OS level security
Popular operating systems like Windows or OS X suffer from security issues due to their pre-installed dependencies. For example, opening an innocent portable executable (PE) downloaded from the Internet without knowing about the actual functionality of the particular PE, allows malware to execute on your computer. Once the malware is executed, the entire OS is compromised. Traditional security systems like antivirus software and firewalls are not capable of detecting present day attacks/ intrusions. The Qubes OS provides security services at the operating system level; hence, it is called a security-oriented OS (Figure 1).
Qubes allows users to define their own security domains, which are implemented as lightweight VMs or AppVMs. A person can have personal, work-related, shopping, banking and random AppVMs and can use the applications within those VMs. However, these applications are well isolated from each other. Qubes also supports secure copy-and-paste and file sharing between the AppVMs. The OS executes all the applications in isolated VMs in order to achieve security without being compromised. For example, a user can download any type of file from the Internet and can
To view various command line tools, please execute the following command:
For managing AppVMs and TemplateVMs, a GUI based ‘Qubes Virtual Manager’ is used (Figure 2).