Turn your IT hobby into a job!! Learn Linux and other skills with ITPro: ntck.co/itprotv (30% off FOREVER) *affiliate link 🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy TIMESTAMPS --------------------------------------------------- 0:00 ⏩ Intro 1:00 ⏩ What is Qubes OS? 3:55 ⏩ How Qubes works - App Qubes 5:40 ⏩ Service Qubes 7:41 ⏩ Qubes OS SYSTEM REQUIREMENTS 9:28 ⏩ STEP 1 - Qubes OS Install - Download Qubes 10:35 ⏩ STEP 2 - Virtual Machine Setup 13:33 ⏩ STEP 2 - Physical Machine Setup 15:46 ⏩ STEP 3 - Installing Qubes OS 17:17 ⏩ LINUX QUIZ CHALLENGE!! 18:42 ⏩ STEP 4 - Initial Qubes Configuration

@Ghostremz

5 ай бұрын

Ok

@explore9451

5 ай бұрын

Where did you get the 1TB SSD?

@explore9451

5 ай бұрын

I am using internal SSD, what do I do for that?

@sammyfromsydney

5 ай бұрын

So what happens if the template gets hacked? e.g. if a hack makes its way into Fedora, and you update? There goes your isolation.

@beeztherapy

5 ай бұрын

hey im 15 a pentester think we can Collab if so reply to this comment or reply on one of my videos

One useful analogy that I explain to people about security. You basically have a slider. At one end is secure and at the other end is usable and your risk tolerance sets the slider position.

@notafbihoneypot8487

5 ай бұрын

This is Over simplified way saying it for a Complex system.

@fuzzytincan

5 ай бұрын

Inverse correlation

@notafbihoneypot8487

5 ай бұрын

@@fuzzytincan piss

@Arachnoid_of_the_underverse

5 ай бұрын

You are only as secure as the weakest part of your system.

@ChrisWijtmans

5 ай бұрын

not neccesarily, even if your system is compromised at for example UEFI level(which every consumer computer is compromised at that level), if you can properly isolate your work environment then there is a good chance its still protected.@@Arachnoid_of_the_underverse

I drank the QubesOS Cool Aid for a few months, but I got out of it. It's important to understand that, like all security models, this system is only able to protect you from the specific threat model it was designed for. In particular, QubesOS was designed to protect from information leaks caused by software flaws.

@AceGod7

5 ай бұрын

pls elaborate?

@JustAnotherAlchemist

5 ай бұрын

@@AceGod7 Ever hear your friend or family talk about how their social media account got hacked? Well... the account didn't get hacked *THEY* got hacked, by getting tricked into doing something dumb. By far, the largest percentage of "hacks" on the internet are social engineering, not software exploitation. QubesOS protects you to a very high degree of confidence from software flaws. It doesn't stop you from being dumb on the internet though.

@alexdubois6585

5 ай бұрын

I'll try to answer but obviously I can't read his toughts... Qubes OS is extremely good at compartmenting your activities (and no contrary to what @NetworkChuck said, setting up VMs is not as secure (there are some explaination in the Qubes OS documentation). But it won't protect you against tracking (cookies) unless you make use exclusively of disposable VMs via Tor (as your IP otherwise is the same from one Qubes to another from the perspective of web servers tracking you via Google/Facebook or whatever other tracker). You can have one of the most secure password manager (half of it, the wallet is in a disconnected from the network qubes, the other half is connected to clients Qubes leveraging PgP). The most important thing is I believe to help educate people about "true" security. Once you've spoken with people in this community you start to grasp how much you don't know about security when you though you were the boss using your Kali VM.

@skilletpan5674

5 ай бұрын

It's a cool idea but it's a pain for the avg user to navigate it etc. Installation can be a nightmare as well. I think it'll be another 5 years or so before it's more mainstream. Personally I want the VM manager stuff in a normal Linux setup. Take out the annoying stuff like separate keyboard copy buffers etc and just allow it to dumb paste into where ever but have the VM seperation and you've got my ideal OS.

@JustAnotherAlchemist

5 ай бұрын

@@skilletpan5674 If I'm being honest, QubesOS has other issues as well. I just didn't care to comment about them as it's likely to start an argument that I don't want to be involved in.

