Qubes OS is an operating system built out of securely-isolated compartments called qubes. For example, you might have a work qube, a personal qube, a banking qube, a web browsing qube, and so on. You can have as many qubes as you want! Most of the time, you’ll be using an app qube, which is a qube intended for running software programs like web browsers, email clients, and word processors. Each app qube is based on another type of qube called a template. More than one qube can be based on the same template. Importantly, a qube cannot modify its template in any way. This means that, if a qube is ever compromised, its template and any other qubes based on that template will remain safe. This is what makes Qubes OS so secure. Even if an attack is successful, the damage is limited to a single qube.
Suppose you want to use your favorite web browser in several different qubes. You’d install the web browser in a template, then every qube based on that template would be able to run the web browser software (while still being forbidden from modifying the template and any other qubes). This way, you only have to install the web browser a single time, and updating the template serves to update all the qubes based on it. This elegant design saves time and space while enhancing security.
There are also some “helper” qubes in your system. Each qube that connects to the Internet does so through a network-providing service qube. If you need to access USB devices, another service qube will do that. There’s also a management qube that automatically handles a lot of background housekeeping. For the most part, you won’t have to worry about it, but it’s nice to know that it’s there. As with app qubes, service qubes and management qubes are also based on templates. Templates are usually named after their operating system (often a Linux distribution) and corresponding version number. There are many ready-to-use templates to choose from, and you can download and have as many as you like.
Last but not least, there’s a very special admin qube which, as the name suggests, is used to administer your entire system. There’s only one admin qube, and it’s called dom0. You can think of it as the master qube, holding ultimate power over everything that happens in Qubes OS. Dom0 is more trusted than any other qube. If dom0 were ever compromised, it would be “game over.” The entire system would effectively be compromised. That’s why everything in Qubes OS is specifically designed to protect dom0 and ensure that doesn’t happen. Due to its overarching importance, dom0 has no network connectivity and is used only for running the desktop environment and window manager. Dom0 should never be used for anything else. In particular, you should never run user applications in dom0. (That’s what your app qubes are for!)
Color & Security
You’ll choose a color for each of your qubes out of a predefined set of colors. Each window on your desktop will have its frame colored according to the color of that qube. These colored frames help you keep track of which qube each window belongs to and how trustworthy it is. This is especially helpful when you have the same app running in multiple qubes at the same time. For example, if you’re logged in to your bank account in one qube while doing some random web surfing in a different qube, you wouldn’t want to accidentally enter your banking password in the latter! The colored frames help to avoid such mistakes.
Most Qubes users associate red with what’s untrusted and dangerous (like a red light: stop! danger!), green with what’s safe and trusted, and yellow and orange with things in the middle. This color scheme also extends to include blue and black, which are usually interpreted as indicating progressively more trusted domains than green, with black being ultimately trusted. Color and associated meanings are ultimately up to you, however. The system itself does not treat the colors differently. If you create two identical qubes — black and red, say — they’ll be the same until you start using them differently. Feel free to use the colors in whatever way is most useful to you. For example, you might decide to use three or four qubes for work activities and give them all the same color — or all different colors. It’s entirely up to you.
On operating systems like Windows and macOS, the desktop environment is unchangeable and part of that operating system. With Linux, any of a number of desktop environments are an option. Qubes OS is installed with XFCE as its default desktop environment, but it also supports KDE, as well as the window managers i3 and AwesomeWM.
The bar at the top of your screen in Qubes 4.0 includes the following XFCE component areas:
- The Tray, where many functional widgets live.
- Spaces, an interface for virtual desktops. Virtual desktops do not have any inherent security isolation properties, but some users find them useful for organizing things.
- The Task Bar where buttons for open and hidden windows live.
- The App Menu, where you go to open an application within a qube, to open a dom0 terminal, to access administrative UI tools such as the Qube Manager, or to access settings panels for your desktop environment.
To learn more about how to customize your desktop environment, we recommend you spend some time going through XFCE’s documentation.
There are several tray widgets that are unique to Qubes OS:
- The Whonix SDWDate allows you to control the Tor connection in your
- The Qubes Clipboard lets you easily copy text from dom0.
- The Qubes Devices widget allows you to attach and detach devices — such as USB drives and cameras — to qubes.
- The Qubes Disk Space widget shows you how much storage you’re using. It’ll notify you if you’re ever running out of space.
- The Qubes Domains widget allows you to manage running qubes, turn them on and off, and monitor RAM and CPU usage.
- The Qubes Updater widget informs you when updates are available and helps you install them.
To see all of your qubes at the same time, you can use the Qube Manager (go to the App Menu → System Tools → Qube Manager), which displays the states of all the qubes in your system, even the ones that aren’t running.
All aspects of Qubes OS can be controlled using command-line tools. Opening a terminal emulator in dom0 can be done in several ways:
- Go to the App Menu and select Terminal Emulator at the top.
F3and search for
- Right-click on the desktop and select Open Terminal Here.
Terminal emulators can also be run in other qubes as normal programs. Various command-line tools are described as part of this guide, and the whole reference can be found here.
When you install Qubes OS, a number of qubes are pre-configured for you:
XXbeing the version number)
- Admin qube:
- Service qubes:
- App qubes configured to prioritize security by compartmentalizing tasks
and types of data:
vault. (There is nothing special about these qubes. If you were to create a black qube and name it
vault, it would be the same as the pre-configured
vaultqube. They’re just suggestions to get you started. )
A variety of open-source applications such as file managers, command-line terminals, printer managers, text editors, and “applets” used to configure different things like audio or parts of the user interface are also installed by default—most within the templates. Most are bundled with each template.
Adding, removing, and listing qubes
You can easily create a new qube with the Create Qubes VM option in the App Menu. If you need to add or remove qubes, simply use the Qube Manager’s Add and Remove buttons. You can also add, remove, and list qubes from the command line using the following tools:
How many qubes do I need?
That’s a great question, but there’s no one-size-fits-all answer. It depends on the structure of your digital life, and this is at least a little different for everyone. If you plan on using your system for work, then it also depends on what kind of job you do.
It’s a good idea to start out with the qubes created automatically by the
vault. If and when you start
to feel that some activity just doesn’t fit into any of your existing qubes, or
you want to partition some part of your life, you can easily create a new qube
for it. You’ll also be able to easily copy any
files you need to the newly-created qube.
Still not sure? You might find it helpful to read this article, which describes how one of the Qubes OS architects partitioned her digital life into security domains.
It is very important to keep Qubes updated to ensure you have the latest security updates. Frequently updating is one of the best ways to remain secure against new threats.
It’s also very important to make regular backups so that you don’t lose your data unexpectedly. The Qubes backup system allows you to do this securely and easily.
Here are some basic tasks you’re likely to want to perform often that are unique to Qubes as a multi-environment system. A full list is available in the How-To Guides section in the docs.
- How to Update
- How to Back Up, Restore, and Migrate
- How to Copy and Paste Text
- How to Copy and Move Files
- How to Copy from Dom0
- How to Install Software
- How to Use Devices (block storage, USB, and PCI devices)
If you encounter any problems, please visit the Help, Support, Mailing Lists, and Forum page.
Make sure your hardware satisfies the system requirements, as Qubes OS cannot run on every type of computer. You may also want to check out Qubes-certified Hardware and take a look at the Hardware Compatibility List (HCL).