If you can't pitch it yourself, I don't see the point, the first link is just about paranoia.
Were you ever curious but afraid:
– to click on that link in the email,
– to open that email attachment,
– to go to that shady-looking website,
– to install and run that suspicious program or even a virus,
– to insert that USB stick from someone untrusted?
Wth Qubes you do it all securely in a disposable VM and your personal files are safe. The worst thing which might happen is that the disposable VM breaks.
If the pitch is to make people paranoid to run a new OS they need to learn isolation on, there are way easier ways like running a normal VM, which most people are still not going to understand very well or do.
> If you can't pitch it yourself, I don't see the point
I linked my own text.
Security is one benefit, and I agree that it's not so important for everyone. There are other benefits, as described. A normal VM is much less secure, because the host OS will have the Internet access and you will not benefit from hardware virtualization. It's also less convenient in my opinion. The UX of Qubes is really good.
>Were you ever been concerned about opening your personal email (controlling numerous online accounts) in the same browser where you go to random websites? Actually, even when the browsers are different it can be a problem on a monolithic OS!
Mozilla has containers that people also barely use.
>On Qubes OS, you open those things in separate VMs, isolated with hardware, not software. It’s often better 2 than physical (air-gap) isolation. Recommended by Snowden.
>Are you tired of remembering tens of complicated passwords, or using a password manager? On Qubes OS, you can save all your passwords as plain text (in a dedicated offline VM) and copy them into the necessary fields (in other VMs) whenever needed.
Password managers are fine, why would someone tire of them?
I don't think you are pitching it correctly, if you want to succeed at selling Qubes, remember most people use laptops, the amount of ram required to run Qubes and the battery drain is not worth it for the performance hit. It would be much better to sell it as an OS on a remote computer that uses Xen, there are huge problems like audio quality, slow loading, and I would never recommend it as a mobile device OS. Most of the benefits are done with less resource intense methods, and learning a new OS for most of these features and mainly drawbacks is not a good pitch. I think it would be great on a remote device with your computer as a thin client, but it has very little day to day practical use.
> Mozilla has containers that people also barely use.
Does this mean that nobody needs security or privacy? It just means that it's too hard to use (not transparent to users) and probably that most users do not recognize the dangers.
> Password managers are fine, why would someone tire of them?
Well, at least for me plain text file looks quite a bit easier to manage. Thank you for the feedback, I will try to improve that.
The performance hit mostly comes from the lack of GPU acceleration. RAM is getting cheaper and more available with time. My laptop has 32 GB. Battery drain could be worth the added security and organization of the workflows. It is for me. I did not notice any problems with the audio quality.
> It would be much better to sell it as an OS on a remote computer that uses Xen
I am not sure what you mean here. Could you elaborate the use case? By giving the remote access to dom0 you are practically breaking the whole security model of Qubes. Although it is possible.
> Most of the benefits are done with less resource intense methods
It's a huge difference. When was the last time someone escaped VT-d virtualization?
> and learning a new OS for most of these features and mainly drawbacks is not a good pitch
Actually you do not need to learn anything serious unless you need some advanced things. Qubes relies on Linux VMs, and you just use all their apps and stuff. This could probably be another pitch point.
>According to your own link, these XSAs do not affect Qubes 4.0
Yes its been updated since, but the point is its still PCI linked, which you probably use.
>Does this mean that nobody needs security or privacy? It just means that it's too hard to use (not transparent to users) and probably that most users do not recognize the dangers.
It means that this is overkill, and even when its easier to use its still not being utilized.
>The performance hit mostly comes from the lack of GPU acceleration. RAM is getting cheaper and more available with time. My laptop has 32 GB. Battery drain could be worth the added security and organization of the workflows. It is for me. I did not notice any problems with the audio quality.
Needing to buy 32GB of ram to run an OS on a laptop that works fine now isn't a selling point, I had tons of crackling.
>I am not sure what you mean here. Could you elaborate the use case? By giving the remote access to dom0 you are practically breaking the whole security model of Qubes. Although it is possible.
It would be better as a server OS you VNC into.
>It's a huge difference. When was the last time someone escaped VT-d virtualization?
In the real world, it doesn't matter, its a nuclear bomb shelter, I would rather build a house with a fancy kitchen for cheaper.
>Actually you do not need to learn anything serious unless you need some advanced things. Qubes relies on Linux VMs, and you just use all their apps and stuff. This could probably be another pitch point.
It isn't easy to get used to the isolation of all instances especially if you use more than one computer, and other people's computers.
The pitch is that your computer is more secure (from what real world threats?) at the cost of huge battery drain, going from needing 8GB comfortably to 32GB, slower from PVH that gives problems like no GPU acceleration, while its still running insecure backdoors like Intel ME, or AMD PSP, which are far more dangerous.
> while its still running insecure backdoors like Intel ME, or AMD PSP, which are far more dangerous
My computer has disabled and neutralized Intel ME.
Qubes PVH virtualization has no practical effect on performance. Qubes works great for me for everything that a non-sophisticated user would want, except games. RAM is cheap.
> (from what real world threats?)
Any serious privilege escalation which happen every month on all other systems.
>My computer has disabled and neutralized Intel ME.
So why don't you make that the top priority before Qubes? Isn't it essential to make sure every user of Qubes does the same? Locking the screen door without locking the front door isn't at all secure. Do you expect the people worried about an email to flash the BIOS with an clip connected to their Pi or Arduino they programmed first? Its a sales pitch that ignores bigger issues. Most people from that pitch if convinced will have a false sense of security when the real threat is an ever present backdoor that can be hacked.
