Xen-Based Secure OS Qubes Hits 1.0 175
Orome1 writes "Joanna Rutkowska, CEO of Invisible Things Lab, today released version 1.0 of Qubes, a stable and reasonably secure desktop OS. It is the most secure option among the existing desktop operating systems — even more secure than Apple's iOS, which puts each application into its own sandbox and does not count on the user to make security decisions. Qubes will offer users the option of using disposable virtual machines for executing tasks they believe could harm their computer. These VMs will be lightweight, easily and extremely speedily created and booted, and would be just as easy to discard."
First covered back in 2010. See some screenshots of the X11 part in action (and they say displaying clients from multiple "hosts" isn't useful...)
Re:secure you say? (Score:5, Informative)
Actually, it looks somewhat similar to the secure version of Solaris, running different processes in different VMs. I wonder if I have a crappy old machine lying around somewhere that I could test it on.
I Use Words Good (Score:5, Informative)
A JVM is called a virtual machine, but it isn't virtual machine in the same sense as the one provided by Xen. The JVM is a simple bytecode interpreter/compiler. It sort of emulates a machine, but not a complete machine. It runs in user space on top of the native OS and cannot run an OS of its own.
Xen is a hypervisor [wikipedia.org] whose virtual machines emulate a complete system. It doesn't just run the application program, it runs the whole bloody OS. The virtual machine has virtual disks, virtual memory, a virtual processor, even a virtual reset button, Support for this virtualization is built into modern processors, so it occurs at a very low level.
I imagine a sufficiently clever hacker could think of a way to bypass the guest OS and the hypervisor and do wacky things, But it's one hell of a lot harder than breaking out of a JVM sandbox.
Re:And I feel so safe downloading it.. (Score:4, Informative)
I haven't visited the Qubes web site, But the fact that No'Script breaks it is not a big issue, NoScript breaks half the sites on the web. NoScript assumes that all scripting is evil and that you should never allow it unless you absolutely have to — after multiple warning from NoScript as to how dangerous it is.
If you think this is a sane approach to security, you should consider abandoning graphical browsers altogether. I think Lynx is still being maintained.
Re:X startup failed, aborting installation (Score:3, Informative)
It is possible in some cases to run a VM in a VM [wordpress.com]. It's been done for decades on mainframes. It just happens that this particular VM won't run in a VM, but it's not an unreasonable thing to try.
Re:I Use Words Good (Score:5, Informative)
I imagine a sufficiently clever hacker could think of a way to bypass the guest OS and the hypervisor and do wacky things,
Can and has. The sufficiently clever hacker that has been behind most incidences of piercing the guest-hypervisor veil is one Joanna Rutkowska, CEO of Invisible Things Lab.
Interesting how that works, don't you think?
Re:I Use Words Good (Score:4, Informative)
That bug was found by Rafal Wojtczuk who is also an author of Qubes: https://groups.google.com/forum/?fromgroups#!topic/qubes-devel/JIpZoQUP6dQ [google.com]
Re:lacking documentation or lack of focus (Score:4, Informative)
Re:secure you say? (Score:4, Informative)