Is Qubes OS the only way forward?
>>3730 What does it do that others don't?
>Qubes takes an approach called security by compartmentalization, which allows you to compartmentalize the various parts of your digital life into securely isolated virtual machines (VMs). A VM is basically a simulated computer with its own OS which runs as software on your physical computer. You can think of a VM as a computer within a computer. great concept. As usual, autists suck at the "show, don't tell" concept. Post a fucking video of how the compartimentalization actually works, so we can see
Unless somebody is actually targeting YOU just install Ubuntu and stop giving a fuck, nobody cares with gazillions of Windows boxes around
>>3733 I do I'm paranoid. What Qubes is doing should be the norm for all other linuxes
>>3734 No, it shouldn't. Running stuff in VMs wastes a lot of RAM and slows the system down, and usually there's no reason to do it
>>3735 >usually there's no reason to do it Security from trojans
>>3736 And how exactly would a Linux user get a trojan unless somebody with hacker superpowers specifically targets him?
>>3737 (Note for Windows users lurking here: Linux has a thing called Distributions which include pretty much all available software, they don't run screensavers or games from obscure download sites)
>>3736 >>3737 >>3738 Linux can still get malware in drivers, firmware. These are sophisticated attacks compared to the FBI installing CP with Windows Update, but they still exist. This is a broad generalization, but IMHO with Linux, you can defend yourself from automated spying, with free firmware + open hardware we'll be able to defend ourselves from almost everything. But we do have to get there.
>>3739 >Linux can still get malware in drivers, firmware Yes, but this code runs in Ring 0 (CPU Memory protection stuff) and can access everything anyway, running the webbrowser in a VM doesn't help when the attacker sits in the microcode of your CPU. Also if one user gets it all get it, and a trojan in firmware or a closed-source driver could pretty much ruin a company (Remember the shitstorm after Sony's silly Windows-rootkit which didn't even do any harm, http://www.networkworld.com/article/2998251/malware-cybercrime/sony-bmg-rootkit-scandal-10-years-later.html )
>>3740 >Yes, but this code runs in Ring 0 (CPU Memory protection stuff) and can access everything anyway, running the webbrowser in a VM doesn't help when the attacker sits in the microcode of your CPU. Fair enough my chum. On the other hand, isolation by security does help against zero day exploits, unresolved bugs in software. e.g. you run your Flash enabled browser in a domain that doesn't allow disk access. Even if Flash or your browser is exploitable, it won't be able to access the disk.
>>3738 But but... they said if I run the screen saver a beautiful russian girl will come and suck my cock and a nigerian prince will give me all teh moneysss
>>3745 >run your Flash enabled browser in a domain that doesn't allow disk access I can run it as a different user and it can't access my files. Standard Unix access control suffices for this, I don't even have to use chroot()
>>3735 You should have the option to if you want, and you know you can burn the memory
>>3735 >wastes a lot of RAM There's no excuse for not having at least 32GB of RAM
>>3751 Linux user here. 32Gb RAM. Never used it. I mean, the most demanding crap I've done was 3D rendering, process that takes it's toll on the memory, plus a VM, plus Chrome leaking memory like an incontinent infant, plus tons of crap. > 25Gb used. I think it'll be a while for me to actually need 32 Gb, win on the other hand... IDK, I don't have it.
>>3751 I have a netbook ca 2009 which can address max 2 GB RAM and a notebook the same age which could address 4 GB but has only 3 GB. I don't see a reason to buy anything new/bigger
>>3751 Not a clue as to the topic...just noticed on page 1....funny story... I was once systems analyst for a large hotel, mall with 13 restaurants and bars and about 85 shops Everything ended up passing thru my PC So I tell the board of directors one day I needed to upgrade to a 64meg hard drive Frivolous expense...they turned me down.
>>3754 But I bet in the case everything collapses it would be your fault, right?