Fixxx
Moderator
- Joined
- Aug 21, 2024
- Messages
- 283
- Reaction score
- 926
- Points
- 93
In this article, I will talk about the safest operating system, in my opinion, QubesOS. I will try to describe the principles of how this OS works and its advantages over other anonymous operating systems as clearly as possible. The main principles of building secure operating systems are encryption and isolation through virtualization, all of which are implemented in QubesOS.
QubesOS is a free and open-source operating system based on the Xen hypervisor, X Window System and Linux. It uses virtualization to implement security domains through isolation. It would be incorrect to call Qubes a Linux distribution; rather, Qubes is a Xen distribution. Xen is a type-1 hypervisor that runs "on the hardware", unlike type-2 hypervisors like VirtualBox and VMware, which operate on the principle of "system within a system". According to the developers of Qubes, Xen is better suited for creating secure systems compared to KVM. The architecture and trust levels in QubesOS are illustrated in the image:
Virtualization reduces the number of interfaces between security domains, but despite this, it allows security domains to interact with each other, significantly reducing the attack surface. To run applications in Qubes, so-called templates based on Fedora, Debian or Whonix are used (there are other templates as well). Integration with Whonix greatly enhances anonymity and security during operation. Templates can be isolated from each other or interact with one another. Qubes also uses a microkernel as the code to ensure isolation, which further reduces the attack surface, while other operating systems (like Debian) use a monolithic kernel. An attacker would need to compromise Xen to gain full control over the system, which is much more difficult than breaching the main system from a guest (which is also unlikely). This approach requires relatively high hardware specifications; for optimal performance, Qubes requires an x64 processor with Intel VT-x with EPT or AMD-V with RVI (Intel VT-d or AMD-Vi), 16GB of RAM and a fast SSD. I also recommend using Coreboot + SeaBIOS instead of proprietary BIOS on devices where this is possible. It's also advisable to use devices without discrete graphics, as Qubes doesn't support GPU virtualization. For the graphical environment, I recommend using XFCE.
When installing Qubes, full disk encryption (FDE) should be used. Qubes has disposable virtual machines that are completely deleted after use, leaving no traces. They are excellent for accessing a resource under a different identity alongside the main one or for opening a suspicious file without the fear of picking up malware. Network operations in Qubes occur in a separate virtual machine (NetVM), making the exploitation of vulnerabilities in your network interface drivers useless; an attacker would simply access the network virtual machine. To counteract BadUSB-type attacks, Qubes uses a separate virtual machine to manage USB interfaces (UsbVM). Lightweight virtual machines (AppVM) are used to open applications (for example, to run a browser). Each AppVM is based on a Fedora template (the template can be changed; I recommend using Debian or Whonix). Each security domain in Qubes has a specific color:
- Red - untrusted
- Green - trusted
- Yellow and orange - something in between
- Blue, gray and black - the most secure (black is the most secure)
The color is purely a visual component for the user; from a technical standpoint, it doesn't affect the system's operation!
In summary, it can be said that QubesOS is the best secure operating system among those available, as it protects you from hardware backdoors through virtualization and when used together with Whonix, it further complicates your tracking. On the downside, QubesOS is not well-suited for beginners and understanding its principles of operation is not always easy for the average user. It's worth noting that QubesOS is not endorsed by the FSF for the same reason as Debian.
Official website of QubesOS: qubes-os.org