Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-07-27 00:35:57 -04:00
Code Issues Projects Releases Packages Wiki Activity

Convert to RST

Browse source 
This is done using tools at
https://github.com/maiska/qubes-translation-utilz, commit
4c8e2a7f559fd37e29b51769ed1ab1c6cf92e00d.
This commit is contained in:
Marek Marczykowski-Górecki 2025-07-04 14:23:09 +02:00
parent e3db139fe3
commit 7e464d0f40
No known key found for this signature in database
GPG key ID: F32894BE9684938A
428 changed files with 32833 additions and 29703 deletions
Download patch file Download diff file Expand all files Collapse all files

125
introduction/code-of-conduct.md
View file

@ -1,125 +0,0 @@
---
lang: en
layout: doc
permalink: /code-of-conduct/
ref: 118
title: Code of conduct
---
## Introduction
This Code of Conduct is a collaborative, evolving document that attempts to
transparently set out a public set of standards regarding appropriate conduct
in the Qubes OS Project. It is *not* intended to be a statement or endorsement,
whether implicit or explicit, of any particular political or philosophical
attitude, belief, or way of living. Rather, it is an attempt to find a
reasonable middle ground among the inevitable disagreements regarding free
expression that arise in a large, diverse community of people from around the
world. It is intended to be a practical means of serving the best interests of
our users, contributors, and the project itself. We welcome you to view the
[history of
changes](https://github.com/QubesOS/qubes-doc/commits/master/about/code-of-conduct.md)
to this document and the
[discussion](https://github.com/QubesOS/qubes-issues/issues/2163) leading to
its creation.
## Our Pledge
The Qubes OS project creates a reasonably secure OS. In the interest of
fostering an open and welcoming environment, we as contributors and maintainers
pledge to make participation in our project and our community a harassment-free
experience for everyone, regardless of age, body size, disability, ethnicity,
gender identity and expression, level of experience, nationality, personal
appearance, race, religion, sexual identity and orientation, or other
characteristic.
## Our Standards
Examples of behavior that contributes to creating a positive environment
include:
- Using welcoming and inclusive language
- Being respectful of differing viewpoints and experiences
- Gracefully accepting constructive criticism
- Focusing on what is best for the community
- Showing empathy towards other community members
Examples of unacceptable behavior by participants include:
- The use of sexualized language or imagery and unwelcome sexual attention or
advances
- Trolling, insulting/derogatory comments, and personal or political attacks
- Reinforcing stereotypical models for illustration of non-technical users
(e.g. our mothers/grandmothers, etc.)
- Public or private harassment, as defined by the [Citizen Code of
Conduct](https://github.com/stumpsyn/policies/blob/master/citizen_code_of_conduct.md)
- Publishing others' private information, such as a physical or electronic
address, without explicit permission
- Other conduct which could reasonably be considered inappropriate in a
professional setting
(Please also see our [discussion guidelines](/support/#discussion-guidelines).)
## Our Responsibilities
Project maintainers are responsible for clarifying the standards of acceptable
behavior and are expected to take appropriate and fair corrective action in
response to any instances of unacceptable behavior. This action can include
removing, editing, or rejecting comments, commits, code, wiki edits, issues,
and other contributions, or to ban temporarily or permanently any contributor
for other behaviors that they deem inappropriate, threatening, offensive, or
harmful.
## Scope
This Code of Conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community. Examples of
representing a project or community include using an official project e-mail
address, posting via an official social media account, or acting as an
appointed representative at an online or offline event. Representation of a
project may be further defined and clarified by project maintainers.
In all other cases, this Code of Conduct applies only in the official project
venues specified on [this page](/support/); it does not apply to unofficial
venues, community-run venues, or any other public or private place. For
example, if a Qubes user decides to create an unofficial discussion space on a
third-party platform, and someone appears to violate this Code of Conduct in
that space, we are not responsible for taking any action with respect to that
behavior; the venue; the venue's creators, owners, leaders, or moderators; or
anything else pertaining to the incident.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported by contacting the project CoC team at `mods@qubes-os.org`. The project
CoC team is the [Marek
Marczykowski-Górecki](/team/#marek-marczykowski-g%C3%B3recki), [Andrew David
Wong](/team/#andrew-david-wong), and [Michael Carbone](/team/#michael-carbone).
All complaints will be reviewed and investigated and will result in a response
that is deemed necessary and appropriate to the circumstances. The project team
is obligated to maintain confidentiality with regard to the reporter of an
incident, and will ensure reporter, reported and all others impacted are
regularly updated through the process. Further details of specific enforcement
policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good
faith may face temporary or permanent repercussions as determined by other
members of the project's leadership.
## A Note on Trust
Expect all contributions to be reviewed with some amount of healthy adversarial
skepticism, regardless of your perceived standing in the community. This is a
security project, and allowing ourselves to get complacent while reviewing code
simply because it comes from a well-known party would not be in the best
interest of the project. Please try not to get offended if you perceive your
contributions as being met with distrust -- we are most definitely thankful and
appreciative of your efforts, but must also remain vigilant in order to ensure
continued quality and safeguard against potential sabotage.
## Attribution
The initial published version of this Code of Conduct was adapted from the
[Contributor Covenant, version
1.4](https://contributor-covenant.org/version/1/4) and the [Rust Code of
Conduct](https://www.rust-lang.org/en-US/conduct.html).

86
introduction/code-of-conduct.rst Normal file
View file

@ -0,0 +1,86 @@
===============
Code of conduct
===============
Introduction
------------
This Code of Conduct is a collaborative, evolving document that attempts to transparently set out a public set of standards regarding appropriate conduct in the Qubes OS Project. It is *not* intended to be a statement or endorsement, whether implicit or explicit, of any particular political or philosophical attitude, belief, or way of living. Rather, it is an attempt to find a reasonable middle ground among the inevitable disagreements regarding free expression that arise in a large, diverse community of people from around the world. It is intended to be a practical means of serving the best interests of our users, contributors, and the project itself. We welcome you to view the `history of changes <https://github.com/QubesOS/qubes-doc/commits/master/about/code-of-conduct.md>`__ to this document and the `discussion <https://github.com/QubesOS/qubes-issues/issues/2163>`__ leading to its creation.
Our Pledge
----------
The Qubes OS project creates a reasonably secure OS. In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to make participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, sexual identity and orientation, or other characteristic.
Our Standards
-------------
Examples of behavior that contributes to creating a positive environment include:
- Using welcoming and inclusive language
- Being respectful of differing viewpoints and experiences
- Gracefully accepting constructive criticism
- Focusing on what is best for the community
- Showing empathy towards other community members
Examples of unacceptable behavior by participants include:
- The use of sexualized language or imagery and unwelcome sexual attention or advances
- Trolling, insulting/derogatory comments, and personal or political attacks
- Reinforcing stereotypical models for illustration of non-technical users (e.g. our mothers/grandmothers, etc.)
- Public or private harassment, as defined by the `Citizen Code of Conduct <https://github.com/stumpsyn/policies/blob/master/citizen_code_of_conduct.md>`__
- Publishing others private information, such as a physical or electronic address, without explicit permission
- Other conduct which could reasonably be considered inappropriate in a professional setting
(Please also see our :ref:`discussion guidelines <introduction/support:discussion guidelines>`.)
Our Responsibilities
--------------------
Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior. This action can include removing, editing, or rejecting comments, commits, code, wiki edits, issues, and other contributions, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
Scope
-----
This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
In all other cases, this Code of Conduct applies only in the official project venues specified on :doc:`this page </introduction/support>`; it does not apply to unofficial venues, community-run venues, or any other public or private place. For example, if a Qubes user decides to create an unofficial discussion space on a third-party platform, and someone appears to violate this Code of Conduct in that space, we are not responsible for taking any action with respect to that behavior; the venue; the venues creators, owners, leaders, or moderators; or anything else pertaining to the incident.
Enforcement
-----------
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project CoC team at ``mods@qubes-os.org``. The project CoC team is the `Marek Marczykowski-Górecki <https://www.qubes-os.org/team/#marek-marczykowski-g%C3%B3recki>`__, `Andrew David Wong <https://www.qubes-os.org/team/#andrew-david-wong>`__, and `Michael Carbone <https://www.qubes-os.org/team/#michael-carbone>`__. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident, and will ensure reporter, reported and all others impacted are regularly updated through the process. Further details of specific enforcement policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the projects leadership.
A Note on Trust
---------------
Expect all contributions to be reviewed with some amount of healthy adversarial skepticism, regardless of your perceived standing in the community. This is a security project, and allowing ourselves to get complacent while reviewing code simply because it comes from a well-known party would not be in the best interest of the project. Please try not to get offended if you perceive your contributions as being met with distrust we are most definitely thankful and appreciative of your efforts, but must also remain vigilant in order to ensure continued quality and safeguard against potential sabotage.
Attribution
-----------
The initial published version of this Code of Conduct was adapted from the `Contributor Covenant, version 1.4 <https://contributor-covenant.org/version/1/4>`__ and the `Rust Code of Conduct <https://www.rust-lang.org/en-US/conduct.html>`__.

60
introduction/contributing.md
View file

@ -1,60 +0,0 @@
---
lang: en
layout: doc
permalink: /doc/contributing/
redirect_from:
- /en/doc/contributing/
- /doc/ContributingHowto/
- /wiki/ContributingHowto/
ref: 125
title: How to contribute
---
Thank you for your interest in contributing to Qubes! Here are some of the many
ways in which you can help:
* Audit the [source code](/doc/source-code/)
* [Report security issues](/security/)
* [Send patches](/doc/source-code/#how-to-send-patches) to fix bugs or
implement features
* [Contribute packages](/doc/package-contributions)
* [Report bugs](/doc/issue-tracking/)
* [Test new releases and updates](/doc/testing/)
* Submit [HCL reports](/doc/hcl/) for your hardware
* Record [video tours](/video-tours/)
* Create [artwork](https://github.com/QubesOS/qubes-artwork) (plymouth themes,
installer themes, wallpapers, etc.)
* [Write and edit the documentation](/doc/how-to-edit-the-documentation)
* [Donate](/donate/) to the project
* If you represent an organization, become a [Qubes partner](/partners/)
* Add a [Qubes download mirror](/downloads/mirrors/)
* Answer questions and discuss Qubes on the [mailing lists](/support/) and
[forum](/support/#forum)
* Engage with us on social media:
* Follow us on [Twitter](https://twitter.com/QubesOS)
* Join us on [Reddit](https://www.reddit.com/r/Qubes/)
* Like us on [Facebook](https://www.facebook.com/QubesOS)
* Connect with us on [LinkedIn](https://www.linkedin.com/company/qubes-os/)
* And last but not least, tell your friends and colleagues about how Qubes can
help them secure their digital lives!
