[Cthulhu_]

Why would you want something like that though? What are the benefits that are worth the huge amount of overhead of having to pass through the internet to connect components?

I mean I get cloud computing and such, but this seems to be aimed as a consumer OS, which is very sensitive to delays and whatnot.

[rectang]

One reason: the prospect of an endless stream of unpatchable Spectre-like hardware vulnerabilities.

The "real problem" exposed by Meltdown and Spectre is running untrusted software on the same hardware where sensitive information resides. Moving away from physical coupling defends against potential sidechannel attacks.

The Qubes approach of "careful decomposition of various workflows, devices, apps across securely compartmentalized containers" seems to point a way forward after this sobering assessment:

http://robert.ocallahan.org/2018/01/long-term-consequences-o...

[blattimwind]

> The "real problem" exposed by Meltdown and Spectre is running untrusted software on the same hardware where sensitive information resides.

Well obviously. Which is why people try to avoid that as much as they can when they are handling actually sensitive information.

> Moving away from physical coupling defends against potential sidechannel attacks.

... is a correct deduction, but using cloud VMs hardly qualifies as following the principle (except if they are only used for lowest-privilege stuff, but even then, the system now requires connectivity). Now you don't know who else is on your hardware, and you don't even control the hardware in the first place.

[kakarot]

Qubes aims to provide both consumer and enterprise workflows, and everything in between. People use computers for all sorts of things. A full Qubes system delivered to a tablet/phone interface is also a fine tradeoff for millisecond GUI delays.