation piece. this is actually functional.
i disagree. TOS was made by scratch. he wrote his own compiler, and it was his own OS language (Holy C). also TOS was never connected to the internet. what makes Qubes lit af is its the best of both worlds (Sandboxing and functionality), unlike what TOS should have, and could have become. RIP
@@mybigboiphilip6997 TOS was never going to have internet and its code base was always going to be under 100K LOC
I've worked over 25 years in chip design and manufacturing. Today I have the opinion that there is no safe OS or software because inside the processor there is spyware protected by three layers that we cannot overcome.
@roque ceravolo 'Yes indeed You may have worked over 25 years in chip design and manufacturing(hats of to them). Today I also have the opinion that there is no safe OS or software of any kind out there because inside the new model processor and chipsets or even decades old ones, there is sinister ,ugly spyware(s) protected by three layers that we cannot overcome.Its the 21st century even moores law is coming to an end and we shall move to quantum mechanics.There is a whole community out there comprising of genuis minds who can even crack this thing up into pieces.For the current record i stand with you point of view.But i guarrantee in the near future you shall post your new found opinion on this forum.Peace to all and GOD Bless you roque ceravolo my dear.
@@aqniazi89niazi32 Thanks for your words. I know because I've seen what's hidden inside hardware and software. Even with three layers of spyware protection on the chips, it is possible to reverse engineer them in laboratories, chemically removing the widespread layers and seeing what is inside. The chip obeys unusual physical laws where geometry does function. It is the top of the state-of-the-art pyramid. I wish that God is always with you.
"You plug a USB stick and VBox is like 'hey, d'you wanna use it in guest?'. " - I wish it worked like that. But now it's a major pain to actually configure. Well, maybe not with USB sticks, but with printers.
Great walkthrough
Hey there, great presentation. You say at the end that your laptop has 24 gigs of RAM (WOAH! I'm so jealous!), what would be the minimum you would suggest running it with? I know the docs say the min is 4 gigs but i feel you might suggest otherwise?
Hey Rory. Yeah since everything in Qubes is a VM, the more resources, the better. I would recommend buying some hardware you know to be compatible too. I went with a Lenovo Thinkpad because it seemed to have the most support. Check out some compatible machines on the list here: www.qubes-os.org/hcl/
Thanks for getting back to me. Downloaded the ISO last night and intend to have a crack at it in the next couple of days. Sounds like a great idea, just a little worried now about resources, that's if the laptop i have to work with is on the list (touchwood).
Such courage! Good luck trying it out! If you're feeling generous, post back the results of the install to the Hardware Compatibility list to improve the community overall. So the next guy with a touchwood will know. The biggest thing for compatibility is the virtualization features on the processor (VT-x / VT-d)
It's recommended to have 16gb (by CEO of Qubes), 8gb is minimal. Duo to i have only 4gb, it works fine :) But i can use only up to 4vms, sys-net, sys-firewall, personal (only watching video and web browsing). So if you would like to test qubes, you can do it :)
Thanks Profnob, The testing will only be with a couple of apps, email and browsing so the 4vm's are enough to get an idea of how difficult it is to run as a daily driver.
How do you solve backups in a nightmare setup like this?
Everything is still on the same hard-drive, so if you just back that up, you're good. Or you could let every VM handle its own backups itself.
Btw, Qubes has its own backup system. You can learn more in: www.qubes-os.org/doc/backup-restore/
You would typicacally set up 'vault' qubes that hold your data. You can back up only those. Or back up more if you want to also back up (part of) your setup.
this İS the future!
Great Presentation
great presentation
Amazing presentation
this os is on my list for the next computer upgrade if i get a ryzen 5950x.
What about SR-IOV can it support it or can it do some magic trick to assign a Gpu to a specific vm ?
Nope, Qubes doesn't do GPU virtualization at all, so you better have some integrated graphics planned with that build.
SOMEONE GIVE THIS MAN MORE TIME
Locks that can unlocked if users are paid for the data rather than having it stolen.