Contributing Code
-----------------
If you're interested in contributing code, the best starting point is to have a
look at our [GitHub issues](https://github.com/QubesOS/qubes-issues/issues) to
see which tasks are the most urgent. You can filter issues depending on your
interest and experience. For example, here are some common issue labels:
* [Help wanted](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22&utf8=%E2%9C%93)
* [UX and usability](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+label%3AUX)
* [Windows tools](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+label%3A%22C%3A+windows-tools%22)
* [Documentation](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+label%3A%22C%3A+doc%22)
* [Privacy](https://github.com/QubesOS/qubes-issues/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aopen%20label%3A%22privacy%22%20)
* [Debian/Ubuntu](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+label%3A%22C%3A+Debian%2FUbuntu%22)
Before you engage in an activity that will take you a significant amount of
time, like implementing a new feature, it's always good to contact us first,
preferably via the [qubes-devel](/support/#qubes-devel) mailing list. Once
we've worked out the details, we'll be grateful to [receive your
patch](/doc/source-code/#how-to-send-patches).

72
introduction/contributing.rst Normal file
View file

@ -0,0 +1,72 @@
=================
How to contribute
=================
Thank you for your interest in contributing to Qubes! Here are some of the many ways in which you can help:
- Audit the :doc:`source code </developer/code/source-code>`
- :doc:`Report security issues </project-security/security>`
- :ref:`Send patches <developer/code/source-code:how to send patches>` to fix bugs or implement features
- :doc:`Contribute packages </developer/general/package-contributions>`
- :doc:`Report bugs </introduction/issue-tracking>`
- :doc:`Test new releases and updates </user/downloading-installing-upgrading/testing>`
- Submit `HCL reports <https://www.qubes-os.org/hcl/>`__ for your hardware
- Record :doc:`video tours </introduction/video-tours>`
- Create `artwork <https://github.com/QubesOS/qubes-artwork>`__ (plymouth themes, installer themes, wallpapers, etc.)
- `Write and edit the documentation <https://www.qubes-os.org/doc/how-to-edit-the-documentation/>`__
- `Donate <https://www.qubes-os.org/donate/>`__ to the project
- If you represent an organization, become a `Qubes partner <https://www.qubes-os.org/partners/>`__
- Add a `Qubes download mirror <https://www.qubes-os.org/downloads/mirrors/>`__
- Answer questions and discuss Qubes on the :doc:`mailing lists </introduction/support>` and :ref:`forum <introduction/support:forum>`
- Engage with us on social media:
- Follow us on `Twitter <https://twitter.com/QubesOS>`__
- Join us on `Reddit <https://www.reddit.com/r/Qubes/>`__
- Like us on `Facebook <https://www.facebook.com/QubesOS>`__
- Connect with us on `LinkedIn <https://www.linkedin.com/company/qubes-os/>`__
- And last but not least, tell your friends and colleagues about how Qubes can help them secure their digital lives!
Contributing Code
-----------------
If youre interested in contributing code, the best starting point is to have a look at our `GitHub issues <https://github.com/QubesOS/qubes-issues/issues>`__ to see which tasks are the most urgent. You can filter issues depending on your interest and experience. For example, here are some common issue labels:
- `Help wanted <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22&utf8=%E2%9C%93>`__
- `UX and usability <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+label%3AUX>`__
- `Windows tools <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+label%3A%22C%3A+windows-tools%22>`__
- `Documentation <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+label%3A%22C%3A+doc%22>`__
- `Privacy <https://github.com/QubesOS/qubes-issues/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aopen%20label%3A%22privacy%22%20>`__
- `Debian/Ubuntu <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+label%3A%22C%3A+Debian%2FUbuntu%22>`__
Before you engage in an activity that will take you a significant amount of time, like implementing a new feature, its always good to contact us first, preferably via the :ref:`qubes-devel <introduction/support:qubes-devel>` mailing list. Once weve worked out the details, well be grateful to :ref:`receive your patch <developer/code/source-code:how to send patches>`.

809
introduction/faq.md
View file

@ -1,809 +0,0 @@
---
lang: en
layout: doc
permalink: /faq/
redirect_from:
- /doc/user-faq/
- /en/doc/user-faq/
- /doc/UserFaq/
- /wiki/UserFaq/
- /doc/devel-faq/
- /en/doc/devel-faq/
- /doc/DevelFaq/
- /wiki/DevelFaq/
ref: 124
title: Frequently asked questions (FAQ)
---
## General & Security
### What is Qubes OS?
Qubes OS is a security-focused operating system that allows you to organize your digital life into compartments called "qubes." If one qube is compromised, the others remain safe, so a single cyberattack can no longer take down your entire digital life in one fell swoop. You can think of using Qubes OS as having many different computers on your desk for different activities but with the convenience of a single physical machine, a single unified desktop environment, and a set of tools for using qubes together securely as parts of a unified system.
### Is Qubes OS free and open-source software?
There are two distinct senses of the word "free" when it comes to free software. The difference in commonly expressed by the phrases "free as in beer" and "free as in speech."
The first senses is straightforward. Qubes OS is "free as in beer," meaning that it is provided at no cost (_gratis_), though [donations](/donate/) are greatly appreciated.
The second sense is more complicated. Qubes OS is *mostly* "free as in speech," but not entirely. All the software created by the Qubes OS Project *itself* is [free (or "libre")](https://www.gnu.org/philosophy/free-sw) and [open-source](https://opensource.org/docs/definition.html) software ([FOSS or FLOSS](https://www.gnu.org/philosophy/floss-and-foss.en.html)).
This means that everyone is allowed to use, copy, study, and change the software in accordance with its [license](/doc/license/).
It also means that the [source code](/doc/source-code/) is [publicly available](https://github.com/QubesOS/) so everyone can audit and contribute to it.
However, since Qubes OS is a security-focused operating system, it includes some non-free firmware that was not created by the Qubes OS Project (such as CPU microcode), which is necessary in order to protect against known security vulnerabilities.
Moreover, the [architecture](/doc/architecture/) of Qubes OS as a meta-operating system means that it incorporates other software (including entire operating systems) from various upstream projects, some of which may include non-free software of their own.
In order to make the installation process easier for a wide range of users across many different devices, standard Qubes [templates](/doc/templates/) also include some non-free firmware and drivers.
Also see: [Will Qubes seek to get certified under the GNU Free System Distribution Guidelines (GNU FSDG)?](#will-qubes-seek-to-get-certified-under-the-gnu-free-system-distribution-guidelines-gnu-fsdg)
### Why is OS security important?
Most people use an operating system like Windows or macOS on their desktop and laptop computers.
These OSes are popular because they tend to be easy to use and usually come pre-installed on the computers people buy.
However, they present problems when it comes to security.
For example, you might open an innocent-looking email attachment or website, not realizing that you're actually allowing malware (malicious software) to run on your computer.
Depending on what kind of malware it is, it might do anything from showing you unwanted advertisements to logging your keystrokes to taking over your entire computer.
This could jeopardize all the information stored on or accessed by this computer, such as health records, confidential communications, or thoughts written in a private journal.
Malware can also interfere with the activities you perform with your computer.
For example, if you use your computer to conduct financial transactions, the malware might allow its creator to make fraudulent transactions in your name.
### Aren't antivirus programs and firewalls enough?
Unfortunately, conventional security approaches like antivirus programs and (software and/or hardware) firewalls are no longer enough to keep out sophisticated attackers.
For example, nowadays it's common for malware creators to check to see if their malware is recognized by any signature-based antivirus programs.
If it's recognized, they scramble their code until it's no longer recognizable by the antivirus programs, then send it out.
The best of these programs will subsequently get updated once the antivirus programmers discover the new threat, but this usually occurs at least a few days after the new attacks start to appear in the wild.
By then, it's too late for those who have already been compromised.
More advanced antivirus software may perform better in this regard, but it's still limited to a detection-based approach.
New zero-day vulnerabilities are constantly being discovered in the common software we all use, such as our web browsers, and no antivirus program or firewall can prevent all of these vulnerabilities from being exploited.
### How does Qubes OS provide security?
Qubes takes an approach called **security by compartmentalization**, which
allows you to compartmentalize the various parts of your digital life into
securely isolated compartments called *qubes*.
This approach allows you to keep the different things you do on your computer securely separated from each other in isolated qubes so that one qube getting compromised won't affect the others.
For example, you might have one qube for visiting untrusted websites and a different qube for doing online banking.
This way, if your untrusted browsing qube gets compromised by a malware-laden website, your online banking activities won't be at risk.
Similarly, if you're concerned about malicious email attachments, Qubes can make it so that every attachment gets opened in its own single-use [disposable qube](/doc/dispvm/).
In this way, Qubes allows you to do everything on the same physical computer without having to worry about a single successful cyberattack taking down your entire digital life in one fell swoop.
Moreover, all of these isolated qubes are integrated into a single, usable system.
Programs are isolated in their own separate qubes, but all windows are displayed in a single, unified desktop environment with unforgeable colored window borders so that you can easily identify windows from different security levels.
Common attack vectors like network cards and USB controllers are isolated in their own hardware qubes while their functionality is preserved through secure [networking](/doc/networking/), [firewalls](/doc/firewall), and [USB device management](/doc/usb-devices).
Integrated [file](/doc/copying-files) and [clipboard](/doc/copy-paste) copy and paste operations make it easy to work across various qubes without compromising security.
The innovative [Template](/doc/template-implementation) system separates software installation from software use, allowing qubes to share a root filesystem without sacrificing security (and saving disk space, to boot).
Qubes even allows you to sanitize PDFs and images in a few clicks.
Those concerned about physical hardware attacks will benefit from [Anti Evil Maid](/doc/anti-evil-maid/).
### How does Qubes OS provide privacy?
There can be no privacy without security, since security vulnerabilities allow privacy measures to be circumvented.
This makes Qubes exceptionally well-suited for implementing effective privacy tools.
Users concerned about privacy will appreciate the [integration of Whonix into Qubes](https://www.whonix.org/wiki/Qubes), which makes it easy to use [Tor](https://www.torproject.org/) securely.
For more information about how to use this powerful tool correctly and safely, please see [Qubes-Whonix Guides](https://www.whonix.org/wiki/Qubes#Guides).
For the privacy policies covering our website, repositories, Qubes OS itself, and more, please see [Privacy Policy](/privacy/).
### What about privacy in non-Whonix qubes?
The main way Qubes OS [provides privacy](#how-does-qubes-os-provide-privacy) is via its [integration with Whonix](https://www.whonix.org/wiki/Qubes).
Qubes OS does not claim to provide special privacy (as opposed to security) properties in non-Whonix qubes.
This includes [disposables](/doc/how-to-use-disposables/).
Privacy is far more difficult than is commonly understood.
In addition to the [web browser](https://www.torproject.org/projects/torbrowser/design/), there is also [VM fingerprinting](https://www.whonix.org/wiki/VM_Fingerprinting) and [advanced deanonymization attacks](https://www.whonix.org/wiki/Advanced_Deanonymization_Attacks) that most users have never considered (and this is just to mention a few examples).
