“Joanna Rutkowska, a security researcher known for her work on virtualization security and low-level rootkits, has released a new open-source operating system meant to provide isolation of the OS’s components for better security. The OS, called Qubes, is based on Xen, X and Linux and is in a basic, alpha stage right now. Qubes relies on virtualization to separate applications running on the OS and also places many of the system-level components in sandboxes to prevent them from affecting each other.”
what is the difference between the Qubes OS architecture and the architecture of a “microkerneled” OS?
As far as I know, in a microkernel, all the process isolation provided by hardware is modelled through “servers” that get communicated to each other through some mechanism of interprocess communication. Indeed, L4 (in the same way than Xen in this case) is used as an hypervisor that can run several “personalities”, as several Linux guests (http://os.inf.tu-dresden.de/L4/LinuxOnL4/) or other native ones.
I reckon they are both semantically very close; where these two approaches diverge is the specifics of “implementation”. In relation, an interesting view-point (mind the pun) can also be expressed as to the logical path kernel designers/ programmers have walked towards the result of the microkernel and the bear-metal hypervisor architectures respectively (bottom-up vs. top-down).
One thing I see as inevitable is the not-so-distant-future convergence of both design approaches.
I should add that the pdf [http://qubes-os.org/files/doc/arch-spec-0.3.pdf] provided on the website is a good read, although a bit too cursory when it comes to architectural intricacies. Attack vectors are also investigated.
Would there be additional overhead from a scenario such as ebasconp mentioned (microkernel, servers…)?
Personally I could really use a trustworthy environment for internet banking and the like. This project sounds awesome!
Here is a link to the Qubes OS homepage.
http://qubes-os.org/Home.html
Couldn’t think of an original name?
QubeOS was an operating system from InteractiveStudios years ago that ran within Windows. Remember the slogan, “Qube, it wants to be better”?
Or is QubesOS somehow related to QubeOS?
Wikipedia [ http://en.wikipedia.org/wiki/QubeOS ] says QubeOS was a graphical shell for FreeDOS rather than a complete OS or an “OS inside Windows”
Going by that, I very much doubt QubeOS and Qubes have anything in common what-so-ever.
Besides, with the number of shells and OSs out there -let alone software as a whole – naming similarities are inevitable. What matters is that names aren’t the same, which in this case they’re not.
Edited 2010-04-08 14:32 UTC
Qube installed within Windows, like an application. Maybe FreeDOS was part of the installation package, I don’t know.
That’s beside the point though. Creating a product name that’s only one letter different than an earlier or existing product… remember what happened to Lindows?
Yeah, but it would still only be a shell for DOS.
You’re comparison is flawed:
-> Lindows intended to clone Windows’ look and feel
-> QubeOS and Qubes have /NOTHING/ in common aside a name similarity.
What you’re suggesting is akin to saying “Burger King” should change their name because it sounds the blues legend “BB King”.
Yeah, I remember, Microsoft sued Lindows, but the case finally ended with Microsoft paying Lindows to change their name. They received several million dollars and only had to change their name! That looks like a win to me.
How similar is this to Solaris Trusted Zones? I played with them briefly but am not a security expert. I think this stuff is cool, but I trust myself completely, at least in unix.
I wonder why they have chosen Fedora as their base install. I would have assumed they would have opted for Debian stable or OpenBSD.
I’ve no idea about Debian, but OpenBSD in no way supports Xen, certainly not as a Dom0.