Is there a mobile communication apps that protects contacts not being shared, as my understanding is mobile security is poor?
With all those compartmentalization features guess it requires alot of ram.
Good job system 76 is drunk so you can get a laptop with 64gb of ram.
If you use hardware virtualization the situation improves drastically and you don't really need that much more. Also I suppose you aren't really going to use Qubes OS to play the latest steam games or something
@@samuelallan7452 I was planning to, actually. Not a good idea because of virtualization?
@@erwindee7384 Depends on many things. I would give it a shot and see if it works (you don't lose anything trying) but I suspect that if you really want to play the very latest games (as in released within 1-2 years back) and have a video card not well supported by Linux you will have problems.
I look forward to the day Linux supports all video cards as well as Windows does but that is the one thing Linux does lose in (not a fault of Linux in any way, but simply a side effect of not being the dominant desktop OS).
@@erwindee7384 not gonna work. qubes does not have gpu acceleration. its too much attack surface. if you really want a paranoid gaming setup, install linux (or windows) on iscsi, and make snapshots for different games / apps. or just get a console and dont worry about it :-)
The bathroom is downstairs to the right... 😂
Matty, Great presentation. I just wanted to ask what model your laptop was and are you using Version 4 of Qubes on it?
Hey Mark. Good questions. Since I use this everyday for work, I decided to stay on 3.2 until 4.0 is finalized. I can't afford to fight bugs while I'm working. My laptop is a Lenovo ThinkPad T460 Core i7-6600U 2.6GHz 24GB 256GB SSD 14" Type 20FN-CTO1WW. I chose it from the Qubes Hardware compatibility list. There are probably some newer ones that would work better by now. ThinkPads in general have pretty good support.
Oh, just realized they release a stable version of 4.0 a couple months ago! Nice! I might have to try it out.
Matty South thanks mate. Your video has convinced me to have a go.
Don't waste you time installing this OS the newest ver is 4.0.1 there is so many bugs in it,you can't install it the previous ver is no bargain either.
So, other options?
What about now?
@@flamesredinconito6474 truth be told I did alot of research including trying to install it on desktop s the only pc laptop that it works great on is Dell works great just upgraded to new os.
@@powerfury1 you actually came back, props to you as not many people would do that
Hmmm... all those VM's in a super secure OS... why does that sound familiar? **couch cough OS/2 Cough
I haven't heard of that feature of OS/2. Was that fully implemented, for example in Warp, and natural to or was it more of a planned feature. Anyway OS/2 is closed source so it's really disqualified for verified trust.
I'm going to read up on it, because I actually like OS/2, but if you'd share your experience I'd happily read it.
@@FreeScience actually, that is the basis of how OS/2 operates, each app in a separate VM... I ran it for like 10 years, and still occasionally load it up on my old laptop just to keep "fresh" on how to use it.
@@magnaman1963 Thanks. I still haven't found any detail on the mechanism, but since OS/2 generally run on pre VT-x/amd-v hardware I would suspect the term "virtual machine" is slightly different in this context.
@@FreeScience The term Virtual Machine has been around a LOT longer than you realize. How the OS/2 implementation of this was done is by running each application in its own "sandbox" completely separate from other applications and the core OS/2 kernel itself. It would make a copy of the OS/2 Operating system in each window and when that window closed everything NOT saved from virtual space to physical space was lost forever.
" and it's designed with the idea that a motivated attacker will get you if your being targeted ". What a fantastic OS to have. LOLOLOLOLOL
That's the point and beauty of it. Any OS you use can be compromised by someone specifically targeting you aka "motivated attacker". It's like having an airbag, hope you never need it bit you're glad when it's there. This one just *prepares for it* by not saving information and diversifying your risk by being able to use multiple/disposable VMs that runs on ram and will wipe itself when closes. Unless your ram is ripped out and flash frozen with an aerosol coolant, theres no recovering shit.
how does this compare to tails?