I'm kinda more surprised to see this has a gui and a desktop environment😅

@notafbihoneypot8487

5 ай бұрын

REAL

@hackerman.1337

5 ай бұрын

@@notafbihoneypot8487 Hi, the real notafbihoeypot!

@hackerman.1337

5 ай бұрын

@@Spinetap less code less bugs so yes WM are more secure

@supercellodude

5 ай бұрын

Although a window manager like dwm is more auditable than xfwm and its related components, there are aspects of the qubes user experience that effectively require that the graphical interface have more functionality both through daemons and interface options. Inter-qube clipboard, inter-qube file transfer, managing allocation of hardware device access among qubes all require daemons to track clipboard usage, new right-click options in both the guest and the hypervisor interfaces, and a significant amount of python scripting to glue it all together. Personally, I'm trying to weigh the completed form of qubes' user experience (for lack of a better term) vs making containers and small VMs on a more minimal distro where I could run dwm and friends as the defaults.

@alexdubois6585

5 ай бұрын

In fact it is one of the core benefit vs having VMs, because if what is running in your graphics card guest compromised, you lost. With QubesOS (you don't natively have GPU/3D), each VM paint it's "display" using a virtual graphics card, the windows manager, which runs in Dom0 is copying this frame-buffer in your video card frame buffer. It also leverage this functionality to "remove" vulnerabilities in PDF (which may compromise your printer for example). It use a disposable VM to render the PDF, and another disposable VM to capture the image of the rendered PDF and then generating a PDF with all the pictures.... You loose the copy/paste functionality, but your target PDF can go in your safer research qubes without being a risk of compromising your PDF reader. All of this is "transparent" (if I remeber it is just a "send to PDF cleaner" type of right click menu.

Too bad you missed the official release of QubesOS 4.2, it has a lot of improvements to the GUI

@sn1000k

5 ай бұрын

But that would disrupt his narrative

@the_alien293

5 ай бұрын

who cares for this shitty complex os

@eropoke

5 ай бұрын

@@the_alien293then why are you here

@sleeplessdev7204

5 ай бұрын

@@the_alien293 It's optimized for security, not convenience

@Christmaswreath

5 ай бұрын

"nobody cares about it" until macos adds it. @@the_alien293 , you remind me of my brother who hates linux. that's exactly like saying that "i want the internet to run on fast hardware with software that slows it down" since windows is incredibly slow especially compared to linux. most of the websites on the internet are running of of some GNU based OS (or alpine linux lol)

One of the reasons why they advise against using nested virtualization is because it negates some of the privacy benefits of Qubes. The Virtualized networking in Qubes is IMO it's best feature. The firewall isn't an add-on to the OS like other OSes but rather an integrated feature like Tails. You can completely control what packets leave your computer, choose what avenues they take (vpns, tor, proxy chains, et)., Create combinations. Whitelist/blacklist ips and apps. If you throw Qubes on a normal OS and virtualize it, the host OS will leak packets. If virtualized on Windows 11 things are even worse as Windows has practically become a keylogger.

@surfingsub5854

5 ай бұрын

quote: " If virtualized on Windows 11 things are even worse as Windows has practically become a keylogger." AMEN there. I've been on windows for decades and it gets worse and worse every year with tracking and monitoring.

@MrAw3sum

3 ай бұрын

how is windows 11 like a keylogger and how do you stop it? I disabled some of the widget things and personalization things.

@mydogsbutler

3 ай бұрын

@@surfingsub5854 And it's about to get way worse with AI integration,. Big brother is almost here. Putting aside the legal aspects , from a spying capability standpoint soon pretty much everything we do on our computers will be tracked by AI. I think once people understand the power that governments and corporations will have with AI running on our computers you will see a huge interest in OSes like Qubes. It's not quite average consumer friendly yet but from privacy capability standpoint it's far superior to any alternative I've tried. Tails is ok from privacy end of things but not as versatile. AI has its uses so I'll still use windows too but when I want privacy I switch to my linux box and a variety of virtual instances.

