Qubes OS
Qubes OS is my favorite new Linux distribution. I have been a *nix user since dinosaur days, starting with a version 7 UNIX PDP-11 that would trash the file system everytime it lost power and a System 3 and later 4.2 BSD based 68010 system, an ISI Optimum, I still have from 1984. I have had a bunch of different favorite Linux distributions, starting with Yggdrasil Linux, and continuing through Red Hat Linux, SUSE, Debian and Ubuntu.
Debian Sid was the first one I used with continuous upgrading and I really liked that but of course there have been those Saturday mornings trying to figure out why the video card, sound card, ethernet driver, etc. stopped working due to an update.
I have been really impressed with Ubuntu, they have done a lot to make it just work out of the box. I am really amazed at how well it works given the small size and budget of Canonical. If anyone is starting out with Linux, I highly recommend Ubuntu.
I recently wiped my play system and put Qubes on it. What they have done is cool and it makes a lot of sense. Its my new favorite.
One of the things that worries me continuously is how “Things are getting worse” (Steve Gibson, Security Now Podcast). Every week there are new major companies that are comprimised, the Internet Of Things just appears to be a security train wreck, Travis Ormandy finds serious bugs in a broad swath of projects. I end up feeling like everything I have, everywhere I go, every network, is probably comprimised. Cross site request forgeries, forged domains, compromised routers, password dumps, I hold my breath when opening browser tabs.
From Wikipedia “Qubes OS is a security-focused desktop operating system that aims to provide security through isolation.” You can spin up VMs for different tasks so easily, it makes it conveinent to have environments for different purposes. Worried about cross site request forgeries when doing you banking? You create a separate environment for your banking. Worried about You Tube videos in it that might have a comprimised subtitle stream capable of remote code exec, you create a separate environment. Spinning up and down virtual machines is easy, even compared to Vagrant.
I don’t know if its for the beginner, there is a lot of command line stuff, but I really like it.
Of course if I was a bad guy, I would try to insert code into the Qubes OS project. Maybe I will still hold my breath.
