I installed 4.2 and was rather happy with the UI. The new GUI is better.
The gnome desktop will be important for adoption. XCFE looks ugly in comparison. Equally important is the ease of installation, hardware support, documentation for the bios settings, etc.
XFCE looks very good, but it can look however you make it look. Most people are using it because of technical reasons, not based on how it looks, because they know how to dive deep under the surface of things.
> Most people are using it because of technical reasons, not based on how it looks
Plenty of us consider both. Qubes is the only game in town, and also competing with macOS 14 and Windows 11. These systems look good and are quite usable out of the box.
The take-it-or-leave-it attitude popular with some community members doesn't help much with retention either.
I already know the Qubes-specific bits (templates etc). I don't want to have to put a lot of work into set up just to make it usable visually.
I left Qubes as a daily driver because I could never get watching videos to be a pleasant experience. I believe this is due to the lack of GPU acceleration.
For the modest amount of developer resources they have, 4.2 appears to be a rather significant release.
I found a very good looking theme for XFCE back then, but to make it usable I had to edit it myself and add the colored borders. It's been a while so no longer have all the files.
It needs to look good right out of the box to help adoption.
Thanks. I was a Qubes user for years, across multiple computers. When things worked well, I found it to be easier than a regular Linux install to administer. Despite plenty of time and effort, there were some issues I was never able to resolve. I often ended up either using two computers or dual/triple booting, which tended to result in spending more time in the side that "just works".
How is your personal experience now? Does youtube in a browser work well for you? How about watching a movie saved locally?
Can you switch to gnome for dom0? I thought KDE was the alternative.
Also:
>Another interesting change with this release the use of Xfce editions for Fedora and Debian instead of GNOME to reduce memory usage and provide a better selection of default applications. Marek Marczykowski-Górecki said that Fedora's GNOME template has too many ""problematic"" packages that ""either conflict with something or simply don't work with our GUI agent"".
I generally use i3 for dom0 on my qubes boxes. It works great. There is generally support for a few different options in dom0 but clearly since dom0 is special you need to be mindful of reducing the software footprint as much as possible in my view.
Does Xfce work on Wayland? I would imagine qubes would either use wayland or not provide any windows management if they're focused on security. As I understand it, X11 has a lot of big security vulnerabilities that Wayland fixes, but not having any of that code or functionality to review makes it a lot easier to secure. Like the Alpine mentality.
It's worth trying to understand the qubes security model a bit because it's very different from a normal distro. Essentially dom0 runs the xen hypervisor and then all your "actual work" gets run in various sandboxed vms which are highly protected. Normal vms have the system directories wipe and reset on reboot and there are also transient "tempvms" that literally get completely burned down and have no sideeffects. You can lock down which hardware is accessible from which vms as well as very finegrained control of things like network traffic (including ingress and egress). Clipboard is not shared between vms (although there are ways to explicitly choose to do crossvm cut and paste) and other copying or sharing between vms is also very tightly controlled.
In that context, security vulnerabilities in X11 don't have the same impact as they would in a normal distro. User processes running in a VM don't have the ability to exploit a problem in X11.
Go here https://www.qubes-os.org/faq/ and scroll down to "How does Qubes OS provide security?" to understand better.
As someone in the past that advocated for GNOME, and Gtkmm, with articles written on The C/C++ Users Journal, the less I have to touch GNOME the better.
> For example, installing software on a Fedora desktop is usually as simple as "dnf install package". But installing software to use within a Fedora-based qube requires several additional steps on Qubes OS, plus restarting VMs
If the software is from the main repo, you do the same "dnf install package" in a template. There are no other steps apart from restarting the App VM (which can also be avoided if necessary).
> Then again, it's also not encouraged—Bluetooth isn't considered secure, so why focus on making it easier to configure?
The github issues are nothing more than a wishlist. There doesn't seem to be any serious plans for this feature and no one seems interested in working on it. Limiting the user would require rewriting a large portion of the Qubes tools since they assume that the user has unrestricted access to the Xen API. I have looked at the feasibility of doing this myself in hopes of using Qubes in a corporate context but after looking into the architecture it became clear that I would never have time for such an undertaking.
>in the future a "qube" will be able to run on independent hardware
Qubes Air is vaporware and not under active development. There isn't much more to it beyond that blog post.
Thank you Natalie Eleanor for the global config UI. Linux is very powerful but it's biggest security fault is that users are expected to read the man page and not shoot themselves in the foot. Qubes OS itself makes that risk lesser because of the VM isolation and this is the right next step, to make it's configuration simpler and dummy proof. Users should never be one small mistake away from disaster.
More hardened templates, VM breakout detection and prevention and template integrity auditing with aide would be my top #3 wishlist items.
The gnome desktop will be important for adoption. XCFE looks ugly in comparison. Equally important is the ease of installation, hardware support, documentation for the bios settings, etc.