Ask HN: Would it be possible to reimplement Qubes OS but lighter?
Would it be possible to reimplement a concept like QubesOS using something like Kata Containers, maybe with Firecracker MicroVM?
SubgraphOS uses sandboxes, so I think it's maybe a closer concept, but has critized because it has several vulnerabilities.
With Kata every container would be on a light VM with its own Kernel, so it would be closer I think to what Qubes provides, without needing Xen.
Would having a Host OS without an Hypervisor like Xen be a problem from a security point of view?
2 comments
[ 1.8 ms ] story [ 19.7 ms ] threadThe OSes you mention have relatively small user base and thus their security models are relatively unproven. I note that all of the environments you mention use Linux for the userland and thus you will have apps that also have potential security risks.
Perhaps it would be better to re-frame your question in terms of the requirements that you intend to address. For example for highest level of security you could go with an OS like seL4 and rewrite everything to avoid Linux system vulnerabilities. Probably not practical. And the rewrite is not guaranteed to be bug free.
The most secure environments are carefully specified and architected for their intended application. The more general purpose an environment the greater the number of potential vulnerabilities. It has been said that the most secure computer system is powered-off, disconnected from all communications and located in a locked and sealed underground vault in a remote off-the-grid location.