I’ve been using Qubes OS daily for over a year now, and just thought I’d talk about it.
In case you haven’t heard of it, (here is its website), it’s a linux operating system that lets you separate your activities into different virtual machines (VMs), to increase security. (A virtual machine is like a computer inside your computer. An additional operating system running on it. Computers can “just make another computer” inside itself). Qubes calls each VM a “qube.”
The idea is that if one qube gets compromised by a malicious email or whatever, that the other ones will be protected from it.
There are also “template” qubes that are designed to be the place where programs get installed, and then the “app qubes” (the qubes you would tend to use) are assigned to a template (you just click the template you want it to have during qube creation), and then it accesses that template to run the program out of. So you can install Signal once, then run several different instances of Signal, if you wanted to, in app VMs, and only have the program have been downloaded the one time.
It’s overall very fun if you feel nerdy about computer stuff.
What I like:
1. It lets you have so much control.
I’ve sometimes run different qubes on different VPNs, or some on VPNs, some on Whonix (Tor connection). It’s fun to customize.
You can run a qube in Debian, a qube in Fedora, you can have a Windows qube.
2. You can customize the bar at the top of your screen a ton to make your user experience work for you as a specific user. For example, if you want to operate Qubes as if it were just a normal basic PC operating system, it can be set up with your “menu” if you will, of applications, right at the top. (Sorry, I tried taking screenshots and it didn’t You can also show an image for each shortcut. This would be useful if you’re having someone else set up Qubes for you, and you just want to know what button to click to open a document, etc. It can be simplified.
In my case, what I like having visible is the date and time displayed a certain way, and a way to visually check in on my system quickly. There’s also the ability to set alarms, which has worked ok-ish. It’s also fun to be able to customize the way your launch menu displays.
3. You can pick the color of the qubes. I know… it’s just fun.
4. If you are a normal user, I can imagine that this would be a reasonably secure OS.
5. You have to manually mount peripherals, like USB drives, cameras, microphones, to the qube you want to use them on.
This is really good for security! It’s also fun, at least for me. It’s nice to know exactly what is happening, unlike, say, using something made by Apple, where no one, not even their employees, actually know what is happening*.
6. It makes it easy to create multiple instances of the same program. Once I made like…. *cough*… 14? instances of the same program that I needed for a project. 🫠
7. It makes it easy to give some of your files/programs network access, but not others.
You can have some of your qubes be online, and some be offline. There’s a lot of value in that control.
ok.
What I am not the biggest fan of:
1. You really do need a good computer to put it on, ideally. If you have a lot of files or are a heavy user, you need more power and space, not less. Even with that in place, some glitching and crashing is expected. I haven’t ever lost any major files or anything like that (recovery has tended to catch things), but I have some qubes that regularly have to get manually stopped, then “killed” (if they’ve frozen). I also have tended to use a high quantity of qubes… so it’s probably a self-made problem.
2. Transferring files from one qube to the other is relatively easy once you know how, but it’s just a pain. It’s a pain! It’s a pain. You just have to use your file manager in each qube constantly to tell it to move a file from one qube to the other (or copy it).
3. While I’m on that topic… you must verify that large quantities of files have actually been moved when you tell them to be moved. I haven’t had this issue with small quantities of files, but I have had it fail to move large quantities of files before, and was glad to have a backup.
4. If you take screenshots of the entire screen, it will get saved in Dom 0 (Dom 0 is the operating system that “holds” all of your qubes), which is intentionally designed to be difficult to access. I did figure out how to move those screenshots to another VM, but it’s just obnoxious to have to do.
5. A lot of the more-complex programs won’t work if you install them using the recommended method (installing them in a template, and then using an app VM to access them). They need a “Standalone” qube- a VM that is isolated and its own full OS, including program files. This makes them take up more disc space. It’s just annoying to go through the work of installing something to discover it won’t work. It’s happened with Brave web browser, and several others… I think Audacity is one, also. Basically “heavy” and complicated apps that probably require more permissions.
6. There are some quirks. The installation itself can require several attempts to get the configuration to one that works with your computer (I had to use the “latest” kernel rather than the default, to get it to boot on mine). If you install it with Debian as the default template, and ask it to make both sys-net (networking qube) and sys-usb (qube that accepts usbs) disposable, wifi won’t work initially (even though it should), but if you do all of the same things with Fedora as the default template, wifi will work fine. Things like that.
7. For your average person, it doesn’t have all kinds of features to stop you from accidentally breaking everything. I just would like to see it have a “mode” available that you can click to make it behave like a normal PC (asking if you really want to delete things first, simplifying things, etc), to try to make it accessible to more people. Because it really does require a lot of learning/pre-existing interest/experience in linux to figure out how it works. But if you have someone who can set it up, then click a mode that makes it unlikely to result in bad outcomes for most people, I think that would be positive.
I think it’s the future of computing, to separate activities into separate VMs. Or, at least it should be. It probably won’t be, due to where the money is and… habits. In any case I’ve really enjoyed using it. It makes sense from a privacy and control perspective.
I may be switching back to Pop! OS soon (it’s by System76; my favorite computer company. They were also able to verify several laptops as latex free!), as it’s simpler. I’m not sure.
If “normal” operating systems are the earth, then Qubes is definitely on a spaceship. And it’s pretty darned cool.
*just going to leave this asterisk here but pls dont sue me, Apple