The [Whonix Project](https://www.whonix.org/) specializes in [protecting against these risks](https://www.whonix.org/wiki/Protocol-Leak-Protection_and_Fingerprinting-Protection).
In order to achieve the same results in non-Whonix qubes (including disposables), one would have to reinvent Whonix.
Such duplication of effort makes no sense when Whonix already exists and is already integrated into Qubes OS.
Therefore, when you need privacy, you should use Whonix qubes.
Remember, though, that privacy is difficult to achieve and maintain.
Whonix is a powerful tool, but no tool is perfect.
Read the [documentation](https://www.whonix.org/wiki/Documentation) thoroughly and exercise care when using it.
### How does Qubes OS compare to using a "live CD" OS?
Booting your computer from a live CD (or DVD) when you need to perform sensitive activities can certainly be more secure than simply using your main OS, but this method still preserves many of the risks of conventional OSes.
For example, popular live OSes (such as [Tails](https://tails.boum.org/) and other Linux distributions) are still **monolithic** in the sense that all software is still running in the same OS.
This means, once again, that if your session is compromised, then all the data and activities performed within that same session are also potentially compromised.
### How does Qubes OS compare to running VMs in a conventional OS?
Not all virtual machine software is equal when it comes to security.
You may have used or heard of VMs in relation to software like VirtualBox or VMware Workstation.
These are known as "Type 2" or "hosted" hypervisors.
(The **hypervisor** is the software, firmware, or hardware that creates and runs virtual machines.)
These programs are popular because they're designed primarily to be easy to use and run under popular OSes like Windows (which is called the **host** OS, since it "hosts" the VMs).
However, the fact that Type 2 hypervisors run under the host OS means that they're really only as secure as the host OS itself.
If the host OS is ever compromised, then any VMs it hosts are also effectively compromised.
By contrast, Qubes uses a "Type 1" or "bare-metal" hypervisor called [Xen](https://www.xenproject.org/).
Instead of running inside an OS, Type 1 hypervisors run directly on the "bare metal" of the hardware.
This means that an attacker must be capable of subverting the hypervisor itself in order to compromise the entire system, which is vastly more difficult.
Qubes makes it so that multiple VMs running under a Type 1 hypervisor can be securely used as an integrated OS.
For example, it puts all of your application windows on the same desktop with special colored borders indicating the trust levels of their respective VMs.
It also allows for things like secure copy/paste operations between VMs, securely copying and transferring files between VMs, and secure networking between VMs and the Internet.
### How does Qubes OS compare to using a separate physical machine?
Using a separate physical computer for sensitive activities can certainly be more secure than using one computer with a conventional OS for everything, but there are still risks to consider.
Briefly, here are some of the main pros and cons of this approach relative to Qubes:
<div class="focus">
<i class="fa fa-check"></i> <strong>Pros</strong>
</div>
- Physical separation doesn't rely on a hypervisor. (It's very unlikely that an attacker will break out of Qubes' hypervisor, but if one were to manage to do so, one could potentially gain control over the entire system.)
- Physical separation can be a natural complement to physical security.
(For example, you might find it natural to lock your secure laptop in a safe when you take your unsecure laptop out with you.)
<div class="focus">
<i class="fa fa-times"></i> <strong>Cons</strong>
</div>
- Physical separation can be cumbersome and expensive, since we may have to obtain and set up a separate physical machine for each security level we need.
- There's generally no secure way to transfer data between physically separate computers running conventional OSes.
(Qubes has a secure inter-VM file transfer system to handle this.)
- Physically separate computers running conventional OSes are still independently vulnerable to most conventional attacks due to their monolithic nature.
- Malware which can bridge air gaps has existed for several years now and is becoming increasingly common.
(For more on this topic, please see the paper [Software compartmentalization vs. physical separation](https://invisiblethingslab.com/resources/2014/Software_compartmentalization_vs_physical_separation.pdf).)
### What is the main concept behind Qubes?
To build security on the "Security by Compartmentalization (or Isolation)" principle.
### What about other approaches to security?
The other two popular [approaches](https://blog.invisiblethings.org/2008/09/02/three-approaches-to-computer-security.html) are “Security by Correctness” and “Security by Obscurity.”
We don't believe either of these approaches are capable of providing reasonable security today, nor do we believe that they will be capable of doing so in the foreseeable future.
### How is Qubes different from other security solutions?
Please see this [article](https://blog.invisiblethings.org/2012/09/12/how-is-qubes-os-different-from.html) for a thorough discussion.
### Is Qubes just another Linux distribution?
If you really want to call it a distribution, then it's more of a "Xen distribution" than a Linux one.
But Qubes is much more than just Xen packaging.
It has its own VM management infrastructure, with support for template VMs, centralized VM updating, etc.
It also has a very unique GUI virtualization infrastructure.
### What about safe languages and formally verified microkernels?
In short: these are non-realistic solutions today.
We discuss this in further depth in our [Architecture Specification document](/attachment/doc/arch-spec-0.3.pdf).
### Why does Qubes use virtualization?
We believe that this is currently the only practically viable approach to implementing strong isolation while simultaneously providing compatibility with existing applications and drivers.
### Does Qubes use full disk encryption (FDE)?
By default, Qubes OS uses [LUKS](https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup)/[dm-crypt](https://en.wikipedia.org/wiki/Dm-crypt) to encrypt everything except the `/boot` partition.
### What do all these terms mean?
All Qubes-specific terms are defined in the [glossary](/doc/glossary/).
### Does Qubes run every app in a separate VM?
No! This would not make much sense.
Qubes uses lightweight VMs to create security qubes (e.g., "work," "personal," and "banking,").
A typical user would likely need around five qubes.
Very paranoid users, or those who are high-profile targets, might use a dozen or more qubes.
### Why does Qubes use Xen instead of KVM or some other hypervisor?
In short: we believe the Xen architecture allows for the creation of more secure systems (i.e. with a much smaller TCB, which translates to a smaller attack surface).
We discuss this in much greater depth in our [Architecture Specification document](/attachment/doc/arch-spec-0.3.pdf).
### How is Qubes affected by Xen Security Advisories (XSAs)?
See the [XSA Tracker](/security/xsa/).
### What about this other/new (micro)kernel/hypervisor?
Whenever starting a discussion about another (micro)kernel or hypervisor in relation to Qubes, we strongly suggest including answers to the following questions first:
1. What kinds of containers does it use for isolation? Processes? PV VMs? Fully virtualized VMs (HVMs)? And what underlying h/w technology is used (ring0/3, VT-x)?
2. Does it require specially written/built applications (e.g. patched Firefox)?
3. Does it require custom drivers, or can it use Linux/Windows ones?
4. Does it support VT-d, and does it allow for the creation of untrusted driver domains?
5. Does it support S3 sleep?
6. Does it work on multiple CPUs/Chipsets?
7. What are the performance costs, more or less? (e.g. "XYZ prevents concurrent execution of two domains/processes on shared cores of a single processor", etc.)
8. Other special features? E.g. eliminates cooperative covert channels between VMs?
Here are the answers for Xen 4.1 (which we use as of 2014-04-28):
1. PV and HVM Virtual Machines (ring0/3 for PV domains, VT-x/AMD-v for HVMs).
2. Runs unmodified usermode apps (binaries).
3. Runs unmodified Linux drivers (dom0 and driver domains). PV VMs require special written pvdrivers.
4. Full VT-d support including untrusted driver domains.
5. S3 sleep supported well.
6. Works on most modern CPUs/Chipsets.
7. Biggest performance hit on disk operations (especially in Qubes when complex 2-layer mapping used for Linux qubes). No GPU virtualization.
8. Mostly Works<sup>TM</sup> :)
### Which virtualization modes do VMs use?
Here is an overview of the VM virtualization modes:
VM type | Mode |
------------------------------------------ | ---- |
Default VMs without PCI devices (most VMs) | PVH |
Default VMs with PCI devices | HVM |
Stub domains - Default VMs w/o PCI devices | N/A |
Stub domains - Default VMs w/ PCI devices | PV |
Stub domains - HVMs | PV |
### What's so special about Qubes' GUI virtualization?
We have designed the GUI virtualization subsystem with two primary goals: security and performance.
Our GUI infrastructure introduces only about 2,500 lines of C code (LOC) into the privileged domain (Dom0), which is very little, and thus leaves little space for bugs and potential attacks.
At the same time, due to the smart use of Xen shared memory, our GUI implementation is very efficient, so most virtualized applications really feel as if they were executed natively.
### Why passwordless sudo?
Please refer to [this page](/doc/vm-sudo/).
### Why is dom0 so old?
Please see:
- [Installing and updating software in dom0](/doc/how-to-install-software-in-dom0/)
- [Note on dom0 and EOL](/doc/supported-releases/#note-on-dom0-and-eol)
### Do you recommend coreboot as an alternative to vendor BIOS?
Yes, where it is possible to use it an open source boot firmware ought to be more trustable than a closed source implementation.
[coreboot](https://www.coreboot.org/) is as a result a requirement for [Qubes Certified Hardware](/news/2016/07/21/new-hw-certification-for-q4/).
The number of machines coreboot currently supports is limited and the use of some vendor supplied blobs is generally still required.
Where coreboot does support your machine and is not already installed, you will generally need additional hardware to flash it.
Please see the coreboot website / their IRC channel for further information.
### How should I report documentation issues?
If you can fix the problem yourself, please see [how to edit the
documentation](/doc/how-to-edit-the-documentation). If not, please see [issue
tracking](/doc/issue-tracking).
### Will Qubes seek to get certified under the GNU Free System Distribution Guidelines (GNU FSDG)?
We wish we could, but the unfortunate reality right now is that an operating system *cannot be secure* without a certain minimum number of proprietary closed-source "blobs" (e.g., CPU microcode updates). A 100% free operating system that excludes all such blobs is vulnerable to known exploits and is therefore unsuitable for any use case where security matters.
Instead, Qubes aims to be as free as possible *without sacrificing security*. All of the code created by the Qubes OS Project itself is 100% free. However, in order for users to actually run that code securely on their hardware, we must pair it with a small number of non-free blobs, which disqualifies Qubes, [along with the vast majority of open-source Linux distributions](https://www.gnu.org/distros/common-distros.html), from GNU FSDG certification.
The [four essential freedoms](https://www.gnu.org/philosophy/free-sw.html) are part of the core of our philosophy, but so is security. Together, they inform our decisions and motivate our actions. Qubes aims to maximize both security and software freedom to the extent that they are compatible in the world today.
Also see [Is Qubes OS free and open-source software?](#is-qubes-os-free-and-open-source-software) and the Qubes OS [software license](/doc/license/).
### Should I trust this website?
This website is hosted on [GitHub Pages](https://pages.github.com/) ([why?](#why-do-you-use-github)).
Therefore, it is largely outside of our control.
We don't consider this a problem, however, since we explicitly [distrust the infrastructure](#what-does-it-mean-to-distrust-the-infrastructure).
For this reason, we don't think that anyone should place undue trust in the live version of this site on the Web.
Instead, if you want to obtain your own trustworthy copy of this website in a secure way, you should clone our [website repo](https://github.com/QubesOS/qubesos.github.io), [verify the PGP signatures on the commits and/or tags](/security/verifying-signatures/#how-to-verify-signatures-on-git-repository-tags-and-commits) signed by the [doc-signing keys](https://github.com/QubesOS/qubes-secpack/tree/master/keys/doc-signing) (which indicates that the content has undergone [review](/doc/how-to-edit-the-documentation/#security)), then either [render the site on your local machine](https://github.com/QubesOS/qubesos.github.io/blob/master/README.md#instructions) or simply read the source, the vast majority of which was [intentionally written in Markdown so as to be readable as plain text for this very reason](/doc/documentation-style-guide/#markdown-conventions).
We've gone to special effort to set all of this up so that no one has to trust the infrastructure and so that the contents of this website are maximally available and accessible.
### What does it mean to "distrust the infrastructure"?
A core tenet of the Qubes philosophy is "distrust the infrastructure," where "the infrastructure" refers to things like hosting providers, CDNs, DNS services, package repositories, email servers, PGP keyservers, etc.
As a project, we focus on securing endpoints instead of attempting to secure "the middle" (i.e., the infrastructure), since one of our primary goals is to free users from being forced to entrust their security to unknown third parties.
Instead, our aim is for users to be required to trust as few entities as possible (ideally, only themselves and any known persons whom they voluntarily decide to trust).
Users can never fully control all the infrastructure they rely upon, and they can never fully trust all the entities who do control it.
Therefore, we believe the best solution is not to attempt to make the infrastructure trustworthy, but instead to concentrate on solutions that obviate the need to do so.
We believe that many attempts to make the infrastructure appear trustworthy actually provide only the illusion of security and are ultimately a disservice to real users.
Since we don't want to encourage or endorse this, we make our distrust of the infrastructure explicit.
Also see: [Should I trust this website?](#should-i-trust-this-website)
### Why do you use GitHub?
Three main reasons:
1. We [distrust the infrastructure](#what-does-it-mean-to-distrust-the-infrastructure) including GitHub (though there are aspects we're still [working on](https://github.com/QubesOS/qubes-issues/issues/3958)).
2. It's free (as in beer). We'd have to spend either time or money to implement a solution ourselves or pay someone to do so, and we can't spare either one right now.
3. It has low admin/overhead requirements, which is very important, given how little time we have to spare.
Also see: [Should I trust this website?](#should-i-trust-this-website)
### Why doesn't this website have security feature X?
Although we caution users against [placing undue trust in this website](#should-i-trust-this-website) because we [distrust the infrastructure](#what-does-it-mean-to-distrust-the-infrastructure), we have no objection to enabling website security features when doing so is relatively costless and provides some marginal benefit to website visitors.
So, if feature X isn't enabled, it's most likely for one of three reasons:
1. Our GitHub Pages platform doesn't support it.
2. Our platform supports it, but we've decided not to enable it.
3. Our platform supports it, but we're not aware that we can enable it or have forgotten to do so.
If it seems like a feature that we can and should enable, please [let us know](/doc/issue-tracking/)!
### Why do the mailing lists require a Google account?
They don't. This is a common misconception. The mailing lists have never required a Google account. It has always been possible to use them purely via email (see the [mailing lists](/support/#mailing-lists) section for instructions).
A lot of people probably see that the mailing lists use Google Groups and just assume that a Google account must be required, but it's not true. Google Groups is simply used for the infrastructure. Of course, you *can* use the web interface with a Google account, but there are many people in the Qubes community who participate on the mailing lists without one.
### Why do you use Google Groups for the mailing lists?
For the same general reasons as listed in [FAQ: Why do you use GitHub?](/faq/#why-do-you-use-github)
## Users
### Can I watch YouTube videos in qubes?
Absolutely.
### Can I run applications, like games, which require hardware acceleration?
Those wont fly.
We do not provide GPU virtualization for Qubes.
This is mostly a security decision, as implementing such a feature would most likely introduce a great deal of complexity into the GUI virtualization infrastructure.
However, Qubes does allow for the use of accelerated graphics (e.g. OpenGL) in dom0s Window Manager, so all the fancy desktop effects should still work.
App qubes use a software-only (CPU-based) implementation of OpenGL, which may be good enough for basic games and applications.
For further discussion about the potential for GPU passthrough on Xen/Qubes, please see the following threads:
- [GPU passing to HVM](https://groups.google.com/group/qubes-devel/browse_frm/thread/31f1f2da39978573?scoring=d&q=GPU&)
- [Clarifications on GPU security](https://groups.google.com/group/qubes-devel/browse_frm/thread/31e2d8a47c8b4474?scoring=d&q=GPU&)
### Is Qubes a multi-user system?
No.
Qubes does not pretend to be a multi-user system.
Qubes assumes that the user who controls Dom0 controls the whole system.
It is very difficult to **securely** implement multi-user support.
See [here](https://groups.google.com/group/qubes-devel/msg/899f6f3efc4d9a06) for details.
However, in Qubes 4.x we will be implementing management functionality.
See [Admin API](/news/2017/06/27/qubes-admin-api/) and [Core Stack](/news/2017/10/03/core3/) for more details.
### What are the system requirements for Qubes OS?
See the [system requirements](/doc/system-requirements/).
### Is there a list of hardware that is compatible with Qubes OS?
See the [Hardware Compatibility List](/hcl/).
### Is there any certified hardware for Qubes OS?
See [Certified Hardware](/doc/certified-hardware/).
### How much disk space does each qube require?
Each qube is created from a template and shares the root filesystem with this template (in a read-only manner).
This means that each qube needs only as much disk space as is necessary to store its own private data.
This also means that it is possible to update the software for several qubes simultaneously by running a single update process in the template upon which those qubes are based.
(These qubes will then have to be restarted in order for the update to take effect in them.)
### How much memory is recommended for Qubes?
Please see the [system requirements](/doc/system-requirements/).
### Can I install Qubes on a system without VT-x/AMD-V or VT-d/AMD-Vi/AMD IOMMU?
Please see the [system requirements](/doc/system-requirements/) for the latest information.
If you are receiving an error message on install saying your "hardware lacks the features required to proceed", check to make sure the virtualization options are enabled in your BIOS/UEFI configuration.
You may be able to install without the required CPU features for testing purposes only, but VMs (in particular, sys-net) may not function correctly and there will be no security isolation.
For more information, see [Qubes-certified hardware](/doc/certified-hardware/).
### Why is VT-x/AMD-V important?
By default, Qubes uses Xen's PVH and HVM virtualization modes, which require VT-x/AMD-V.
This means that, without VT-x/AMD-V, no VMs will start in a default Qubes installation.
In addition, if your system lacks VT-x/AMD-V, then it also lacks VT-d/AMD-Vi/AMD IOMMU.
(See next question.)
### Why is VT-d/AMD-Vi/AMD IOMMU important?
On a system without VT-d/AMD-Vi/AMD IOMMU, there will be no real security benefit to having a separate NetVM, as an attacker could always use a simple [DMA attack](#what-is-a-dma-attack) to go from the NetVM to Dom0.
Nonetheless, all of Qubes' other security mechanisms, such as qube separation, work without VT-d/AMD-Vi/AMD IOMMU.
Therefore, a system running Qubes without VT-d/AMD-Vi/AMD IOMMU would still be significantly more secure than one running Windows, Mac, or Linux.
### What is a DMA attack?
Direct Memory Access (DMA) is mechanism for PCI devices to access system memory (read/write).
Without VT-d/AMD-Vi/AMD IOMMU, any PCI device can access all the memory, regardless of the VM to which it is assigned (or if it is left in dom0).
Most PCI devices allow the driver to request an arbitrary DMA operation (like "put received network packets at this address in memory", or "get this memory area and send it to the network").
So, without VT-d/AMD-Vi/AMD IOMMU, it gives unlimited access to the whole system.
Now, it is only a matter of knowing where to read/write to take over the system, instead of just crashing.
But since you can read the whole memory, it isn't that hard.
Now, how does this apply to Qubes OS?
The above attack requires access to a PCI device, which means that it can be performed only from the NetVM or USB VM, so someone must first break into one of those VMs.
But this isn't that hard, because there is a lot of complex code handling network traffic.
There is a history of bugs in DHCP clients, DNS clients, etc.
Most attacks on the NetVM and USB VM (but not all of them!) require being somewhat close to the target system, for example, being connected to the same Wi-Fi network, or in the case of a USB VM, having physical access to a USB port.
### Can I use AMD-v instead of VT-x?
Yes, and see [this message](https://groups.google.com/group/qubes-devel/msg/6412170cfbcb4cc5).
### Can I install Qubes in a virtual machine (e.g., on VMware)?
Some users have been able to do this, but it is neither recommended nor supported.
Qubes should be installed bare-metal.
(After all, it uses its own bare-metal hypervisor!)
### How many qubes should I have? What's a good way to organize them?
[How to organize your qubes](/doc/how-to-organize-your-qubes/) walks through several examples of how different types of users can set up their Qubes OS system to support their unique use cases.
### What is a terminal?
A [terminal emulator](https://en.wikipedia.org/wiki/Terminal_emulator), nowadays often referred to as just a *terminal*, is a program which provides a text window.
Inside that window, a [shell](https://en.wikipedia.org/wiki/Shell_(computing)) is typically running in it.
A shell provides a [command-line interface](https://en.wikipedia.org/wiki/Command-line_interface) where the user can enter and run [commands](https://en.wikipedia.org/wiki/Command_(computing)).
See introductions on Wikibooks: [here](https://en.wikibooks.org/wiki/Fedora_And_Red_Hat_System_Administration/Shell_Basics), [here](https://en.wikibooks.org/wiki/A_Quick_Introduction_to_Unix) and [here](https://en.wikibooks.org/wiki/Bash_Shell_Scripting).
### Why does my network adapter not work?
You may have an adapter (wired, wireless), that is not compatible with open-source drivers shipped by Qubes.
You may need to install a binary blob, which provides drivers, from the linux-firmware package.
Open a terminal and run `sudo dnf install linux-firmware` in the template upon which your NetVM is based.
You have to restart the NetVM after the template has been shut down.
### Can I install Qubes OS together with other operating system (dual-boot/multi-boot)?
You shouldn't do that, because it poses a security risk for your Qubes OS installation.
But if you understand the risk and accept it, read [documentation on multibooting](https://forum.qubes-os.org/t/18988).
It begins with an explanation of the risks with such a setup.
### Which version of Qubes am I running?
See [here](/doc/version-scheme/#check-installed-version).
### My qubes lost internet access after a template update. What should I do?
See [Update Troubleshooting](/doc/update-troubleshooting/#lost-internet-access-after-a-template-update).
### My keyboard layout settings are not behaving correctly. What should I do?
See [Hardware Troubleshooting](/doc/hardware-troubleshooting/#keyboard-layout-settings-not-behaving-correctly).
### My dom0 and/or template update stalls when attempting to update via the GUI tool. What should I do?
This can usually be fixed by updating via the command line.
In dom0, open a terminal and run `sudo qubes-dom0-update`.
In your templates, open a terminal and run `sudo dnf upgrade`.
### How do I run a Windows HVM in non-seamless mode (i.e., as a single window)?
Enable "debug mode" in the qube's settings, either by checking the box labeled "Run in debug mode" in the Qubes VM Manager qube settings menu or by running the `qvm-prefs` command.
### I created a USB VM and assigned USB controllers to it. Now the USB VM won't boot.
This is probably because one of the controllers does not support reset.
See the [USB Troubleshooting guide](/doc/usb-troubleshooting/#usb-vm-does-not-boot-after-creating-and-assigning-usb-controllers-to-it).
### I assigned a PCI device to a qube, then unassigned it/shut down the qube. Why isn't the device available in dom0?
This is an intended feature.
A device which was previously assigned to a less trusted qube could attack dom0 if it were automatically reassigned there.
In order to re-enable the device in dom0, either:
- Reboot the physical machine.
or
- Go to the sysfs (`/sys/bus/pci`), find the right device, detach it from the pciback driver and attach back to the original driver. Replace `<BDF>` with your device, for example `00:1c.2`:
```
echo 0000:<BDF> > /sys/bus/pci/drivers/pciback/unbind
MODALIAS=`cat /sys/bus/pci/devices/0000:<BDF>/modalias`
MOD=`modprobe -R $MODALIAS | head -n 1`
echo 0000:<BDF> > /sys/bus/pci/drivers/$MOD/bind
```
See also [here](/doc/assigning-devices/).
### How do I play video files?
If you're having trouble playing a video file in a qube, you're probably missing the required codecs.
The easiest way to resolve this is to install VLC Media Player and use that to play your video files.
You can do this in multiple different template distros (Fedora, Debian, etc.).
For Debian:
1. (Recommended) Clone an existing Debian template
2. Install VLC in that template:
```bash_session
$ sudo apt install vlc
```
3. Use VLC to play your video files.
For Fedora:
1. (Recommended) Clone an existing Fedora template
2. [Enable the appropriate RPMFusion repos in the desired Fedora template](/doc/how-to-install-software/#rpmfusion-for-fedora-templates).
3. Install VLC in that template:
```bash_session
$ sudo dnf install vlc
```
4. Use VLC to play your video files.
### How do I access my external drive?
The recommended approach is to pass only the specific partition you intend to use from [`sys-usb`](/doc/usb/) to another qube via `qvm-block`.
They will show up in the destination qube as `/dev/xvd*` and must be mounted manually.
Another approach is to attach the entire USB drive to your destination qube.
However, this could theoretically lead to an attack because it forces the destination qube to parse the device's partition table.
If you believe your device is safe, you may proceed to attach it.
In Qubes 4.0, this is accomplished with the Devices Widget located in the tool tray (default top right corner, look for an icon with a yellow square).
From the top part of the list, click on the drive you want to attach, then select the qube to attach it to.
Although you can also attach the entire USB device to a qube by selecting it from the bottom part of the list, in general this approach should not be used because you are exposing the target qube to unnecessary additional attack surface.
Although external media such as external hard drives or flash drives plugged in via USB are available in the USB qube, it is not recommended to access them directly from inside the USB qube.
See [Block (Storage) Devices](/doc/how-to-use-block-storage-devices/) for more information.
### My encrypted drive doesn't appear in Debian qube.
This is an issue that affects qubes based on Debian Jessie.
The problem is fixed in Stretch, and does not affect Fedora-based qubes.
A mixed drive with some encrypted partitions appears correctly in Nautilus.
The encrypted partitions are identified and the user is prompted for password on attempting to mount the partition.
A fully encrypted drive does not appear in Nautilus.
The workaround is to manually decrypt and mount the drive:
1. Attach USB device to qube - it should be attached as `/dev/xvdi` or similar.
2. `sudo cryptsetup open /dev/xvdi bk --type luks`
3. `sudo cryptsetup status /dev/mapper/bk` (Shows useful status info.)
4. `sudo mount /dev/mapper/bk /mnt`
The decrypted device is now available at `/mnt` - when you have finished using it unmount and close the drive.
1. `sudo umount /mnt`
2. `sudo cryptsetup close bk --type luks`
3. Remove USB from qube.
### Windows Update is stuck.
This has nothing to do with Qubes.
[It's a longstanding Windows bug.](https://superuser.com/questions/951960/windows-7-sp1-windows-update-stuck-checking-for-updates)
### Fullscreen Firefox is frozen.
Press `F11` twice.
### I have weird graphics glitches like the screen turning partially black.
If it seems like the issue described in [this thread](https://github.com/QubesOS/qubes-issues/issues/2399), try disabling the window compositor:
- Q → System Tools → Window Manager Tweaks → Compositor → uncheck "Enable display compositing"
Please report (via the mailing lists) if you experience this issue, and whether disabling the compositor fixes it for you or not.
### My HVM in Qubes R4.0 won't let me start/install an OS
I see a screen popup with SeaBios and 4 lines, last one being `Probing EDD (edd=off to disable!... ok`.
From a `dom0` prompt, enter:
```
qvm-prefs <HVMname> kernel ""
```
### When I try to install a template, it says no match is found.
See [VM Troubleshooting](/doc/vm-troubleshooting/#no-match-found-when-trying-to-install-a-template).
### I keep getting "Failed to synchronize cache for repo" errors when trying to update my Fedora templates
See [Update Troubleshooting](/doc/update-troubleshooting/#failed-to-synchronize-cache-for-repo-errors-when-updating-fedora-templates).
### I see a "Failed to start Load Kernel Modules" message on boot
The full message looks like:
```
[FAILED] Failed to start Load Kernel Modules.
See 'systemctl status systemd-modules-load.service' for details.
```
This is cosmetic only, and can safely be ignored.
### Why is Qubes so slow and how can I make it faster?
During boot, Qubes starts several virtual machines.
Having so many qubes running at once inevitably strains the resources of your computer and causes slowness.
The most effective way to speed up Qubes is to get more powerful hardware -- a fast CPU, a lot of memory and fast SSDs.
Qubes is slower when reading from the disk because of the VM overhead, which is why we recommend installing it on a fast SSD.
### Could you please make my preference the default?
It would be great if Qubes were configured just the way we like it by default with all of our favorite programs and settings.
Then, we could just install Qubes without having to install any programs in it or adjust any settings.
We might even think that if a particular program or setting works so well for *us*, it would work well for *everyone*, so we'd actually be doing everyone a favor!
The problem is that Qubes has [tens of thousands of different users](/statistics/) with radically different needs and purposes.
There is no particular configuration that will be ideal for everyone (despite how much we might feel that our preference would be better for everyone), so the best we can do is to put power in the hands of users to configure their Qubes installations the way they like (subject to security constraints, of course).
For this reason, we generally do not grant requests for people's favorite programs to be installed by default or for some setting that obviously varies by user preference to be changed so that it matches the requester's preference.
See also: [What is Qubes attitude toward changing guest distros?](#what-is-qubes-attitude-toward-changing-guest-distros)
### Software installed in a qube is gone after restarting. Why?
Software must be [installed in the template](/doc/how-to-install-software/) on which your qube is based.
## Developers
### Are there restrictions on the software that the Qubes developers are willing to use?
Yes.
In general, the Qubes developers will not use a piece of software unless there is an *easy* way to verify both its **integrity** and **authenticity**, preferably via PGP signatures (see [Verifying Signatures](/security/verifying-signatures/)).
Specifically:
- If PGP signatures are used, the signing key(s) should have well-publicized fingerprint(s) verifiable via multiple independent channels or be accessible to the developers through a web of trust.
- If the software is security-sensitive and requires communication with the outside world, a "split" implementation is highly preferred (for examples, see [Split GPG](/doc/split-gpg/) and [Split Bitcoin](/doc/split-bitcoin/)).
- If the software has dependencies, these should be packaged and available in repos for a [current, Qubes-supported version](/doc/supported-releases/#templates) of Fedora (preferred) or Debian (unless all the insecure dependencies can run in an untrusted VM in a "split" implementation).
- If the software must be built from source, the source code and any builders must be signed.
(Practically speaking, the more cumbersome and time-consuming it is to build from source, the less likely the developers are to use it.)
### Why does dom0 need to be 64-bit?
Since 2013 [Xen has not supported 32-bit x86 architecture](https://wiki.xenproject.org/wiki/Xen_Project_Release_Features) and Intel VT-d, which Qubes uses to isolate devices and drivers, is available on Intel 64-bit processors only.
In addition, with features like improved ASLR, it is often more difficult to exploit a bug on x64 Linux than x86 Linux.
While we designed Qubes from the beginning to limit potential attack vectors, we still realize that some of the code running in Dom0, e.g. our GUI daemon or xen-store daemon, however simple, might contain some bugs.
Plus since we haven't implemented a separate storage domain, the disk backends are in Dom0 and are "reachable" from the VMs, which adds up to the potential attack surface.
So, having faced a choice between 32-bit and 64-bit OS for Dom0, it was almost a no-brainer.
The 64-bit option provides some (little perhaps, but some) more protection against some classes of attacks, and at the same time does not have any disadvantages except the extra requirement of a 64 bit processor.
And even though Qubes now "needs" a 64 bit processor, it didn't make sense to run Qubes on a system without 3-4GB of memory, and those have 64-bit CPUs anyway.
### What is the recommended build environment for Qubes OS?
Any rpm-based, 64-bit environment, the preferred OS being Fedora.
### How do I build Qubes from sources?
See [these instructions](/doc/qubes-builder-v2/).
### How do I submit a patch?
See the [Qubes Source Code Repositories](/doc/source-code/) article.
### What is Qubes' attitude toward changing guest distros?
In general, we try to respect each distro's culture, but we reserve the right to make modifications that we deem appropriate.
See the discussion on issue [#1014](https://github.com/QubesOS/qubes-issues/issues/1014) for an example.
The policy is there mostly to ease maintenance, on several levels:
- Less modifications means easier migration to new upstream distribution
releases.
- The upstream documentation matches the distribution running in the Qubes VM.
- We're less likely to introduce Qubes-specific issues.
- Each officially supported distribution (ideally) should offer the same set of
Qubes-specific features - a change in one supported distribution should be
followed also in others, including new future distributions.
### Why don't you fix upstream bugs that affect Qubes OS?
First, a bit of background in case you're new to the open-source software
world: There are a huge number of different open-source projects that each
focus on the software they create and maintain. Some focus on specific
frameworks, libraries, and background subsystems that most users never see.
Others focus on specific tools and apps that use these frameworks, libraries,
and background subsystems. Still others focus on combining many different tools
and apps. And some, like Qubes OS, are entire operating systems that include
all kinds of other software. When one piece of software uses a different piece
of software, the piece of software being used is said to be "upstream," while
the piece of software using it said to be "downstream." For example, Qubes OS
uses the Xen hypervisor, so Xen is upstream relative to Qubes, and Qubes is
downstream relative to Xen (and likewise for the respective project that
creates and maintains each piece of software).
Many open-source operating systems, including Qubes OS, are transparent about
the fact that they are "compilations" of upstream software. By contrast,
proprietary, commercial operating systems like Windows and macOS tend to either
obscure this fact or avoid using upstream software in favor of doing everything
in-house, because they have the huge workforce and commercial revenue that
allows them to do so. If you're accustomed to using a proprietary, commercial
operating system, then you may need some time to get used to the fact that
Qubes OS is a compilation of many different pieces of open-source software.
Now, let's get to the original question: Why don't we fix upstream bugs that
affect Qubes OS? This question can come up in different ways. For example, many
people, especially those who aren't familiar with how open-source software
development works, wonder why we sometimes close [issues](/doc/issue-tracking/)
as "not our bug." Don't we care about the Qubes users who are affected by these
bugs? Are we really so cold and heartless?
On the contrary, it is precisely because we care so much about Qubes users that
we do this. It's important to understand that Qubes OS combines different
pieces of software from a very large number of upstream projects (especially
since it includes entire separate OSes inside of itself) and that many of these
projects have much larger workforces and much more funding than we do. They are
better equipped to fix bugs in their own software. Not only are they the ones
who wrote the code, they're also more familiar with how best to integrate any
fixes into the entire code base for maintainability. Besides, they own the
code. We can't force any other project to accept a patch, even if we sincerely
believe it's a good bug fix. In some cases, we have to maintain our own fork of
an upstream project, which just adds to our ongoing maintenance burden.
In contrast to some of the large upstream projects whose software we use, the
Qubes OS Project is small, lean, and focused on one goal: creating and
maintaining a reasonably secure operating system for regular desktop users. The
Qubes core developers are specialists. They are among the best in the world at
virtualization security, low-level system security, and implementing
security-by-compartmentalization at the operating-system level. There are many
aspects of Qubes OS engineering work for which they are uniquely qualified.
Recognizing this, it only makes sense to focus their time where it will provide
the greatest benefit, on doing security-related work that only they can do. By
contrast, it would be a wasteful misallocation of skill and talent (to the
long-term detriment of Qubes users) to have them fixing bugs that are in code
they didn't write, that doesn't belong to them, that (in some cases) belongs to
a huge upstream project with ample time and resources, and that the upstream
project is equally capable of fixing (and, in many cases, is *better* suited to
fix, as that's *their* area of specialization).
Moreover, the question is based on a faulty assumption in the first place,
because we already *do* in fact fix some upstream bugs that affect Qubes OS.
For example, the Qubes core developers have made significant upstream Xen
contributions, particularly in the area of security, as that's where our
developers specialize. So, the original question should really be rephrased to
ask, "Why don't you fix *every* upstream bug that affects Qubes OS?" In light
of the foregoing explanation, we hope you agree that this would be an
unreasonable expectation.
"Very well," you might be thinking, "but there's still an upstream bug that
affects me! What can I do about it?" Recall what we discussed above about how
the open-source world works. If there's a bug in some piece of upstream
software, then there's an open-source project responsible for creating and
maintaining that software. They're the ones who wrote the code and who are best
equipped to fix the bug. You should file a bug report in *that* project's issue
tracker instead. Not only will you be helping all other affected Qubes users,
you'll also be helping *all* downstream users of that software!
(Note: If you're wondering about cases in which a bug has already been fixed
upstream but hasn't yet arrived in your Qubes OS release, please see
[backports](/doc/issue-tracking/#backports). These are *not* cases in which an
issue is closed as "not our bug.")
### Is the I/O emulation component (QEMU) part of the Trusted Computing Base (TCB)?
No. Unlike many other virtualization systems, Qubes takes special effort to keep QEMU _outside_ of the TCB.
This has been achieved thanks to the careful use of Xen's stub domain feature.
For more details about how we improved on Xen's native stub domain use, see [here](https://blog.invisiblethings.org/2012/03/03/windows-support-coming-to-qubes.html).
### Is Secure Boot supported?
UEFI Secure Boot is not supported out of the box as UEFI support in Xen is very basic.
Arguably secure boot reliance on UEFI integrity is not the best design.
The relevant binaries (shim.efi, xen.efi, kernel / initramfs) are not signed by the Qubes Team and secure boot has not been tested.
Intel TXT (used in [Anti Evil Maid](/doc/anti-evil-maid/)) at least tries to avoid or limit trust in BIOS.
See the Heads project [[1]](https://trmm.net/Heads) [[2]](https://osresearch.net/) for a better-designed non-UEFI-based secure boot scheme with very good support for Qubes.
### What is the canonical way to detect Qubes VM?
Check `/usr/share/qubes/marker-vm` file existence. Additionally, its last line contains Qubes release version (e.g., `4.0`).
The file was introduced after the initial Qubes 4.0 release.
If you need to support not-fully-updated systems, check for the existence of `/usr/bin/qrexec-client-vm`.
### Is there a way to automate tasks for continuous integration or DevOps?
Yes, Qubes natively supports automation via [Salt (SaltStack)](/doc/salt/).
There is also the unofficial [ansible-qubes toolkit](https://github.com/Rudd-O/ansible-qubes).
(**Warning:** Since this is an external project that has not been reviewed or endorsed by the Qubes team, [allowing it to manage dom0 may be a security risk](https://forum.qubes-os.org/t/19075#dom0-precautions).)

837
introduction/faq.rst Normal file
View file

@ -0,0 +1,837 @@
================================
Frequently asked questions (FAQ)
================================
General & Security
------------------
What is Qubes OS?
^^^^^^^^^^^^^^^^^
Qubes OS is a security-focused operating system that allows you to organize your digital life into compartments called “qubes.” If one qube is compromised, the others remain safe, so a single cyberattack can no longer take down your entire digital life in one fell swoop. You can think of using Qubes OS as having many different computers on your desk for different activities but with the convenience of a single physical machine, a single unified desktop environment, and a set of tools for using qubes together securely as parts of a unified system.
Is Qubes OS free and open-source software?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
There are two distinct senses of the word “free” when it comes to free software. The difference in commonly expressed by the phrases “free as in beer” and “free as in speech.”
The first senses is straightforward. Qubes OS is “free as in beer,” meaning that it is provided at no cost (*gratis*), though `donations <https://www.qubes-os.org/donate/>`__ are greatly appreciated.
The second sense is more complicated. Qubes OS is *mostly* “free as in speech,” but not entirely. All the software created by the Qubes OS Project *itself* is `free (or “libre”) <https://www.gnu.org/philosophy/free-sw>`__ and `open-source <https://opensource.org/docs/definition.html>`__ software (`FOSS or FLOSS <https://www.gnu.org/philosophy/floss-and-foss.en.html>`__). This means that everyone is allowed to use, copy, study, and change the software in accordance with its :doc:`license </developer/code/license>`. It also means that the :doc:`source code </developer/code/source-code>` is `publicly available <https://github.com/QubesOS/>`__ so everyone can audit and contribute to it.
However, since Qubes OS is a security-focused operating system, it includes some non-free firmware that was not created by the Qubes OS Project (such as CPU microcode), which is necessary in order to protect against known security vulnerabilities. Moreover, the :doc:`architecture </developer/system/architecture>` of Qubes OS as a meta-operating system means that it incorporates other software (including entire operating systems) from various upstream projects, some of which may include non-free software of their own. In order to make the installation process easier for a wide range of users across many different devices, standard Qubes :doc:`templates </user/templates/templates>` also include some non-free firmware and drivers.
Also see: `Will Qubes seek to get certified under the GNU Free System Distribution Guidelines (GNU FSDG)? <#will-qubes-seek-to-get-certified-under-the-gnu-free-system-distribution-guidelines-gnu-fsdg>`__
Why is OS security important?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Most people use an operating system like Windows or macOS on their desktop and laptop computers. These OSes are popular because they tend to be easy to use and usually come pre-installed on the computers people buy. However, they present problems when it comes to security. For example, you might open an innocent-looking email attachment or website, not realizing that youre actually allowing malware (malicious software) to run on your computer. Depending on what kind of malware it is, it might do anything from showing you unwanted advertisements to logging your keystrokes to taking over your entire computer. This could jeopardize all the information stored on or accessed by this computer, such as health records, confidential communications, or thoughts written in a private journal. Malware can also interfere with the activities you perform with your computer. For example, if you use your computer to conduct financial transactions, the malware might allow its creator to make fraudulent transactions in your name.
Aren't antivirus programs and firewalls enough?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Unfortunately, conventional security approaches like antivirus programs and (software and/or hardware) firewalls are no longer enough to keep out sophisticated attackers. For example, nowadays its common for malware creators to check to see if their malware is recognized by any signature-based antivirus programs. If its recognized, they scramble their code until its no longer recognizable by the antivirus programs, then send it out. The best of these programs will subsequently get updated once the antivirus programmers discover the new threat, but this usually occurs at least a few days after the new attacks start to appear in the wild. By then, its too late for those who have already been compromised. More advanced antivirus software may perform better in this regard, but its still limited to a detection-based approach. New zero-day vulnerabilities are constantly being discovered in the common software we all use, such as our web browsers, and no antivirus program or firewall can prevent all of these vulnerabilities from being exploited.
How does Qubes OS provide security?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Qubes takes an approach called **security by compartmentalization**, which allows you to compartmentalize the various parts of your digital life into securely isolated compartments called *qubes*.
This approach allows you to keep the different things you do on your computer securely separated from each other in isolated qubes so that one qube getting compromised wont affect the others. For example, you might have one qube for visiting untrusted websites and a different qube for doing online banking. This way, if your untrusted browsing qube gets compromised by a malware-laden website, your online banking activities wont be at risk. Similarly, if youre concerned about malicious email attachments, Qubes can make it so that every attachment gets opened in its own single-use :doc:`disposable qube </user/how-to-guides/how-to-use-disposables>`. In this way, Qubes allows you to do everything on the same physical computer without having to worry about a single successful cyberattack taking down your entire digital life in one fell swoop.
Moreover, all of these isolated qubes are integrated into a single, usable system. Programs are isolated in their own separate qubes, but all windows are displayed in a single, unified desktop environment with unforgeable colored window borders so that you can easily identify windows from different security levels. Common attack vectors like network cards and USB controllers are isolated in their own hardware qubes while their functionality is preserved through secure :doc:`networking </developer/system/networking>`, :doc:`firewalls </user/security-in-qubes/firewall>`, and :doc:`USB device management </user/how-to-guides/how-to-use-usb-devices>`. Integrated :doc:`file </user/how-to-guides/how-to-copy-and-move-files>` and :doc:`clipboard </user/how-to-guides/how-to-copy-and-paste-text>` copy and paste operations make it easy to work across various qubes without compromising security. The innovative :doc:`Template </developer/system/template-implementation>` system separates software installation from software use, allowing qubes to share a root filesystem without sacrificing security (and saving disk space, to boot). Qubes even allows you to sanitize PDFs and images in a few clicks. Those concerned about physical hardware attacks will benefit from :doc:`Anti Evil Maid </user/security-in-qubes/anti-evil-maid>`.
How does Qubes OS provide privacy?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
There can be no privacy without security, since security vulnerabilities allow privacy measures to be circumvented. This makes Qubes exceptionally well-suited for implementing effective privacy tools.
Users concerned about privacy will appreciate the `integration of Whonix into Qubes <https://www.whonix.org/wiki/Qubes>`__, which makes it easy to use `Tor <https://www.torproject.org/>`__ securely. For more information about how to use this powerful tool correctly and safely, please see `Qubes-Whonix Guides <https://www.whonix.org/wiki/Qubes#Guides>`__.
For the privacy policies covering our website, repositories, Qubes OS itself, and more, please see :doc:`Privacy Policy </introduction/privacy>`.
What about privacy in non-Whonix qubes?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The main way Qubes OS `provides privacy <#how-does-qubes-os-provide-privacy>`__ is via its `integration with Whonix <https://www.whonix.org/wiki/Qubes>`__. Qubes OS does not claim to provide special privacy (as opposed to security) properties in non-Whonix qubes. This includes :doc:`disposables </user/how-to-guides/how-to-use-disposables>`.
Privacy is far more difficult than is commonly understood. In addition to the `web browser <https://www.torproject.org/projects/torbrowser/design/>`__, there is also `VM fingerprinting <https://www.whonix.org/wiki/VM_Fingerprinting>`__ and `advanced deanonymization attacks <https://www.whonix.org/wiki/Advanced_Deanonymization_Attacks>`__ that most users have never considered (and this is just to mention a few examples). The `Whonix Project <https://www.whonix.org/>`__ specializes in `protecting against these risks <https://www.whonix.org/wiki/Protocol-Leak-Protection_and_Fingerprinting-Protection>`__.
In order to achieve the same results in non-Whonix qubes (including disposables), one would have to reinvent Whonix. Such duplication of effort makes no sense when Whonix already exists and is already integrated into Qubes OS.
Therefore, when you need privacy, you should use Whonix qubes. Remember, though, that privacy is difficult to achieve and maintain. Whonix is a powerful tool, but no tool is perfect. Read the `documentation <https://www.whonix.org/wiki/Documentation>`__ thoroughly and exercise care when using it.
How does Qubes OS compare to using a "live CD" OS?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Booting your computer from a live CD (or DVD) when you need to perform sensitive activities can certainly be more secure than simply using your main OS, but this method still preserves many of the risks of conventional OSes. For example, popular live OSes (such as `Tails <https://tails.boum.org/>`__ and other Linux distributions) are still **monolithic** in the sense that all software is still running in the same OS. This means, once again, that if your session is compromised, then all the data and activities performed within that same session are also potentially compromised.
How does Qubes OS compare to running VMs in a conventional OS?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Not all virtual machine software is equal when it comes to security. You may have used or heard of VMs in relation to software like VirtualBox or VMware Workstation. These are known as “Type 2” or “hosted” hypervisors. (The **hypervisor** is the software, firmware, or hardware that creates and runs virtual machines.) These programs are popular because theyre designed primarily to be easy to use and run under popular OSes like Windows (which is called the **host** OS, since it “hosts” the VMs). However, the fact that Type 2 hypervisors run under the host OS means that theyre really only as secure as the host OS itself. If the host OS is ever compromised, then any VMs it hosts are also effectively compromised.
By contrast, Qubes uses a “Type 1” or “bare-metal” hypervisor called `Xen <https://www.xenproject.org/>`__. Instead of running inside an OS, Type 1 hypervisors run directly on the “bare metal” of the hardware. This means that an attacker must be capable of subverting the hypervisor itself in order to compromise the entire system, which is vastly more difficult.
Qubes makes it so that multiple VMs running under a Type 1 hypervisor can be securely used as an integrated OS. For example, it puts all of your application windows on the same desktop with special colored borders indicating the trust levels of their respective VMs. It also allows for things like secure copy/paste operations between VMs, securely copying and transferring files between VMs, and secure networking between VMs and the Internet.
How does Qubes OS compare to using a separate physical machine?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Using a separate physical computer for sensitive activities can certainly be more secure than using one computer with a conventional OS for everything, but there are still risks to consider. Briefly, here are some of the main pros and cons of this approach relative to Qubes:
|checkmark| **Pros**
- Physical separation doesnt rely on a hypervisor. (Its very unlikely that an attacker will break out of Qubes hypervisor, but if one were to manage to do so, one could potentially gain control over the entire system.)
- Physical separation can be a natural complement to physical security. (For example, you might find it natural to lock your secure laptop in a safe when you take your unsecure laptop out with you.)
|redx| **Cons**
- Physical separation can be cumbersome and expensive, since we may have to obtain and set up a separate physical machine for each security level we need.
- Theres generally no secure way to transfer data between physically separate computers running conventional OSes. (Qubes has a secure inter-VM file transfer system to handle this.)
- Physically separate computers running conventional OSes are still independently vulnerable to most conventional attacks due to their monolithic nature.
- Malware which can bridge air gaps has existed for several years now and is becoming increasingly common.
(For more on this topic, please see the paper `Software compartmentalization vs. physical separation <https://invisiblethingslab.com/resources/2014/Software_compartmentalization_vs_physical_separation.pdf>`__.)
What is the main concept behind Qubes?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
To build security on the “Security by Compartmentalization (or Isolation)” principle.
What about other approaches to security?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The other two popular `approaches <https://blog.invisiblethings.org/2008/09/02/three-approaches-to-computer-security.html>`__ are “Security by Correctness” and “Security by Obscurity.” We dont believe either of these approaches are capable of providing reasonable security today, nor do we believe that they will be capable of doing so in the foreseeable future.
How is Qubes different from other security solutions?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Please see this `article <https://blog.invisiblethings.org/2012/09/12/how-is-qubes-os-different-from.html>`__ for a thorough discussion.
Is Qubes just another Linux distribution?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you really want to call it a distribution, then its more of a “Xen distribution” than a Linux one. But Qubes is much more than just Xen packaging. It has its own VM management infrastructure, with support for template VMs, centralized VM updating, etc. It also has a very unique GUI virtualization infrastructure.
What about safe languages and formally verified microkernels?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In short: these are non-realistic solutions today. We discuss this in further depth in our :download:`Architecture Specification document </attachment/doc/arch-spec-0.3.pdf>`.
Why does Qubes use virtualization?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We believe that this is currently the only practically viable approach to implementing strong isolation while simultaneously providing compatibility with existing applications and drivers.
Does Qubes use full disk encryption (FDE)?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
By default, Qubes OS uses `LUKS <https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup>`__/`dm-crypt <https://en.wikipedia.org/wiki/Dm-crypt>`__ to encrypt everything except the ``/boot`` partition.
What do all these terms mean?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All Qubes-specific terms are defined in the :doc:`glossary </user/reference/glossary>`.
Does Qubes run every app in a separate VM?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
No! This would not make much sense. Qubes uses lightweight VMs to create security qubes (e.g., “work,” “personal,” and “banking,”). A typical user would likely need around five qubes. Very paranoid users, or those who are high-profile targets, might use a dozen or more qubes.
Why does Qubes use Xen instead of KVM or some other hypervisor?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In short: we believe the Xen architecture allows for the creation of more secure systems (i.e. with a much smaller TCB, which translates to a smaller attack surface). We discuss this in much greater depth in our :download:`Architecture Specification document </attachment/doc/arch-spec-0.3.pdf>`.
How is Qubes affected by Xen Security Advisories (XSAs)?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
See the `XSA Tracker <https://www.qubes-os.org/security/xsa/>`__.
What about this other/new (micro)kernel/hypervisor?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Whenever starting a discussion about another (micro)kernel or hypervisor in relation to Qubes, we strongly suggest including answers to the following questions first:
1. What kinds of containers does it use for isolation? Processes? PV VMs? Fully virtualized VMs (HVMs)? And what underlying h/w technology is used (ring0/3, VT-x)?
2. Does it require specially written/built applications (e.g. patched Firefox)?
3. Does it require custom drivers, or can it use Linux/Windows ones?
4. Does it support VT-d, and does it allow for the creation of untrusted driver domains?
5. Does it support S3 sleep?
6. Does it work on multiple CPUs/Chipsets?
7. What are the performance costs, more or less? (e.g. “XYZ prevents concurrent execution of two domains/processes on shared cores of a single processor”, etc.)
8. Other special features? E.g. eliminates cooperative covert channels between VMs?
Here are the answers for Xen 4.1 (which we use as of 2014-04-28):
1. PV and HVM Virtual Machines (ring0/3 for PV domains, VT-x/AMD-v for HVMs).
2. Runs unmodified usermode apps (binaries).
3. Runs unmodified Linux drivers (dom0 and driver domains). PV VMs require special written pvdrivers.
4. Full VT-d support including untrusted driver domains.
5. S3 sleep supported well.
6. Works on most modern CPUs/Chipsets.
7. Biggest performance hit on disk operations (especially in Qubes when complex 2-layer mapping used for Linux qubes). No GPU virtualization.
8. Mostly Works :superscript:`TM` :)
Which virtualization modes do VMs use?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Here is an overview of the VM virtualization modes:
.. list-table::
:widths: 42 42
:align: center
:header-rows: 1
* - VM type
- Mode
* - Default VMs without PCI devices (most VMs)
- PVH
* - Default VMs with PCI devices
- HVM
* - Stub domains - Default VMs w/o PCI devices
- N/A
* - Stub domains - Default VMs w/ PCI devices
- PV
* - Stub domains - HVMs
- PV
What's so special about Qubes' GUI virtualization?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We have designed the GUI virtualization subsystem with two primary goals: security and performance. Our GUI infrastructure introduces only about 2,500 lines of C code (LOC) into the privileged domain (Dom0), which is very little, and thus leaves little space for bugs and potential attacks. At the same time, due to the smart use of Xen shared memory, our GUI implementation is very efficient, so most virtualized applications really feel as if they were executed natively.
Why passwordless sudo?
^^^^^^^^^^^^^^^^^^^^^^
Please refer to :doc:`this page </user/security-in-qubes/vm-sudo>`.
Why is dom0 so old?
