OS RECO -QUBES 4.1.1, using virtualization to isolate applications

formed the operation of the operating system quarts 4.1.1 , which implements the idea of ​​using a hypervisor for strict insulation of applications and components of the OS (each class of applications and system services operate in separate virtual machines). For work you need system with 6 GB of RAM and 64-bit CPU Intel or AMD with vt- support for VT- X C EPT/AMD-V C RVI and VT-D/AMD Immu, preferably the presence of GPU Intel (GPU NVIDIA and AMD are not well tested enough). Size of the installation image – 5.5 GB.

Applications in QUBES are divided into classes depending on the importance of the processed data and solved tasks. Each class of applications (for example, work, entertainment, banking operations), as well as system services (network subsystem, inter-network screen, repository work, USB glass, etc.), operate in separate virtual machines launched using the XEN hypervisor . At the same time, these applications are available within the framework of one desktop and are allocated for clarity with different colors of the window frame. Each environment has access to reading to the basic root FS and local storage, not intersecting with storage facilities of other environment, a special service is used to organize the interaction of applications.

The package base of Fedora and Debian can be used as the basis for the formation of virtual environment, the community also supports templates for Ubuntu, Gentoo and Arch Linux. It is possible to organize access to applications in a virtual machine with Windows, as well as the creation of virtual machines based on Whonix to ensure anonymous access through Tor. The user shell is based on XFCE. When the user starts the application from the menu, this application starts in a specific virtual machine. The content of virtual environment is determined by a set of templates.

In the new issue, only updating versions of the programs that form the basic systemic environment (DOM0) were noted. A template has been prepared for the formation of virtual environment based on Fedora 36. The default is proposed the Linux 5.15 core. On August 4, it is planned to stop the escort of the QUBES 4.0 branch, it is recommended that users of the old branch switch to the use of Qubes 4.1.

/Media reports.