@mydogsbutler

3 ай бұрын

@@MrAw3sum Too long a list to write all the sketchy privacy things windows does but I can tell you the biggest one.... encrypted mystery telemetry. Windows computers are contacting Microsoft servers constantly and we have little clue what data they are sending. Microsoft is vague in describing precisely and there is no built-in feature to turn off telemetry entirely. THere is a third party tool called ooshutup10 that can shut off telemetry but if you are inexperienced I wouldn't recommend it. I don't use myself because turning of features with telemetry can have negative side effects and Microsoft can turn telemetry back on with any given update. It was too much of a time waster for me to use. The approach I would recommend for semi-privacy is get a second computer with some linux distro on it and use that when you want to do something more private. Don't use your real name or connect to any service that uses your real name when using it. Ubuntu would be good choice with a newb. (Qubes is still for advanced users at the moment). Maybe subscribe to a VPN service that you can also use on that computer. Keep in mind though, obfuscation is not pure anonymity. IMO only someone very experienced in tech has any practical hope of that online. And even then it's a lot of work and impractical for daily driver. If anyone plans to send nuclear secrets to North Korea from their home the NSA will get them lol.

Nothing is cooler than running windows 10, 11, Mac, Kali, Debian, Fedora, Mint, Ubuntu, & Arch all right next to each other in Qubes! I hope you will give 4.2 another chance! If you're committed to moving on to something else perhaps you would consider creating some content for the Xen hypervisor? Thanks for another informative video chuck! Looking forward to more!

I used it for about 4 years as my main OS for my development machine with Debian in the VMs. I don't have too high security requirements, but I like the compartmentalization. There wasn't anything to hate in my opinion. It worked really well all the time - until recently. An update broke my install and I wasn't able to repair it. I tried NixOS, as I planned for a while, and I'm hooked and switched away from Qubes. Not as secure, but I can't resist the declarative configuration.

@Ethorbit

5 ай бұрын

+1 for NixOS. Switching from Arch for the same love of declarative configuration, it's brilliant.

@daveproxy80

5 ай бұрын

@@Ethorbit gonna read about it now

@sachinchaudhary1310

5 ай бұрын

me too i was distrohopping for like 6 month i started my journy with distro hopping

@gzoechi

Ай бұрын

@infonotforsale-dx2nb It's easy enough to make backups. Security always comes with some inconvenience. It's a niche and therefore has limited resources. If you do need the security it's definitely worth it. If you don't need it then it's not so clear cut but they are very clear about who their target audience is. I don't see a reason to just discard it.

Very glad I found this channel. I did not know about the different window colors in Qubes.

Ngl, the idea of "Why don't we just run each app in its own little sandbox" crossed my mind several times, but to see an OS spin up a whole XEN VM for it... Wow. Cool concept, and fact that they got it so far already.

@axle.student

5 ай бұрын

It's an interesting concept. I typically just run a heap of VM clients side by side for much the same results.

@RavDeBest

4 ай бұрын

The problem with this is, it will be hard to run programs (for a normal computer user atleast). For example lets say you download minecraft mods, and you use a mod manager. The program need to find minecraft order it to run.

@adriancoanda9227

4 ай бұрын

@@RavDeBest lol that can be configured it is like docker the linkage is via uuids you can have parts of the Software running in the other part of the earth

@RavDeBest

4 ай бұрын

@@adriancoanda9227 Yes I think you can but Normal user wouldn't know. My cousin doesn't even know how to check Ram till now

Rufus is good, but have you tried Ventoy? It lets you create a bootable usb once, and then you can just drop iso's onto it, letting you select the right one through the bootloader.

@markb4168

5 ай бұрын

Yep... Yummi is similar. I prefer Rufus tho. Purely preference.

@volvo09

5 ай бұрын

That is cool, so you can easily make a USB stick with multiple bootable ISO's?

@markb4168

5 ай бұрын

@@volvo09 yep

@markb4168

5 ай бұрын

@@volvo09 Yumi is a good tool... Add multiple iso del isos any of em easily at will. Without formatting constantly.

@JorneDeSmedt

5 ай бұрын

@@volvo09 Yes, exactly. I only found out about it fairly recently myself.

I really enjoyed the questions segment. It was really well done, nicely made, fun to learn from and challenging to someone who is learning. Great content mate keep it up and thank you!

Pleasantly surprised to see this OS in your channel. Been following Invisible Things Lab like eternity, a talented team.

Found your channel recently (The video about Tails OS and the Darkweb) loving the content so far my man. Happy holidays.

