- Oct 3, 2022
- 836
Spent the last week on Qubes OS.
As you might know, it uses virtualization to create different virtual machines for personal,
work, untrusted and disposable environments. This should protect against attackers from jumping
from the vm running your browser to the vm housing your important documents.
The one thing I find odd is that there is no password for the user in the vm's. Hence there is no
password for sudo. So what that means is an intruder can completely take over your internet facing vm.
But you are supposed to use a disposable vm for internet browsing.
A disposable vm is wiped every time you shut it down or when you shutdown the machine. And it starts from a clean slate every time you
start it up. ( Your applications are stored in the template and stays intact ) All your attacker's tools will be gone.
What that means is that you have to at least setup your password manager and configure your browser
before you do any surfing. A bit tedious, but I think that is the way it is intended to be used.
There is a Qubues Manager, where you can view all your vm's. It can started via 2 methods. One way
is via the Qubes Domains icon on the top right. Another way is through Applications Menu (top left) > Gear icon
> Qubes Tools > Qubes Manager.
The Qubes Manager is where you do updates. (Update button in Qubes Manager) You will find your OS templates in Qubes Manager.
And they are the ones which needs updating. The built-in templates are fedora, whonix and debian.
You also install your apps in the templates. And then they will be available in your vm's. You start the template
in Qubes Manager, then you start the console/terminal and you use the package manager for the respective distro. Then you shutdown
the template afterwards. You only have to manually start the template when you install applications. You don't need to prestart your template
to do updates - Qubes will start it for you and shut it down afterwards.
To put your applications onto the vm's menu as seen in the top left Applications menu, you
click on Application Menu > vm name > Settings, and go to the applications tab.
The host is called dom0. It does not connect at all. You can't even copy files over to it. You can copy things between
vm's using the clipboard : CTRL-SHIFT-C and CTRL-SHIFT-V. You can copy files across vm using the File Manager right click
and 'Copy to another cube' . But not to dom0.
There are no pre-setup disposable vm's. You have to to go Qubes Manager > New Cube button; Type=disposable.
You don't have to use a disposable vm, instead you can create an AppVM. This kind of vm has a persistent home directory
and the root drawn from the template. You are then running the risk of the attacker hiding her tools within \home. What I
suggest is to use the work and personal vm's to store your valuable data.
It is also possible to create a Windows or other Linux distro vm. Remember to install the Qubes Windows Tool.
To change your wallpaper, you first download it into your <disosable vm name>. Then view the picture full screen.
Then right click on the desktop and choose Applications > System Tools > Screenshot. Take the screen shot and
save it. It will be saved into dom0. Then right click on desktop, choose Desktop Settings
and navigate to where the screen shot was saved.
On the whole I am satisfied with the security of Qubes for now. There is an uneasy feeling to it as the attacker
can setup camp and and control the disposable vm until it is restarted. But Qubes founder Rutkowska is well known in
the security world, and knows virtualization really well, she would have thought thru all the attack vectors.
As you might know, it uses virtualization to create different virtual machines for personal,
work, untrusted and disposable environments. This should protect against attackers from jumping
from the vm running your browser to the vm housing your important documents.
The one thing I find odd is that there is no password for the user in the vm's. Hence there is no
password for sudo. So what that means is an intruder can completely take over your internet facing vm.
But you are supposed to use a disposable vm for internet browsing.
A disposable vm is wiped every time you shut it down or when you shutdown the machine. And it starts from a clean slate every time you
start it up. ( Your applications are stored in the template and stays intact ) All your attacker's tools will be gone.
What that means is that you have to at least setup your password manager and configure your browser
before you do any surfing. A bit tedious, but I think that is the way it is intended to be used.
There is a Qubues Manager, where you can view all your vm's. It can started via 2 methods. One way
is via the Qubes Domains icon on the top right. Another way is through Applications Menu (top left) > Gear icon
> Qubes Tools > Qubes Manager.
The Qubes Manager is where you do updates. (Update button in Qubes Manager) You will find your OS templates in Qubes Manager.
And they are the ones which needs updating. The built-in templates are fedora, whonix and debian.
You also install your apps in the templates. And then they will be available in your vm's. You start the template
in Qubes Manager, then you start the console/terminal and you use the package manager for the respective distro. Then you shutdown
the template afterwards. You only have to manually start the template when you install applications. You don't need to prestart your template
to do updates - Qubes will start it for you and shut it down afterwards.
To put your applications onto the vm's menu as seen in the top left Applications menu, you
click on Application Menu > vm name > Settings, and go to the applications tab.
The host is called dom0. It does not connect at all. You can't even copy files over to it. You can copy things between
vm's using the clipboard : CTRL-SHIFT-C and CTRL-SHIFT-V. You can copy files across vm using the File Manager right click
and 'Copy to another cube' . But not to dom0.
There are no pre-setup disposable vm's. You have to to go Qubes Manager > New Cube button; Type=disposable.
You don't have to use a disposable vm, instead you can create an AppVM. This kind of vm has a persistent home directory
and the root drawn from the template. You are then running the risk of the attacker hiding her tools within \home. What I
suggest is to use the work and personal vm's to store your valuable data.
It is also possible to create a Windows or other Linux distro vm. Remember to install the Qubes Windows Tool.
To change your wallpaper, you first download it into your <disosable vm name>. Then view the picture full screen.
Then right click on the desktop and choose Applications > System Tools > Screenshot. Take the screen shot and
save it. It will be saved into dom0. Then right click on desktop, choose Desktop Settings
and navigate to where the screen shot was saved.
On the whole I am satisfied with the security of Qubes for now. There is an uneasy feeling to it as the attacker
can setup camp and and control the disposable vm until it is restarted. But Qubes founder Rutkowska is well known in
the security world, and knows virtualization really well, she would have thought thru all the attack vectors.
Last edited:
