Linked by fvillanustre on Sun 1st May 2011 21:51 UTC
Linux "Qubes OS comes from an elegant concept: if you can isolate functional components within disposable containers, and you can separate those components that can be tainted through their interaction with the outside world from the core subsystems, you stand a good chance to preserve the integrity and security of the base Operating System at the possible expense of needing to jump through some hoops to move data around the system. All in all it sounds like a good proposition if it can be demonstrated to be practical." Read the full review.
Permalink for comment 471531
To read all comments associated with this story, please click here.
Not2Sure
Member since:
2009-12-07

Yes but we're talking about protecting users from themselves. Hardware has vastly outstripped the performance needs of most users. That's why this big "end of the pc"/tablet/smartphone movement has any legs at all and why ARM is becoming so attractive with its much lower power usage/performance ratio.

For probably 90% of most corporate/enterprise users the performance penalty paid by all this virtualization/context switching would be negligible on current hardware compared to the needs of the task that is putting the system at risk, (browsing, installing questionable/untrusted executables, viewing email attachments in unsecure plugins/viewers, etc). The more we go down the absurd road of let's turn the browser into an operating system with hardware acceleration, webGL, etc that will perhaps be less true.

I think the biggest hurdle facing user adoption is making its use painless/seamless. Remember (one of?) the biggest gripes about Vista in the enterprise was all those UAC dialogs. Qubes seems to paint each "domain" in a different color window which is a nice UI cue, but graduating data from one domain to the other beyond the copy/cut/paste metaphor is always the sticking point.

And while it isn't absolutely a new concept, it is a project worth watching imho.

Reply Parent Score: 1