Qubes The OS for Desktop Strong Security version Beta 1 released
Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps
Qubes implements Security by Isolation approach. To do this, Qubes utilizes virtualization technology, to be able to isolate various programs from each other, and even sandbox many system-level components, like networking or storage subsystem, so that their compromise don’t affect the integrity of the rest of the system.
Qubes lets the user define many security domains implemented as lightweight Virtual Machines (VMs), or “AppVMs”. E.g. user can have “personal”, “work”, “shopping”, “bank”, and “random” AppVMs and can use the applications from within those VMs just like if they were executing on the local machine, but at the same time they are well isolated from each other. Qubes supports secure copy-and-paste and file sharing between the AppVMs, of course.
The Qubes architecture is described in this PDF document (sig).
Key features of this architecture are:
- Based on a secure bare-metal hypervisor (Xen)
- Networking code sand-boxed in an unprivileged VM (using IOMMU/VT-d)
- No networking code in the privileged domain (dom0)
- All user applications run in “AppVMs”, lightweight VMs based on Linux
- Centralized updates of all AppVMs based on the same template
- Qubes GUI virtualization presents applications like if they were running locally
- Qubes GUI provides isolation between apps sharing the same desktop
Hardware Requirements
Minimum:
- 4GB of RAM
- 64-bit Intel or AMD processor (x86_64 aka x64 aka AMD64)
- Intel GPU strongly preferred (if you have Nvidia GPU, prepare for some troubleshooting; we haven’t tested ATI hardware)
- 10GB of disk (Note that it is possible to install Qubes on an external USB disk, so that you can try it without sacrificing your current system. Mind, however, that USB disks are usually SLOW!)
Additional requirements:
- Intel VT-d or AMD IOMMU technology (this is needed for effective isolation of your network VMs)
If you don’t meet the additional criteria, you can still install and use Qubes. It still offers significant security improvement over traditional OSes, because things such as GUI isolation, or kernel protection do not require special hardware.
Note: We don’t recommend installing Qubes in a virtual machine!
Download installer ISO
You can download the ISO and the digital signature for the ISO from here: