Contents
Is Qubes encrypted?
Does Qubes use full disk encryption (FDE)? Yes, of course! Full disk encryption is enabled by default. Specifically, we use LUKS/dm-crypt.
How secure is a virtual machine?
Virtual machines are an isolated environment from the physical operating system, so you can run potentially dangerous stuff, such as malware, without fear of compromising your main OS. They’re a safe environment, but there are exploits against virtualization software, allowing malware to spread to the physical system.
Can Qubes be hacked?
Qubes’ design is based off an important law of software: all programs contain bugs. Some of these are security vulnerabilities. Your computer can get hacked by viewing a Flash video or using javascript in your web browser: this is likely how NSA’s QUANTUM/FOXACID programs hack people.
Why is Qubes free and open source software?
Qubes is free and open-source software (FOSS). This means that everyone is free to use, copy, and change the software in any way. It also means that the source code is openly available so others can contribute to and audit it. Why is OS security important?
What kind of hypervisor does Qubes use?
If the host OS is ever compromised, then any VMs it hosts are also effectively compromised. By contrast, Qubes uses a “Type 1” or “bare-metal” hypervisor called Xen . Instead of running inside an OS, Type 1 hypervisors run directly on the “bare metal” of the hardware.
Are there any privacy risks with Qubes OS?
Privacy is far more difficult than is commonly understood. In addition to the web browser, there is also VM fingerprinting and advanced deanonymization attacks that most users have never considered (and this is just to mention a few examples). The Whonix Project specializes in protecting against these risks.
How does Qubes protect against common attack vectors?
Common attack vectors like network cards and USB controllers are isolated in their own hardware qubes while their functionality is preserved through secure networking, firewalls, and USB device management . Integrated file and clipboard copy and paste operations make it easy to work across various qubes without compromising security.