Great video Chuck, just installed Qubes on my new laptop. Wasn't as hard as you hyped it up to be glad to say. Probably because it's a brand new laptop

Very interesting video. I got all questions right, but I got last two of them, almost by chance.

love your channel, you teach well, and thanx because you help me learn easily, you break it down well

After about a week, qubes just works for me. Yes it takes some tweaking. But honestly I don't see how I could go back to a 'normal' system

2 mins in......interesting! Simple idea but....complex creation. Never heard of this one, and i have no worries about privacy, well no major worries right now(future worries 100% given the worlds agenda lol).....but this is interesting. Thanks Chuck! and not even oddly enough, i had just made a cup of coffee🤘

Thanks to show the bios staff, lot of pros keep that to get money, thanks for your content🎉 Merry Christmas 🎉

I got lucky on the Cgroup question, I was unsure but I went with my gut and said C so I actually got a 120! Great video and a cool OS I might have to poke around if I can pick up a laptop to play with

I use Qubes OS as my daily driver. Good points are that i am so much faster than everyone i work with at spinning up test VMs. My Facebook etc is not visible in my work etc. Also if i share my screen in slack Qubes only makes windows visible in the qube that slack is executing in. The strict networking is great for testing our networking product. The things that suck are i have a new laptop and have been running the beta version with a few quirks. I sometimes find the USB camera can disconnect meaning i have to add remove the software device to the qube. Audio can sometimes be a little weird. However i do think it's awesome. I also have Windows and FreeBSD qubes up and running as well

@NotReapiu-gd2zg

23 күн бұрын

Sadly thr support for GPU acceleration isn't so good yet. Nowadays even basic browser applications require graphics acceleration to work normally.

Okay first things first before ADHD makes me side rail myself, I got two wrong (double guessed my self on the chroot one). Second thing, I love how you ended the video "I don't care I'm just still going to use Windows, Linux, & Mac". Keep on being awesome Mr. Chuck!

I love Qubes. Sure there is a steep learning curve but once you got used to it it's hard to go back to a regular OS. Having an hypervisor running as the main OS on your computer allows for a lot of things, it goes beyond security. I keep using it not because I have to for security, but because I really love it.

I've got 120 but last 2 questions was kind of guessing by choosing what sounds more reasonable, or by eliminating definitely wrong answers because I used chroot couple of times before and the only thing I remember that it is applied to directories.

Small correction! During the installation, a window from sys-whonix popped up asking you to connect/configure a tor connection. You say that it's asking if the whole system should be torified, but that's not what the prompt is doing. It's just asking whether sys-whonix should connect directly to the tor network, or if it needs to have a bridge configured. In fact, due to the nature of QubesOS, sys-whonix wouldn't be able to make that kind've system-wide change even if it wanted to.

As a tip for the ROG laptop you can also hit the BIOS menu by hitting escape (before the ROG logo pops up). You may need to press several times but once you figure out the timing, you can get it fairly consistently by just pressing once. Also this OS is interesting but I feel like it's more practical (for me at least) to use more established methods for making VMs. If you want to go the extra secure route, I'd prefer using Whonix in a VM but that may be me. Edit: Tails OS is not usable in VMs but Whonix is. I got them mixed up.

@aliceryan7053

5 ай бұрын

Tails isn't meant for VMs. Whonix is. (Whonix is bundled in qubes)

@LordTails

5 ай бұрын

@@aliceryan7053 thanks for the catch. Updated my comment accordingly. I don't make use of either so had to look it up.

I used this for a longggggg time. Loved it! But on older hardware, like what I had, it was a bit slow

I followed alot of guides on how to install that operating system and you were the only one who explained about understanding if your computor is capable of running it but anywa I just gave up on linux all together never got any of them to run correctly.

I got a score of 100 points! (out of 120) The only question I didn't get was with Linux containerization. (Something I haven't messed with or learned about yet.)

@michaelkrailo5725

2 ай бұрын

Second google hit " But unlike a virtual machine, rather than creating a whole virtual operating system, containers don't need to replicate an entire operating system, only the individual components they need in order to operate. This gives a significant performance boost and reduces the size of the application."

Based on the title I was expecting an OS so locked down it was painful to just use. I know security does not equal usability. But Qubes OS looks awesome! As soon as you started spinning up VMs on the fly my mind was blown at how cool that was! There are some obvious drawbacks, like needing an ungodly amount of RAM for the more stuff you throw at it, but I'm sitting over here thinking, "I could actually daily drive this and it wouldn't be that bad! Realistically, I wouldn't daily it, just have some fun, and be aware if I ever need something crazy secure, I know the OS to go to. But this is very usable! Which goes to show, security, even really good security, doesn't always need to burn usability to the ground to be effective.

I tried a test build on an old rig (i7-2600k) and it threw up a slew of errors during installation about the age of the hardware and missing vital hardware support for virtualisation or encryption support (going on a 4 month old memory there). I found USB support for the console kept failing, it just looked like something that wasn't workable unless you had far more contemporary hardware. A real shame because I was curious to see how this worked in a practical sense too.

Holiday-Happy to Headache in 14.2 minutes. Seriously, thanks for explaining this.

I experimented with Qubes OS, and while it offers some interesting features, the initial setup can be quite time-consuming, especially when configuring multiple virtual machines (VMs) and installing various applications. Customizing VMs or updating default ones can be a bit of a hassle, and I encountered issues with the performance of GNOME Desktop Environment (DE) VMs. Additionally, switching the dom0 to KDE resulted in app display problems, so I opted not to make that switch. Regrettably, I found myself exhausted from the extensive tinkering required, even before personalizing my guest VMs or attempting to set up a Windows VM. Eventually, I decided to install a different operating system on my disk. However, this process also proved challenging due to the modifications Qubes makes to the disk, making it somewhat cumbersome to override. at the end I just went back to Nobara KDE.

@surfingsub5854

5 ай бұрын

"Nobara KDE" - Yes, great work there. On one of my laptops it works great. On high-end desktop though too many instability issues and Windows VM builds and boots first time but after rebooting main computer and coming back the Windows VM hangs and won't run anymore. Hoping that Fedora makes some other updates in 40 to correct such issues. I simply don't have time or energy to tinker with it. Do love it on my laptop though.

Qubes runs so much better on physical hardware instead of in a VM. Much faster. I love it, but I use too many apps that don’t support linux so I’ve had to switch back.

@trueriver1950

5 ай бұрын

Can't you spin up a Windows Qube for those apps? Did you try? If so what went wrong?

@CodyDaig

5 ай бұрын

@@trueriver1950 I had a lot of issues running Windows VMs. (I just couldn’t find the right settings for them at the time a couple years ago). My experience is all a couple years ago. Now I’m on Mac for work and don’t even bother with a personal computer.

@warthogA10

4 ай бұрын

That's the entire purpose of windows, Mac, and Android controlling the os, software and hardware markets... because they all are fully onboard with allowing and have govt tracking/spyware and back doors baked deep within the os. As do many 3rd party software such as quickbooks, browsers, email, social media, etc Every instance of being online is picked up through these operating systems, can be logged, cached, transmitted etc. and they can infiltrated the lan

This is awesome! Thank you so much Chuck!

Impromptu Quiz: Welp, apparently I haven't meddled in CGroups yet; 90 points, also kudos to Qubes for using the old Windblows xp silver theme style & for making an OS that I would be putting on my dads laptop (if only it could handle it...)

Qubes OS was invented by my compatriot Joanna Rutkowska. So, one more reason to be proud. And by the way you should focus on the newest version and Qubes OS should be installed on hardware that is supported, what was written a long time ago on their website. I know about this OS since it has been released. I really like it.

@camaycama7479

5 ай бұрын

Great testimony. About the same thing here 😀

@surfingsub5854

5 ай бұрын

Yes, I love the idea, but OLD and SLOW hardware is the issue. They really need support for modern state of the art HIGH END systems.

@xmarkx9988

4 ай бұрын

@@surfingsub5854 The reason for the old hardware is Intel used in newer processors a backdoor to control your network, you may ask the NSA what it really does ...

I could see making this my main OS someday when it's developed a little more and I can spin up a windows gaming qube for blizzard-like windows games.

@edhahaz

5 ай бұрын

Practical things like that are not the focus of the system. We all know a security project is best when only guys hunted by the FBI are willing to put up with using it.

@0blivioniox864

5 ай бұрын

@@edhahaz wat

@paulchatel2215

5 ай бұрын

You can do that already with pci passthrough if you have two gpus.

@alexdubois6585

5 ай бұрын

@@paulchatel2215 is the support for it better now? 4-5 years ago, it was really on the edge (mainly due to buggy firmware from NVidia)

i have used kali for years dual boot with windows 11. i tried qubes os on my pc, and when booted i had no idea at all where to begin from, i could not connect to the network, etc. but after watching this video i now have a clue where to begin from. after taking my cisco ccna i know what type one and type two hypervisor and the whole video was awesome to me.

Best KZread of the month. Thanks for this - I need it.

I run multiple live Tails instances inside of isolated Qubes for each context of my life while running it all virtually on an air-gapped homelab that only connects to the internet via morse-code transmitted over HF CB Radio via Tor 😂

@jasonpitts8395

5 ай бұрын

+ over DMR 256 AES multi key encryption

@juloup

5 ай бұрын

you have a cb or a hackrf ?

@Argylleagen

5 ай бұрын

all that just to use chrome for your banking because the website doesn't support firefox

18:34 I got 60 points. I embarrassingly got the second noob question wrong because I thought su means switch user and assumed that the su in sudo must mean the same thing. I knew about systemctl because of a brief adventure in Arch where I had to use it A LOT! I got the second expert question right only because I knew it couldn't be A, B or C, not because I actually understood what D meant lol. That was fun though, haha.

@soulstenance

5 ай бұрын

Noob = 10 pts B ls ✅ A switch user/do ❌ Intermediate = 20 pts D ps ❌ C systemctl ✅ Expert = 30 pts D ❌ D ✅

@M1szS

5 ай бұрын

also 60 points, but i just did all the noob and intermediate questions

@soulstenance

5 ай бұрын

@@M1szS Not bad! I should have gotten those. Not enough coffee is my excuse. 😅😝

Interesting, bythoway the background music is fire 🔥🔥🔥

Wow Mr. Chuck, enabling iommu inside of a nested type 1 hypervisor. Ballsy my friend. Ballsy.

The absolute vast majority of my private info that is found on the "dark web" is due to the negligence of various organizations whether its a private company i.e. Sony, or a government organization i.e. OPM.

One question, you used Rufus with DD mode . How do you recover that usb after writing in DD mode ? Is it even possible to revert it to unbootable usb storage?

@volvo09

5 ай бұрын

I believe if you just do a "clean" command using diskpart (windows) it'll remove any bootable flags and partition data.

@sthecommenter76

5 ай бұрын

@@volvo09 I did it once, and then tried to create a partition but Diskpart failed to create one. And then the flash drive died .When I connect it to my PC Windows recognizes something is connected to it but not as a storage device , nor a disk .

very informative as always bro

Wohoo I only failed at the last one, great video as always Chuck

TempleOS is way more secure

@FuckYourFeelings914

5 ай бұрын

😂😂😂😂😂

@michalkap9859

5 ай бұрын

Yes

@jebotipasmater

5 ай бұрын

It even protects you against STDs. 😷

@PawitSahare

5 ай бұрын

Nah Redox, Slax, MenuteOs are secured by default

@dronefootagelivestream7905

5 ай бұрын

Lol!

My favorite channel, the coffee is ready❤

@markb4168

5 ай бұрын

Nice! Have you tried the BlackOut stuff? I just got my first bag the other day and.... It's seriously the best coffee I ever had. Just throwing that out there, from one coffee lover to another.

Dom-0 reminds me of the Avaya system platform OS I used to install and work on for communication systems.

I love the idea and I was able to get it to install on an older low power laptop but too slow to work with. Tried to install on high-end laptop and desktop and both of them fail to complete install. Not sure if Fedora at issue but tried other builds still would not install. Part of the issue with complex builds though is that if there is an update that breaks it one needs to be very deep in the weeds to know how to fix it. Most of us probably cannot spend days or weeks with the OS not working. I suppose some people with multiple other systems at their disposal could. I'll wait another year or two to see how far along development has come to support high end hardware. Though their documentation does say it's not supported by most vanilla systems. But what they do support is old and slow.

Fun fact: portable rufus installs exactly the same way that regular rufus does, the only difference is that it creates a properties file in the same directory that it is in. They explain it in their FAQ - "Difference between portable and non-portable versions".

And here I always thought OpenBSD was the most secure OS. This one just feels like overkill, but considering some of the threats out there maybe there's no such thing as "overkill."

@JoeyGarcia

5 ай бұрын

Same! When I think of a secure OS, I always think of OpenBSD.

@user-sy8yp2mf1j

5 ай бұрын

I'm human are you accepting new patients and clients into your service.

