Deep Into Qubes at Hackers on Planet Earth 2018
If you’ll be in New York City between July 20th and 22nd, you might want to check out the biannual Hackers on Planet Earth conference where I’ll be speaking about the Qubes OS, an operating system that I use every day for my work at The Intercept.
In most operating systems like Windows, macOS, and all Linux distributions, all it takes is one mistake -- open the wrong PDF, plug in the wrong USB stick, `curl | bash` the wrong URL -- and it's game over. Even without root, the attacker can access all of your data, take screenshots, listen through your mic, watch you through your webcam, and get persistence to spy on you in the future.
Qubes OS aims to be a “reasonably secure” operating system that doesn't have this problem. In Qubes, your host machine runs a thin layer of software for managing a graphical desktop environment and all other software is compartmentalized in separate virtual machines, with strict controls on what hardware they can access and how they can communicate, all while being usable enough to run as your daily OS.
In my talk I'll show off some of the cool things that this approach makes possible, like opening email attachments in "disposable VMs," managing anonymous identities using Tor and Whonix, keeping secrets like password databases, PGP keys, and sensitive documents stored in vaults without internet access, using different VPNs for different parts of your computer at once, and much more. Beginners are welcome.
My talk is scheduled for Friday, July 20 at 3:00 p.m. Later in the day I’ll also host a hands-on Qubes workshop where I can answer any questions, and show you how to get started doing some of the trickier tasks.