What's your opinion about QubesOS ? Is it really more secure?

Is anyone here using QubesOS ? This is their website.

In your opinion is QubesOS really more secure in comparison to popular distros like Ubuntu, Debian, Arch, Fedora, etc ?

Absolutely - it is more secure.
Unless you’re doing some stupid things inside of it, of course, since main reason for security & privacy breaches is still a human factor.

But that’s mostly something for real tin-foil-hatters (meaning investigative journalists, political dissidents, wistle-blowers and Edward Snowden) :male_detective:

P.S. Even better to use Qubes-Whonix


What the QubesOS team has done to achieve the kind of security they have achieved, can I do the same manually under EndeavourOS ?

The minimum system requirements for QubesOS is 6GB & I have only 4GB. The other thing is I don’t want to miss this forum.

What is this “isolation” thing ? Isn’t it just a fancy name for virtualization ? If I install virtualbox under EndeavourOS will I be able to achieve the same kind of security the Qubes offers ?

I don’t think there is any requirement to actually use EndeavourOS to be on this forum. Of course, the chances you’ll get quality support for other operating systems are much slimmer, but other than that, everyone is welcome here, so it seems.

1 Like

I seriously doubt that you need such kind of security features in the first place, there is way too much to list here.

Main point for CubesOS itself - is full containerization / isolation of all programs / processes, that’s why it costs some performance to achieve it. meaning if you launch some program system doesn’t know about it, nor program knows about the system.

There is no simple answers for such complicated questions, but you can read FAQ / Docs or watch some video reviews.

No, unless it’s properly installed / configured Whonix, but it won’t use containers of course, it will just isolate from your host.

1 Like

I this case you have isolated your host EnOS from Your guest system. What is inside guest can still lack in security and what you do in there still can compromise your privacy.

Without Whonix it won’t btw, any different OS in VirtualBox can easily track your host :wink:

1 Like

Your privacy can still be compromised even though everything in the system is routed over TOR depending on what you do over TOR. That is how I understand it but I might be wrong.

Not exactly, coz security is not only about internet connection route, it’s about the fact that Whonix is connected to TOR through another layer (VM inside VirtualBox) called Gateway.

So your actual guest which is called Workstation doesn’t see anything (including hardware etc) about your real host.

Although your point is still valid, meaning if you do something really stupid inside Whonix - you will be compromised on some level :laughing:


Of course, if you use Whonix wrongly, you can still be vulnerable. There is nothing that can compensate for the human factor.

When I am really paranoid, I use a computer that is not connected to any network (and this is the only way I would ever use windoze in my private time…).


@keybreak @pebcak @Kresimir
So under QubesOS all web traffic is routed through Tor by default ? I tried to learn what whonix is & I found this page & its a little confusing. It says whonix provides both anonymity & isolation & it claims to a an OS by itself.

What’s the connection between whonix & QubesOS ?

That was my point. Unless one creates a whole new persona isolated totally from the “real life”. Perhaps only then one could assume that the level of anonymity that TOR offers can serve the purpose of the privacy of my real person. Perhaps :sweat_smile:

I am paranoid about both security & privacy but if the purpose of Whonix is defeated if a user simply download a file from the web that is just too extreme for me. I don’t think I can cope with that kind of restrictions.

QubesOS is the host OS, Whonix is what’s running in a VM (one of the options).

Please read FAQ, it’s hard to answer everything that’s already written, they directly write that to achieve such you need to use Qubes-Whonix layer.


But what might be a limiting factor in your case could be the amount of your RAM. QubesOS is out of the question. Even with Whonix alone, it will start two instances of VMs each requiring a certain amount of RAM from your host.

1 Like

Read the FAQ & now its clear.
Let me elaborate the question I asked before. What I have learned about QubesOS is that it uses isolation. So you keep all your private data like family photos, music, videos in an isolate VM which is not connected to the internet & you access the internet using another VM which is connected to the internet. So even if you get hacked all your private data is not accessible by the hacker.

Is this the correct understanding ?

So if I care about security only & not too much concerned about anonymity why cant I just install whatever distro under virtualbox put it in bridged mode & use only that to access the web and disconnect the host using NM applet. So only the VM is connected to the internet & not the host & all my personal data is safe.

What’s the flaw in this theory ?

Yes, its a sad reality.

Since you used the confused smiley let me explain. What I mean is even privacy & security costs money. You need a descent amount to RAM to run Qubes. So you have to pay even for security. Thats the reality & its just sad .

There is one exception to this & that’s Linux. Mainstream distros are both secure & free although maybe not as secure as Qubes.