I don't know kasm workspaces has an option to erase everything if you log out. I'll probably just stick with that is it works really well and it's super simple to set up.

My score was 90 🎉🎉🎉, I wasn't knowing the difference between cgroups and namespace 😅, thanks for sharing 😊

Hey how can I build/modify os for my raspberry Pi

@warehouse8787

5 ай бұрын

DId you not see the system requirements part?

fair warning about storage management before you even burn a disk image onto a USB to make an install disk: if you overflow a storage limit on a VM, the whole OS breaks, like not bootable.

Def also make sure you put it on hardwear that has/supports coreboot

nice concept, so it's more like a collection of VMs running side by side... interesting.

i thought the most secure OS was AS/400... not known by the many :)

If only windows was built like this, it would be almost perfect.

@ChrisAzure

5 ай бұрын

Windows 10/11 does have built-in feature, similar, but not the extreme like Qube, it allows you to open and instance of Windows running on a hypervisor completely isolated. Edit: It's called Windows Sandbox

@Ethorbit

5 ай бұрын

@@ChrisAzure Yeah, but everything about it is proprietary. Is it really secure? Who knows!

00:01 Cube's OS is focused on extreme security measures. 01:40 Securely run multiple virtual machines on one computer 04:55 Templates help in maintaining and updating core applications. 06:44 Qubes OS treats Dom zero as the most trusted and critical part of the system 09:55 Setting up a secure OS using Rufus and VMware Workstation player. 11:36 Creating a virtual machine with Fedora 64bit OS 15:03 Disable secure boot and select boot options for OS installation 16:38 Installing Fedora 11 hoix with default options 19:54 Running your own virtual machines provides better security options

Chuckkkkk please upload more frequent videos!!!! I learned a lot from you within the past 2 years! There is literally nothing left to watch. I would love to see more RPI videos Hacking videos, LETS DIVE IN!!!!!!

If paranoia had paranoia

No matter how secure an system is it doesn't protect against human errors.

Been using qubes os for about 4 years now and its amazing i love it.

Wait for logically speaking if I’m on Firefox and I go to sketchy website because everything is isolated and something happens it won’t actually affect the computer because it’s in its own environment is that correct?

DO NOT run a VM it compermises the whole point and security of it.

@quinniwe

5 ай бұрын

Run Pubes- I mean QubesOS on a VM*

@ralphm6901

5 ай бұрын

For a daily driver, no. On other other hand, if I just want to try it out, why not throw it in a VM before committing to bare metal?

@notafbihoneypot8487

5 ай бұрын

@@ralphm6901 then just spin up VMs, it would be counterintuitive to Do it any other way.

Don't use vmware!

@initiald975

2 ай бұрын

Why?

@RonnieRedd

2 ай бұрын

@initiald975 closed source, proprietary and crap. There's a wide, wonderful world of better options.

@ColtonPlays2

Ай бұрын

@@RonnieReddbro 💀 it ain't a virus man I used it no virus I was free. Probably have the worst antivirus in the world 😭

@wilsontulus

Ай бұрын

Yeah right, until you tried to set up a 3D accelerated Windows VM and realized your IOMMU is totally borked and VBox and VMware are the only options.

@TechStuff885

Ай бұрын

​@@wilsontulusqemu

haha, I haven't been to your channel in a long time, I even forgot how much you love coffee. I am an aspiring Systems Administrator. I am such a slow poke. Been wanting to get into IT for 5 years yet I still don't have my first IT job. Spring 2024 will change that. I'm not back, but just checking in. Subscribed for life. See y'all later.

You're channel is one of my favourite youtube channels period. I'll be joining ITPRO TV.

Qubes OS is for professionals. Not for the average wannabe.

@markb4168

5 ай бұрын

Lol

@quinniwe

5 ай бұрын

Not really. QubesOS makes it really easy to run fast and private Virtual Machines since it uses a type 1 hypervisor

Yo do you have a playlist of the basics of understanding all this stuff or just the basics of computers

I want a pack of balloons

I love your work Network. When I grow up, I want to be like you.

90/120. Missed the cgroups question, dang it. But probably pretty good for less than a year of using Linux.

Clickbait title

@amisanthrope247

2 ай бұрын

What other purpose could a online title serve? Whenever someone dislikes what they've clicked on, then it's clickbait. Every title is clickbait. That's literally the one & only purpose of a title. Thanks for pointing out what titles are for.