Good question. I don't have a lot of experience with Tails, but I always though that Tails was meant for getting online with privacy but not intended to be your daily OS. Like I don't think you can save files and such with Tails (don't quote me on that). Qubes on the other hand is designed to be the primary OS on your desktop that you use every day. Here's a little comparison I found between the two:
lifehacker.com/linux-security-distros-compared-tails-vs-kali-vs-qub-1658139404
imo Whonix (built into Qubes) essentially does the same thing as Tails. So you sorta have a Tails VM already in Qubes.
You actually can use tails with persistent encrypted storage which partitions off a section of the USB drive to hold settings and files.
Ah good to know. Still, I don't think I would try to use Tails as my daily driver. Not sure it was designed with that in mind. Qubes, on the other hand, is designed for that. Do you use Tails as your main OS?
The best way to truly avoid evasion of third parties is building your computer components from scratch. Buy your video card, processor, network card from offshore companies and make sure the firmware installed for your components is from an open source organization. NSA has, multiple times, breached firmware through exploits provided by the dev's of network cards in Iranian computers to spy.
Once you got the hardware down, find an old version of windows XP CD installation on ebay. Install XP on your newly built computer and then add Anonabox to your router to convert all your traffic to TOR and prevent leaks. Finally, go on internet explorer, install TOR, and then install Qubes OS over the TOR browser.
Put Qubes OS on a micro SD card and use this as your storage device. You can find articles online on how to install linux distros on sd cards.
Make sure you install chipsec on Qubes to monitor any possible attacks on your bios, like rootkits etc. and use wireshark to monitor your original network (ISP).
Once you got Qubes which comes with TOR, use a pluggable transport > TOR - > VPN to prevent fingerprinting and tor usage monitoring by your ISP. Good VPN's would be Private Internet Access. Use a host country like Iceland for your online activity.
You have now created a secure operational security.protects no logging policies and is outside of 14 eyes of intelligence.
@@friendsinsolo2312 I can't finish your comment.
[only use hardware with open source firmware or you'll get exploits] true, seems fair enough to me
[but use windows xp] oh no, it's terminal, I'm sorry, but you're dumb
Could qubes be run as lxc containers instead of vm's?
Then they all share kernel if Im not wrong
nice presentation convinced me to switch from ubuntu :)
Ubuntu is dying.. Mint has a gone to a Buster Debian release and it is lacking, like really for a laptop, but a 4+ core one with a huge hard drive, 16gb+ and default treats other drives as plugin drives by default.. sooooo I'm going to try Cubes on a workstation as I have a few of 'them' auto authentuicvate HP OS disks from the passt Vista chow for now..
@@tsclly2377 ubuntu is not dying xD
Would one of the barebone laptop kits they sell on new egg be good for this? (Quad core processor and 32-64GB of ram.)
How do you do anything initially if the USB is its own VM? Don't you need a mouse and keyboard?
1337 people use PS2 keyboard and mice.
You can add keyboard and mouse usb to dom0
It's probably a decently secure OS, if you plan to use it as a file server, or any other occupations where documentations is your primary functions eg lawyers and journalism. Otherwise, for memory intensive applications eg CAD, graphics program etc, it may be impractical. Note: I'm in research phrase for this OS only, haven't tried it.
Exactly, complete hardware and software separation between work and play.
Great but - Never use a smart tv as a computer monitor while IT is connected to the internet. It can spy on your screen activity. My Sony plays up when I discounted the internet from it when using it. As if it has a sissy fit that I did that.
I'm stuck at the installation part..
I have a question with its having separate VM that if attacker target Qubes OS then would'nt he go for center point of failure? I mean every VM must connect to one point and if he can crack that code then he might be able to get there isn't it? I'm just wannabe I just want to know if that's possible and if isn't then why not?
That is certainly possible but dom0, the central point of failure, is the most protected part of the OS. To break into it an attacker would have to go through great lengths considering that it doesn’t even have network access. It certainly is plausible since an attacker could technically break into one of the vms through whatever attack and then break out into dom0. However, this makes it a lot more secure than other OS because of the great lengths an attacker would have to go through to compromise the whole system (whereas windows for example all you really need is to run a script and you own the system). So it certainly is possible for that to happen but what you described of ‘hacking’ the code where the vms connect would be incredibly difficult considering the lengths the qubesOS go to protect that.
