Qubes OS, the security-focused operating system that Edward Snowden said in November he was “really excited” about, announced this week that laptop maker Purism will ship their privacy-focused Librem 13 notebook with Qubes pre-installed.
Built on a security-hardened version of the Xen hypervisor, Qubes protects users by allowing them to partition their digital lives into virtual machines. Rather than focus solely on security by correctness, or hide behind security by obscurity, Qubes implements security by isolation – the OS assumes that the device will eventually be breached, and compartmentalises all of its various subsystems to prevent an attacker from gaining full control of the device. Qubes supports Fedora and Debian Linux VMs, and Windows 7 VMs.
Purism is also aiming to eventually have a completely open laptop – top to bottom – but they’re not quite there just yet (e.g. BIOS is still a major issue).
There is a nice article linked via the Qubes site that discussed this and other issues.
http://blog.invisiblethings.org/papers/2015/x86_harmful.pdf
Well worth a read.
Can i block gtk from being installed? deb pinning is rather nice that way, i can block an entire package like gtk-3.0-bin, systemd, pulseaudio, network-manager and keep gtk and most dependencies out when installing meta-packages or pakages with larger dependencies.
From here: https://www.qubes-os.org/intro/
“Qubes is a security-oriented operating system (OS). The OS is the software which runs all the other programs on a computer. Some examples of popular OSes are Microsoft Windows, Mac OS X, Android, and iOS.”
So … Linux is not popular enough yet?
Yeah, I know Android is based on Linux kernel, but … sincerely …