Slashdot Mirror

← Back to Stories (view on slashdot.org)

Xen-Based Secure OS Qubes Hits 1.0

Posted by Unknown on from the subhurds-for-the-masses dept.

Orome1 writes "Joanna Rutkowska, CEO of Invisible Things Lab, today released version 1.0 of Qubes, a stable and reasonably secure desktop OS. It is the most secure option among the existing desktop operating systems — even more secure than Apple's iOS, which puts each application into its own sandbox and does not count on the user to make security decisions. Qubes will offer users the option of using disposable virtual machines for executing tasks they believe could harm their computer. These VMs will be lightweight, easily and extremely speedily created and booted, and would be just as easy to discard." First covered back in 2010. See some screenshots of the X11 part in action (and they say displaying clients from multiple "hosts" isn't useful...)

3 of 175 comments (clear)

  1. Re:And I feel so safe downloading it.. by 0123456 · · Score: 5, Funny

    Because the first thing I see is:
    Note: Be sure that you use a modern, non-handicapped browser to access the links below (e.g. disable the NoScript and the likes extensions that try to turn your Web Browser essentially into the 90's Mosaic).

    Real men use wget. Or telnet.

  2. I Use Words Good by fm6 · · Score: 5, Informative

    A JVM is called a virtual machine, but it isn't virtual machine in the same sense as the one provided by Xen. The JVM is a simple bytecode interpreter/compiler. It sort of emulates a machine, but not a complete machine. It runs in user space on top of the native OS and cannot run an OS of its own.

    Xen is a hypervisor whose virtual machines emulate a complete system. It doesn't just run the application program, it runs the whole bloody OS. The virtual machine has virtual disks, virtual memory, a virtual processor, even a virtual reset button, Support for this virtualization is built into modern processors, so it occurs at a very low level.

    I imagine a sufficiently clever hacker could think of a way to bypass the guest OS and the hypervisor and do wacky things, But it's one hell of a lot harder than breaking out of a JVM sandbox.

  3. Re:And I feel so safe downloading it.. by Black+LED · · Score: 5, Insightful

    If your site breaks because the client doesn't have JavaScript enabled, then you are doing it wrong. The site should gracefully degrade so that anyone can use it.