is available Issue of the operating system qubes 4.2.2 , which implements the idea of using a hypervisor for strict isolation of the OS (each application class and system services work In separate virtual machines). To work is recommended system with 16 GB of RAM (minimum-6 GB) and 64-bit CPU Intel or CPU Intel or AMD with technology support VT-X C EPT/AMD-V C RVI and VT-D/AMD IMMU, preferably the presence of GPU Intel (GPU NVIDIA and AMD are not tested enough). Size installation image – 6 GB (x86_64).
Applications in Qubes are divided into classes depending on the importance of processed data and the tasks to be solved. Each class of applications (for example, work, entertainment, banking operations), as well as system services (network subsystem, inter-sequenary screen, storage work, USB glass, etc.), operate in separate virtual machines launched using the Xen hypervisor . At the same time, these applications are available within the framework of one desktop and are allocated for clarity with different colors of the window frame. Each environment has access to reading to the basic root FS and local repository, not intersecting with storage facilities of other environment, a special service is used to organize the interaction of applications.
The package base of Fedora and Debian can be used as the basis for the formation of virtual environment, the community also supports templates for Ubuntu, Gentoo and Arch Linux. It is possible to organize access to applications in a virtual machine with Windows, as well as the creation of virtual machines based on Whonix to ensure anonymous access through Tor. The user shell is based on XFCE. When the user starts the application from the menu, this application starts in a specific virtual machine. The content of virtual environment is determined by a set of templates.
The new issue notes the update of versions of programs that form the basic systemic environment (DOM0). A template has been prepared for the formation of virtual environment based on Fedora 40.
In a branch of 4.2, to protect against attacks related to manipulation with Unicode-symbols and incorrect characters in file names, restrictions associated with the use of advanced characters in file names were introduced. This change led to problems with copying and moving files containing not Latin letters in the name. In version 4.2.2, the default old behavior was restored when processing files, and to configure the Qubes.filecopy service “Allow -all-Names”.