@@meowcachow9846 ohk. Thanks alot this fulfilled my curiosity. Btw that's a great cat right there. I'm gonna learn alot of things first and then delve into exploitation stuff, I don't like that ethical hacking courses you can never make great zero day exploits out of it though. For eg , how would you discover SQL without knowledge of it.
What is the most secure Linux distro?? I want to use a distro that allows for a VPN.
VPNs are basic money toilets.
QubesOS. You can use a VPN with qubesOS. Just create a new distro and follow the guide for proxy vpn
Now if people can migrate from Windows 10 to this =D
"People" want doorless computers. Many don't even bother with a password. Or maybe I am missing your sense of humor...
@@jonathanbush6197 Upgrading from Windows to another OS such as Linux while keeping programs and data = Migration; just as you might upgrade from Windows 7 to Windows 10.
I love that last analogy
if i have to run Qubes on a VM, which one would u recomend?
well the "Recommended" system for Qubes OS is 16gb of ram, and the minimum 4gb, if you have enough ram, you can, but if someone gets your host machine for qubes they will have all your qubes vms, so i guess it serves no purpose, and like he said in the presentation regular VM software is designed to be easy not secure, so keep that in mind.
@@GabrielM01 ok, i see....
so, Qubes has not really sense to be on a VM. it's a OS for regular use.
can i run Windows 10 on Qubes VM?
(i need some softwares only available in Windows 10 OS)
and how much performence do i lose doing it?
@@willch7481 i was researching that, i found out you can run a windows 7 vm with seem less windows, meaning that the programs would generate just a window and you would not have to have a full windows window open, its a bit strange but i think you got it, but i also found out that this is really sketchy to do, but you can try, if you really need this try running Qubes in a VM JUST TO EXPERIMENT with this, then if you feel like you know enough to put it on your real system and do the shenanigans to make a windows 7 vm with seem less windows, then you install it
@@GabrielM01 i see...
but i really need to run windows 10 only softwares. I'll try it to see how it works
but, which other options to run Windows 10 would i have? create a VM inside of a Qubes VM (Qube) to run it? run it from a USB like VM? Xen VM could be other Qube for running other OS in Qubes?
what about to run Qubes inside a Qube (VM) of a Qubes (this one running as Base OS)?
(i really do not know Qubes enough tho)
@@willch7481 i guess you would have a lot of performance issues, that would require a lot of ram
Praise Rootkovska! :P
Thank you i should invest.
Hi living in Ireland and feeling like im am totakky restriced in everyway. People a starting to wake up to whar is going on. Internet security is a must ,
@@reginaldburnbridge2217 Too late.
could i install qubes in the same hdd that windows is installed by making a partition on it?
Masterplay yes, but that's counter to the entire point of Qubes. Now, if your Windows install gets compromised, Qubes could be too. See: www.qubes-os.org/doc/multiboot/
Love it. Thanks
What about privacy?
Does Qubes support Steam?
Yes
Ok I say the 2 obvious things here,,,,
1) give him a stool
2) The real Sheldon Cooper (look alike)
And yes I enjoyed it,mostly
3. He really should have gone to the bathroom first instead of wiggling and squeezing the way he did. Poor Matty🤪
So don't install Host integration in VM
can i run qubes as a front end and run a virtualization to add windows 10 or hackatosih without any latency ?
Love this
4:57 we found Jared.
hAHah
These security measures should also be government proof as well....!
Why not switch to OpenVMS and use a real operating system that has only 45 CERT advisories since 1978...
17:52 Crysis lmaooooooo
How do you get around stuff like the the Google Chrome Syncs?
Don't use Google Chrome if you're interested in security. That's how.
@@gunstorm05 Yes, one browser alternative is Brave.
