I wanted to take the time and document my journey with Qubes, to give others an insight on this very unusual operating system, why I use it, how I use it, and how it impacted my workflow. I think thats something that isnt really done enough. Most people are, understandably, very quiet about their Qubes usage for one reason or another.
- 2018-2020:
So, the journey began around 2018, when the world wasnt covid-plagued yet. I'm not sure anymore how exactly it went down, but eventually I just found myself browsing for a more secure alternative to Windows / Linux. I found Qubes, read about the Nitropad being certified Hardware and eventually I just ordered one. It arrived a few days later and after being confused for a solid hour I slowly understood how this OS works. Mind you, documentation wasnt that good back then. It was there, no doubts, but it lacked a lot of info IMO.
So, with my nitropad I explored TOR for the first time in years, found some random-chat sites, snooped around archival sites, and just messed around. Eventually I built some Windows (10?) VM to test some malware, as I am somewhat known in that scene for writing my own code and deobfuscating the stuff of others. Here are some pics I found of that time (Turns out they arent from that time, but from that same nitropad, so I'll let it slide):
Despite all that, Qubes was not my main OS at that time, I never even considered it. While yes, I have been running the Qubes OS discord since like day 2, and I've been very vocal about Qubes, it really was just a novelty to me. Not a daily driver.
- Covid days:
During covid I had a lot of free time to do very stupid things, and as some might know, I did. I made a name for myself for all the wrong reasons, and using Windows for my activities got increasingly dangerous. More and more I thought about switching to Qubes fully, but the lack of GPU-acceleration always stopped me from pulling through. So, I continued to run Qubes on the tiny Nitropad, using it on-and-off whenever needed. I met some really cool people throughout the pandemic that also used qubes, and learned a lot from them. Custom community scripts really changed the game for me. Most of my issues were solved with them. All in all, nothing really changed on my opinion towards running it as a main OS tho.
- 2023:
After a call with a friend I randomly decided to give it a shot. I made a copy of all important files, and flashed Qubes onto my main PC. I quickly ran into two issues.
- XFCE was not happy with my displays
- I was not happy with XFCE
The solution to both was obvious, and a friend helped me with it. I switched to KDE, after another hour of troubleshooting my Screen issues were solved, KDE looked beautiful and Qubes was up and running.
Talking about VMs, a lot of people arent sure how to structure theirs, so lets talk about my setup:
-
The colors:
- Figuring out the colors you want to use is the first important thing.
Will you base it on its apps running in each (e.g. discord = blue, vscode = purple, browser = orange), or do you want to make some kind of security-based scheme like I did? Red being the most dangerous, while green is fine to use (we'll talk about why Win10 is green later). Templates are grey, almost "greyed out" as in you cant touch them, because you shouldnt. Black is above red in my case. Be very very careful, dont mess things up, not because it will harm your system, but because it will harm you.
- Figuring out the colors you want to use is the first important thing.
-
What VMs to use:
- What do you need? Debian, Fedora, Arch, Ubuntu even? Thats a good question, and I'm glad you asked. What you really need is a distro you feel comfortable with. It doesnt matter what it is. Dont worry about it. You can harden almost any qube and at the end of the day its important that you are happy with using it. I chose fedora because I prefer it over Debian-based distros, and am not yet unhinged enough to run Arch.
With a fedora template I built most of my qubes.
Mediafor Music, Youtube & Discord.Workfor my business,Bankingshould be obvious, andCodingis for all my projects you can find on github.
You might notice two other qubes that peak your interest:Template builderandgpu-win10.- Template-builder is my dedicated Qube for building Qubes OS templates, and in theory an entire ISO.
- gpu-win10 is my gaming Qube. 32GB of ram, a 3060 using passthrough and 6 Cores assigned to it. It runs games very well, surprisingly enough, at least for now most games with VM detection dont seem to cry either. Will update once im banned, lmao. As to why this VM has the green "trusted" color? Well, its windows. It has shit integration with qubes and needs different hardware to even run. Its incompatibility is a great factor. Another one is that it sits on its own disk. The used GPU is not just excluded from qubes, but also from xen via grub config, and I'm also only using it for games. Nothing else
Last but not least, theres
sys-vpn&sys-mitm. Sys-vpn is another net-qube using Mullvad, and sys-mitm is a qube for man-in-the-middle usage to analyze traffic from untrusted qubes / apps. -
Global settings:
- I wasnt sure what the right settings would be, but eventually I settled on testing releases for all three Source repositories. This comes with some risks ofc, especially the community repos, but I think I will be fine.
- So, where are we now? We are right here:
Running qubes as my main Operating system, being very happy with it. The compartmentalization has allowed me to work with a lot less worry that anything will be compromised. My keys are in a vault, my workflows are separated from all the dangerous things, Google has a harder time to track me around the web, and what I never thought about that does make sense tho; Its a lot more clean and organized now. Back then finding a file on my system was painful. Now its all nice and sorted, thanks to qubes. I also riced my entire system, as you can read about in the customization part of this repo
If you got any questions, feel free to ask me. My email is linked on github, and my Discord tag is ClaraCrazy#6969
Cheers