>Qubes PVH virtualization has no practical effect on performance. Qubes works great for me for everything that a non-sophisticated user would want, except games. RAM is cheap.
People like to play games, not everyone has removable ram or multiple slots, and if it has no practical performance effect, what computer do you have? I bet your computer isn't a generic dual core that most people have. You said it has no GPU acceleration, which a lot of browsers use, so it wiil be much slower for most people.
>Any serious privilege escalation which happen every month on all other systems.
Again, what real world threats? You say serious, but these threats are not serious, if they were, you wouldn't need to convince anyone to use qubes. There are not real issues, BSD servers that don't update or reboot for years wouldn't exist if there were actually any serious threats. Windows has automatic updates, Linux has quick patching, OSX had a bunch of RCEs corrected and no hacks. You fail to name a single concrete threat. Its cool if you want to run a bunch of VMs, but on a laptop that you need 32GB of ram, that depletes battery life more, and for some vague "serious privilege escalation"? Its a hard sell, better to suggest it as a remote desktop that you can control with a thin client.
Yes, it would be ideal to have everything open and controllable. However you need to take into account the bitter reality and go step by step. Are you aware of any possibility of remote access with Intel ME? I'm not. See also: https://forum.qubes-os.org/t/intel-me-real-threat-for-ordina....
> Do you expect the people worried about an email to flash the BIOS with an clip connected to their Pi or Arduino they programmed first?
I did not do it myself and I don't expect that people will do it, too. I bought my Librem 15 as it is, and recommend to everyone. (It's not sold anymore, Librem 14 replaced it.) See also recommended computers: https://forum.qubes-os.org/t/community-recommended-computers.
> I bet your computer isn't a generic dual core that most people have.
It's actually dual-core i7-6500U.
> People like to play games
Sure. These people unfortunately are not the target audience of Qubes, unless they are ready to do GPU passthrough (which has been shown to work).
> not everyone has removable ram
So what? Do you suggest to give up? People who are aware of dangers of the Internet could choose their next machine to be compatible with Qubes and allowing more security and control.
> You said it has no GPU acceleration, which a lot of browsers use, so it wiil be much slower for most people.
Bloated websites are slow, almost independently on what machine you have. User-friendly websites work flawlessly for me. Youtube works fine.
> but these threats are not serious, if they were, you wouldn't need to convince anyone to use qubes.
Are you implying that every person knows everything about their threats and makes perfectly logical decisions? This is not a game with complete information: https://en.wikipedia.org/wiki/Complete_information. People need security even if they do not realize it yet (until their data is leaked, which happens very often nowadays).
> BSD servers that don't update or reboot for years wouldn't exist if there were actually any serious threats
I don't see the logic here. There are millions of hacked servers in the world used for spam and DDoS attacks. Where do you think they come from? (hint: not just from IoT devices)
> Windows has automatic updates, Linux has quick patching
Before it is patched, you are vulnerable. It's called a "zero-day vulnerability". And you are typically not aware of it when it happens. Also, vulnerabilities in browsers are also numerous and frequent.
> better to suggest it as a remote desktop that you can control with a thin client
I don't get it. You are going to connect to a "secure" server from an insecure machine with full access. Do you expect that your server stays secure after that?
You also did not mention that Qubes defends you from simply broken software which you sometimes have to install, which could make your system unstable.
> but on a laptop that you need 32GB of ram, that depletes battery life more
Are you aware that a lot of people today are using a laptop as their desktop home computer? I do.
Also, note that I'm not trying to literally sell anything. I'm just a happy Qubes user and I think that more people deserve better security for their computing.
I see pitching as sales. Yes, I think qubesOS is perfect for people who worry about privacy, opening emails, still want a PC over a tablet or phone, do not have Intel ME/AMD PSP and will spend much more for lesser hardware to purchase one without or are willing to do so themselves, do not play games, battery life not as important, have an i7 with expandable ram up to 32GB, do not install patches often, and are willing to isolate their programs in VMs.
>Are you aware that a lot of people today are using a laptop as their desktop home computer? I do.
False, most are using mobile like phones and tablets as their main computer, desktops and laptops have declined for over a decade.
>I don't get it. You are going to connect to a "secure" server from an insecure machine with full access. Do you expect that your server stays secure after that?
Lots of ifs, like if I installed a hardware keylogger onto your computer.
>I don't get it. You are going to connect to a "secure" server from an insecure machine with full access. Do you expect that your server stays secure after that?
Yes, XEN and hardware virtualization keeps it all safe. VMs like those on Qubes work the same way. Most laptops don't have good virtualization hardware, expandable ram, or decent processors. Connecting to a server doesn't compromise it in any real world scenarios, the same way if I remote access your laptop through mine, root ssh is not common, and you'll have it isolated in a VM anyway won't you?
Were you ever curious but afraid: – to click on that link in the email, – to open that email attachment, – to go to that shady-looking website, – to install and run that suspicious program or even a virus, – to insert that USB stick from someone untrusted? Wth Qubes you do it all securely in a disposable VM and your personal files are safe. The worst thing which might happen is that the disposable VM breaks.
If the pitch is to make people paranoid to run a new OS they need to learn isolation on, there are way easier ways like running a normal VM, which most people are still not going to understand very well or do.