Linked by fvillanustre on Sun 1st May 2011 21:51 UTC
Linux "Qubes OS comes from an elegant concept: if you can isolate functional components within disposable containers, and you can separate those components that can be tainted through their interaction with the outside world from the core subsystems, you stand a good chance to preserve the integrity and security of the base Operating System at the possible expense of needing to jump through some hoops to move data around the system. All in all it sounds like a good proposition if it can be demonstrated to be practical." Read the full review.
Thread beginning with comment 471531
To view parent comment, click here.
To read all comments associated with this story, please click here.
Not2Sure
Member since:
2009-12-07

Yes but we're talking about protecting users from themselves. Hardware has vastly outstripped the performance needs of most users. That's why this big "end of the pc"/tablet/smartphone movement has any legs at all and why ARM is becoming so attractive with its much lower power usage/performance ratio.

For probably 90% of most corporate/enterprise users the performance penalty paid by all this virtualization/context switching would be negligible on current hardware compared to the needs of the task that is putting the system at risk, (browsing, installing questionable/untrusted executables, viewing email attachments in unsecure plugins/viewers, etc). The more we go down the absurd road of let's turn the browser into an operating system with hardware acceleration, webGL, etc that will perhaps be less true.

I think the biggest hurdle facing user adoption is making its use painless/seamless. Remember (one of?) the biggest gripes about Vista in the enterprise was all those UAC dialogs. Qubes seems to paint each "domain" in a different color window which is a nice UI cue, but graduating data from one domain to the other beyond the copy/cut/paste metaphor is always the sticking point.

And while it isn't absolutely a new concept, it is a project worth watching imho.

Reply Parent Score: 1

r_a_trip Member since:
2005-07-06

Yes but we're talking about protecting users from themselves.

A noble idea, but software can't protect against user ignorance. Once you foolproofed a thingamajig, nature goes and invents a bigger fool.

Education would solve a lot of problems out there, but somehow the belligerent end-user won. Now techies are trying to find ways to let untrained individuals wield tremendous power without causing too much damage. Which is strange, because every other powertool comes with the expectation that anybody wielding it knows how to operate one.

A multipurpose computer simply isn't a toaster and treating it like one will, sooner or later, get you burned.

Not that it ultimately matters. Some belligerent end-user or a brainwashed techie will label me an elitist and the quest for uneducated toaster computing will hurry forward unabashed.

As a aside, maybe uneducated computing will become a reality with true A.I. Then again, the computer may opt to kill the dunce who is trying to give it commands :-)

Reply Parent Score: 6

orestes Member since:
2005-07-06

UAC was intentionally designed to be annoying, to raise awareness of apps running as administrative users without good reason and trigger a sort of roundabout kick in the pants to developers via annoyed users.

I absolutely agree though that the big issue will be putting the metaphors into a scheme that feels natural to use for the average user instead of feeling like it's fighting against the user.

If the features are compelling enough the performance hit will be overlooked, just like it has been in most of the big jumps in computing.

Reply Parent Score: 3

Neolander Member since:
2010-03-08

UAC was intentionally designed to be annoying, to raise awareness of apps running as administrative users without good reason and trigger a sort of roundabout kick in the pants to developers via annoyed users.

And in case users were not knowledgeable enough to know about this, and simply blamed the operating system and ignored/disabled the warnings as they remained overly common, what was Microsoft's plan ?

Edited 2011-05-02 12:16 UTC

Reply Parent Score: 1

WorknMan Member since:
2005-11-13

For probably 90% of most corporate/enterprise users the performance penalty paid by all this virtualization/context switching would be negligible on current hardware compared to the needs of the task that is putting the system at risk


I hate when people say 'For 90% of users out there...". What they're really saying is "we're about to piss off the other 10%", and I always seem to be a part of that 10%.

Reply Parent Score: 3

Neolander Member since:
2010-03-08

View it in a positive light : you're exceptional and unique ;)

Reply Parent Score: 2

Fergy Member since:
2006-04-10

For probably 90% of most corporate/enterprise users the performance penalty paid by all this virtualization/context switching would be negligible on current hardware compared to the needs of the task that is putting the system at risk


I hate when people say 'For 90% of users out there...". What they're really saying is "we're about to piss off the other 10%", and I always seem to be a part of that 10%.

It is even worse. What is actually true is that 90% of the _time_ users don't use more than 10% of the system. But that single time that you need to do something and you can't makes you switch back to full featured versions.

Edited 2011-05-03 11:25 UTC

Reply Parent Score: 2