In a world where it’s impossible to guarantee that code is free of security vulnerabilities, how can you guarantee your privacy? Qubes OS, a Linux-based, privacy-focused operating system, offers a solution.
Qubes takes a somewhat unconventional approach to privacy and security. Rather than focusing on guaranteeing that their code is free of security bugs — a promise that is essentially impossible to make — the Qubes developers adopt a method they call “security by compartmentalization.”
The main idea behind this strategy is to isolate different programs and data sources from one another as much as possible. That way, attackers who gain access to one part of the system are not able to compromise all of the user’s privacy.
Qubes 3.0, the most recent version of the OS, implements compartmentalization using virtual machines that run via the Xen hypervisor. Applications, networking, data storage and even device drivers all run in separate virtual machines that are securely isolated from one another. If a bug allows attackers to break into one of the virtual machines, the rest of the system remains secure.
At the same time, Qubes aims to provide a seamless user experience by letting applications communicate with one another across virtual machines. It also integrates all applications into a graphical desktop environment in a way that makes them appear to be running on the same system. The result is that Qubes looks and feels to the user like a traditional desktop operating system, even though the configuration is much more complex behind the scenes.
Qubes also provides optional support for secure system boot, which helps users ensure that rootkits or hardware-level malware do not compromise their privacy.
Qubes has made headlines recently as one of Edward Snowden’s preferred operating systems. If it helped him hide his identity and protect sensitive data, there’s a good chance it will meet the needs of many other privacy-minded users as well.