@Soru İşareti Its secure to hackers...not from google themselves or gov agencies because that's all open
The bad thing about these OS's is the creators, even with millions of dollars WILL NOT KEEP UP THE RESOURCES TO KEEP THEM GOING, UPDATED AND MAINTAINED!!!
SO IT IS A WASTE OF TIME MOSTLY...🤔🤔🤔🤔🤔🤔🤔
WHAT GOOD IS IT OF ME TO YOU A SECURITY RESOURCE WHEN THE MAKERS WILL NOT INVEST IN ATLEAST 30,50,100 YEARS OF MAINTAINING WHAT IS NEEDED FOR THE MASSES TO KEEP THEMSELVES SAFE???
Without better GPU support it isn’t interesting. Even if that requires some security compromises.
What does the gender of the coder have anything to do with anything? Virtue signaling sucks
lmao you losers are so fucking boring my god
at least I got a hit for “virtue signal” on my daily chud bingo card
@@5ystemError bazinga!
@@5ystemError It was a surprise to me that she is actually a real woman, and not just another cock-cage-and-programming-sock-wearer.
*** Count how many times you say ahhh and umm. ***
Disliked for the sexism
Edit: Otherwise would have been a really great video
Wtf .. ahah
4:57 CRINGE
what is an O day?
aka "zero day". www.wired.com/2014/11/what-is-a-zero-day/ It's a hack that only hackers know so it can't be patched yet.
An example of this is when the Shadowbrokers (hackers) leaked the previously unknown NSA 0 Day (EternalBlue) that lead to the creation and spreading of the Wannacry ransomware worm because no one was patched against the attack. threatpost.com/leaked-nsa-exploit-spreading-ransomware-worldwide/125654/
I noticed right away he is not secure speaking publicly by his leg movements and podium cowering.
too resource hungry for me if security is your everything well yes but if you have some other line of work well you may be out of luck with this one.
noooooo :)
I wonder if he hates gates as much as me... he used the name Bill for a bad actor xD
so it is venerable to a simple clipboard hack,
can run photoshop in this OS?
Mmmm. I don't think photoshop has a linux version. You'd have to use the Windows VM for that I think.
You can use it through a windows template, I guess
Here I Can Comment, Mais Celui De La Chaine PSES Avec Benjamin, ON PEUT PAS, Et C Comme Ca Pour Tout Ces Vidéo, En$*^! FR, Mais Portant Je Suis Sur QubesOS A Sa Dernière Version.
I would never use an OS made by a male.
ikr, top of my list when looking for a secure OS, is whether it was made by a woman. 100%
Indeed, males just don't have the wherewithal for this sort of thing. Especially CARDASSIAN males.
1:05 "makes it seem more legit" Disliked.
I for the life of me cannot figure out how to connect either WiFi or Ethernet to Qubes... currently this OS is useless for me!!
Very restrictive, the vast majority of us want and need to run windows and also a second OS like this but that does not consume all your resources. It will never get ahead for this reason.
By definition you can have either unrestricted Windows, _or_ security, not both.
Interesting.........but I think he has to go to the bathroom.
Why does the developers gender mean anything? Stop focusing on identity bullshit.
4:58, SIMP detected!
I got it, you're smart. I'm not... that's not new, fml :)
I don't think that's what was intended.. And knowledge about such a niche topic as Qubes OS is in no way indicative of general intelligence
Is it just me or does cubes sound really insecure
Just you
No one will use it .............😑😑😑
Developed by a Russian? I bet she’s planted a deep hidden backdoor on every Qubes machine so all the data goes back to the motherland XD
She's Polish dude. She's not the only Dev. And the code is open source. If you're worried about a back door, then go ahead and audit their source code to prove it. Otherwise your are spreading unsubstantiated FUD.
@@mattysouth3718 It was just a joke. If people are dumb enough to make decisions based off of stupid comments under a youtube video, then they've got bigger problems. Qubes is great.
Orange man bad!
can run windows 10 on a Virtual Machine inside Qubes?
yes, like a template