Do you daily drive Qubes? I'd be curious to hear about your experiences. I've been following the project from the sidelines for years, but haven't taken the leap.
Do you hate GPU acceleration? Do you hate using most hardware? Do you like using Xorg? Then Qubes is for you.
This is in jest, but those are my pain points - the AMD thinkpad I have can't run it, the Intel one melts yubikeys when decoding h264 video. The default lock screen can't read capital letters from the yubikeys static password entry. Qubes has a certain user that it caters to, I really wish they could get enough money to be able to cater to more use cases. It is not difficult to use it if it works for you.
Nobody uses "most hardware". You may be unlucky with your hardware, then it's a problem. Or you can specifically buy hardware working with the OS you want.
Yes, I daily drive Qubes. It's an amazing feeling to feel in full control over your computing and not being afraid to open any links or attachments. Here is my Qubes OS Elevator Pitch: https://forum.qubes-os.org/t/how-to-pitch-qubes-os/4499/15
Just FYI, there are some people that vastly exaggerate the security it provides. For the most part, you're just as safe using flatpak versions of applications.
Apart from the fact that this is extremely rare, the first vulnerability is not a complete escape. For example, any offline vault VM storing secrets stayed secure. This is just not happening with any other security approach.
Speculative sidechannel attacks have nothing to do with OS or compartmentalization technology, since they are the problem of CPUs. Nothing can help here, so this is irrelevant to this discussion. Except that Qubes Air will save you in the future: https://www.qubes-os.org/news/2018/01/22/qubes-air/
> Apart from the fact that this is extremely rare,
So are bubblewrap escapes, which is the sandbox flatpak uses.
> the first vulnerability is not a complete escape.
It could potentially lead to one, and being able to obtain information from other VMs defeats much of the point of isolation, and so defeats much of the point of why people use qubes.
> For example, any offline vault VM storing secrets stayed secure. This is just not happening with any other security approach.
That's not true. Strong MAC would suffice, no VT-d needed.
> Speculative sidechannel attacks have nothing to do with OS or compartmentalization technology
Of course they do, in fact they have more to do with it than solutions like flatpak, which is why Qubes releases security advisories and patches to address those vulnerabilities.
>> Apart from the fact that this is extremely rare,
> So are bubblewrap escapes, which is the sandbox flatpak uses.
Not only they are much more frequent, including possibly kernel privilege escalations, not affecting Qubes, - the bubblewrap repository itself says that you have to be really careful to stay secure with it, even in the lack of vulnerabilities. This is not what people should seriously rely on. Again, my secrets in vault VM are safe since the introduction of VT-d in Qubes 4.0 in ~2021. There is no comparably secure OS in the world.
I don't understand your unsubstantiated attack on Qubes.
> and being able to obtain information from other VMs defeats much of the point of isolation
It does not. Even if a VM becomes hostile and starts reading the RAM, it will not get any privileges in any other VM. Also, it can be easily cleaned. Also, you can just stop all VMs when performing a secure operation. Tell me how you protect yourself in such case with Flatpak.
This is in jest, but those are my pain points - the AMD thinkpad I have can't run it, the Intel one melts yubikeys when decoding h264 video. The default lock screen can't read capital letters from the yubikeys static password entry. Qubes has a certain user that it caters to, I really wish they could get enough money to be able to cater to more use cases. It is not difficult to use it if it works for you.