@bruhda7469

2 ай бұрын

What do you expect from chuck

@CommentNothingXD

2 ай бұрын

@@bruhda7469 My definition of clickbait is having a video where the title and thumbnail are different from the video content and the "I hate it" part made me think he'd have points towards why not to use it.

What is the intro song? Thanks. Edit: It's Underground Moments - Cushy

Love all your videos ❤❤❤

part of the security comes from the management container dom0 and its interaction or lack of with the other vms. it's kind of like local out of band management from my research. some of qubes' underlying foundation is built around vm aware malware (vm hoping is a thing).

I got it working on a 12 year old dell laptop with just 8Gb of ram and 250Gb of storage and indeed an intel that's 64 bit with VT-x. They have that for about 20 years now I guess... But indeed, it is not quick; starting up an entire linux kernel plus underlying OS is going to take a few moment at startup. And it is limited, especially when you would like to use the graphics card directly for, for instance, blender or running a machine learning model.

Thank you Chuck!!!

Kinda like running a windows 3. 1 instance with in OS/2. I loved OS/2.

Funny, reminds me of the old secure VAX VMS OS, from the 80s. Every application had almost 200 permission flags, for devices and operation. A super pain to administer, this seems to be a lot simpler. Thanks

This is really interesting. Thanks a lot. Have you heard about TAILS OS?

@sakurazakikasumi2157

3 ай бұрын

Me and it's awesome

120, but I got kinda lucky on that cgroup and namespace question. I picked the one that intuitively sounded right to me. 😅🤷‍♂️

Haven't tried latest version of Qubes but install it from time to time to fiddle with. The idea of virtualizing every app is the future but the execution was buggy and not user friendly. I'm an experienced IT guy. Average non-techie would be mostly lost. Nevertheless I hope the project continues to improve to the point it becomes more intuitive and stable. I'd love to use Qubes or something like it as a daily driver. And one day I hope the devs realize the term "Qubes" is uncomfortably too close to the word "Pubes" and change the fricken name.

Some help please … * Upon booting, I'm greeted with two error messages: Line 1: "Error: File '/boot/grub2/i386-pc/efi_gop.mod' not found." Line 2: "Error: File '/boot/grub2/i386-pc/efi_uga.mod' not found." * Despite the errors, the installation menu briefly appears less than a second after booting.The menu includes options such as "Install Qubes OS," "Test Media and Install Qubes," and troubleshooting options. * Upon selecting "Install Qubes OS," I encounter a black screen with a blinking white cursor (_). * I successfully installed Qubes OS on this same computer approximately one year ago without encountering such issues. Any suggestion ?

Needed this laugh, Merry Christmas Chuck

Please always verify signature of the downloaded files when talking about security and privacy. They could have been tempered with before even downloading them,

So, it's a Xen system with preconfigured templates for VMs for apps and different things and a bit of GUI to make it fairly usable. It was just a matter of time till somebody made something like that. Not sure what took them so long. Yeah, I'm sure it's cool if you need that kind of security, but it's not for everyone. It's resource-hungry and slow and a bit cumbersome to use compared to normal OSs.

If the DOM kernel is isolated from the internet, how do you do upgrades? presumably from a child or cube that DOES have access? Can you re-enable secure boot once you have everything installed?

@bengrogan9710

5 ай бұрын

No, While using this Secureboot needs to remain off - Secureboot runs a hash chack vs a database of known good bootloaders They are too small to be registered with secureboot - so it would refuse to load

In all honesty, im glad you finally made this video.

Hello chuck, can you tell me how do you annotate on the screen , I bought a hunion screen has pen, connects and acts like a second screen , can write on paint and others,but as a teacher would like to write on anything the screen , how do you do it?, software?, thanks, keep the good work

Merry Christmas ⛄

what about visual data on your windows? can you run it without running another os. can I use is alone?

I don't know how... but I was looking at the 2nd to last question and i figured it was either A or B regarding cgroups and namespaces... I was wrong, as it was B and not A. But the fact that I was close to being correct surprised me because I didn't think that I'd be at least 80 percent correct for the entirety. I used linux rigorously because I wanted to do virtualization so that I can make windows.. a "mostly" enclosed gaming vm. But that aside, I think I should get back into computers again... I learned a lot in linux and experienced a lot in server hardware.

lol@ Eddy Wally showing up at the very end