^^^^^^^^^^^^^^^^^^^
Please see:
- :doc:`Installing and updating software in dom0 </user/advanced-topics/how-to-install-software-in-dom0>`
- :ref:`Note on dom0 and EOL <user/downloading-installing-upgrading/supported-releases:note on dom0 and eol>`
Do you recommend coreboot as an alternative to vendor BIOS?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Yes, where it is possible to use it an open source boot firmware ought to be more trustable than a closed source implementation. `coreboot <https://www.coreboot.org/>`__ is as a result a requirement for `Qubes Certified Hardware <https://www.qubes-os.org/news/2016/07/21/new-hw-certification-for-q4/>`__. The number of machines coreboot currently supports is limited and the use of some vendor supplied blobs is generally still required. Where coreboot does support your machine and is not already installed, you will generally need additional hardware to flash it. Please see the coreboot website / their IRC channel for further information.
How should I report documentation issues?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you can fix the problem yourself, please see `how to edit the documentation <https://www.qubes-os.org/doc/how-to-edit-the-documentation/>`__. If not, please see :doc:`issue tracking </introduction/issue-tracking>`.
Will Qubes seek to get certified under the GNU Free System Distribution Guidelines (GNU FSDG)?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We wish we could, but the unfortunate reality right now is that an operating system *cannot be secure* without a certain minimum number of proprietary closed-source “blobs” (e.g., CPU microcode updates). A 100% free operating system that excludes all such blobs is vulnerable to known exploits and is therefore unsuitable for any use case where security matters.
Instead, Qubes aims to be as free as possible *without sacrificing security*. All of the code created by the Qubes OS Project itself is 100% free. However, in order for users to actually run that code securely on their hardware, we must pair it with a small number of non-free blobs, which disqualifies Qubes, `along with the vast majority of open-source Linux distributions <https://www.gnu.org/distros/common-distros.html>`__, from GNU FSDG certification.
The `four essential freedoms <https://www.gnu.org/philosophy/free-sw.html>`__ are part of the core of our philosophy, but so is security. Together, they inform our decisions and motivate our actions. Qubes aims to maximize both security and software freedom to the extent that they are compatible in the world today.
Also see `Is Qubes OS free and open-source software? <#is-qubes-os-free-and-open-source-software>`__ and the Qubes OS :doc:`software license </developer/code/license>`.
Should I trust this website?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This website is hosted on `GitHub Pages <https://pages.github.com/>`__ (`why? <#why-do-you-use-github>`__). Therefore, it is largely outside of our control. We dont consider this a problem, however, since we explicitly `distrust the infrastructure <#what-does-it-mean-to-distrust-the-infrastructure>`__. For this reason, we dont think that anyone should place undue trust in the live version of this site on the Web. Instead, if you want to obtain your own trustworthy copy of this website in a secure way, you should clone our `website repo <https://github.com/QubesOS/qubesos.github.io>`__, :ref:`verify the PGP signatures on the commits and/or tags <project-security/verifying-signatures:how to verify signatures on git repository tags and commits>` signed by the `doc-signing keys <https://github.com/QubesOS/qubes-secpack/tree/master/keys/doc-signing>`__ (which indicates that the content has undergone `review <https://www.qubes-os.org/doc/how-to-edit-the-documentation/#security>`__), then either `render the site on your local machine <https://github.com/QubesOS/qubesos.github.io/blob/master/README.md#instructions>`__ or simply read the source, the vast majority of which was `intentionally written in Markdown so as to be readable as plain text for this very reason <https://www.qubes-os.org/doc/documentation-style-guide/#markdown-conventions>`__. Weve gone to special effort to set all of this up so that no one has to trust the infrastructure and so that the contents of this website are maximally available and accessible.
What does it mean to "distrust the infrastructure"?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
A core tenet of the Qubes philosophy is “distrust the infrastructure,” where “the infrastructure” refers to things like hosting providers, CDNs, DNS services, package repositories, email servers, PGP keyservers, etc. As a project, we focus on securing endpoints instead of attempting to secure “the middle” (i.e., the infrastructure), since one of our primary goals is to free users from being forced to entrust their security to unknown third parties. Instead, our aim is for users to be required to trust as few entities as possible (ideally, only themselves and any known persons whom they voluntarily decide to trust).
Users can never fully control all the infrastructure they rely upon, and they can never fully trust all the entities who do control it. Therefore, we believe the best solution is not to attempt to make the infrastructure trustworthy, but instead to concentrate on solutions that obviate the need to do so. We believe that many attempts to make the infrastructure appear trustworthy actually provide only the illusion of security and are ultimately a disservice to real users. Since we dont want to encourage or endorse this, we make our distrust of the infrastructure explicit.
Also see: `Should I trust this website? <#should-i-trust-this-website>`__
Why do you use GitHub?
^^^^^^^^^^^^^^^^^^^^^^
Three main reasons:
1. We `distrust the infrastructure <#what-does-it-mean-to-distrust-the-infrastructure>`__ including GitHub (though there are aspects were still `working on <https://github.com/QubesOS/qubes-issues/issues/3958>`__).
2. Its free (as in beer). Wed have to spend either time or money to implement a solution ourselves or pay someone to do so, and we cant spare either one right now.
3. It has low admin/overhead requirements, which is very important, given how little time we have to spare.
Also see: `Should I trust this website? <#should-i-trust-this-website>`__
Why doesn't this website have security feature X?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Although we caution users against `placing undue trust in this website <#should-i-trust-this-website>`__ because we `distrust the infrastructure <#what-does-it-mean-to-distrust-the-infrastructure>`__, we have no objection to enabling website security features when doing so is relatively costless and provides some marginal benefit to website visitors. So, if feature X isnt enabled, its most likely for one of three reasons:
1. Our GitHub Pages platform doesnt support it.
2. Our platform supports it, but weve decided not to enable it.
3. Our platform supports it, but were not aware that we can enable it or have forgotten to do so.
If it seems like a feature that we can and should enable, please :doc:`let us know </introduction/issue-tracking>`!
Why do the mailing lists require a Google account?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
They dont. This is a common misconception. The mailing lists have never required a Google account. It has always been possible to use them purely via email (see the :ref:`mailing lists <introduction/support:mailing lists>` section for instructions).
A lot of people probably see that the mailing lists use Google Groups and just assume that a Google account must be required, but its not true. Google Groups is simply used for the infrastructure. Of course, you *can* use the web interface with a Google account, but there are many people in the Qubes community who participate on the mailing lists without one.
Why do you use Google Groups for the mailing lists?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
For the same general reasons as listed in :ref:`FAQ: Why do you use GitHub? <introduction/faq:why do you use github?>`
Users
-----
Can I watch YouTube videos in qubes?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Absolutely.
Can I run applications, like games, which require hardware acceleration?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Those wont fly. We do not provide GPU virtualization for Qubes. This is mostly a security decision, as implementing such a feature would most likely introduce a great deal of complexity into the GUI virtualization infrastructure. However, Qubes does allow for the use of accelerated graphics (e.g. OpenGL) in dom0s Window Manager, so all the fancy desktop effects should still work. App qubes use a software-only (CPU-based) implementation of OpenGL, which may be good enough for basic games and applications.
For further discussion about the potential for GPU passthrough on Xen/Qubes, please see the following threads:
- `GPU passing to HVM <https://groups.google.com/group/qubes-devel/browse_frm/thread/31f1f2da39978573?scoring=d&q=GPU&>`__
- `Clarifications on GPU security <https://groups.google.com/group/qubes-devel/browse_frm/thread/31e2d8a47c8b4474?scoring=d&q=GPU&>`__
Is Qubes a multi-user system?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
No. Qubes does not pretend to be a multi-user system. Qubes assumes that the user who controls Dom0 controls the whole system. It is very difficult to **securely** implement multi-user support. See `here <https://groups.google.com/group/qubes-devel/msg/899f6f3efc4d9a06>`__ for details.
However, in Qubes 4.x we will be implementing management functionality. See `Admin API <https://www.qubes-os.org/news/2017/06/27/qubes-admin-api/>`__ and `Core Stack <https://www.qubes-os.org/news/2017/10/03/core3/>`__ for more details.
What are the system requirements for Qubes OS?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
See the :doc:`system requirements </user/hardware/system-requirements>`.
Is there a list of hardware that is compatible with Qubes OS?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
See the `Hardware Compatibility List <https://www.qubes-os.org/hcl/>`__.
Is there any certified hardware for Qubes OS?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
See :doc:`Certified Hardware </user/hardware/certified-hardware/certified-hardware>`.
How much disk space does each qube require?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Each qube is created from a template and shares the root filesystem with this template (in a read-only manner). This means that each qube needs only as much disk space as is necessary to store its own private data. This also means that it is possible to update the software for several qubes simultaneously by running a single update process in the template upon which those qubes are based. (These qubes will then have to be restarted in order for the update to take effect in them.)
How much memory is recommended for Qubes?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Please see the :doc:`system requirements </user/hardware/system-requirements>`.
Can I install Qubes on a system without VT-x/AMD-V or VT-d/AMD-Vi/AMD IOMMU?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Please see the :doc:`system requirements </user/hardware/system-requirements>` for the latest information. If you are receiving an error message on install saying your “hardware lacks the features required to proceed”, check to make sure the virtualization options are enabled in your BIOS/UEFI configuration. You may be able to install without the required CPU features for testing purposes only, but VMs (in particular, sys-net) may not function correctly and there will be no security isolation. For more information, see :doc:`Qubes-certified hardware </user/hardware/certified-hardware/certified-hardware>`.
Why is VT-x/AMD-V important?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
By default, Qubes uses Xens PVH and HVM virtualization modes, which require VT-x/AMD-V. This means that, without VT-x/AMD-V, no VMs will start in a default Qubes installation. In addition, if your system lacks VT-x/AMD-V, then it also lacks VT-d/AMD-Vi/AMD IOMMU. (See next question.)
Why is VT-d/AMD-Vi/AMD IOMMU important?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
On a system without VT-d/AMD-Vi/AMD IOMMU, there will be no real security benefit to having a separate NetVM, as an attacker could always use a simple `DMA attack <#what-is-a-dma-attack>`__ to go from the NetVM to Dom0. Nonetheless, all of Qubes other security mechanisms, such as qube separation, work without VT-d/AMD-Vi/AMD IOMMU. Therefore, a system running Qubes without VT-d/AMD-Vi/AMD IOMMU would still be significantly more secure than one running Windows, Mac, or Linux.
What is a DMA attack?
^^^^^^^^^^^^^^^^^^^^^
Direct Memory Access (DMA) is mechanism for PCI devices to access system memory (read/write). Without VT-d/AMD-Vi/AMD IOMMU, any PCI device can access all the memory, regardless of the VM to which it is assigned (or if it is left in dom0). Most PCI devices allow the driver to request an arbitrary DMA operation (like “put received network packets at this address in memory”, or “get this memory area and send it to the network”). So, without VT-d/AMD-Vi/AMD IOMMU, it gives unlimited access to the whole system. Now, it is only a matter of knowing where to read/write to take over the system, instead of just crashing. But since you can read the whole memory, it isnt that hard.
Now, how does this apply to Qubes OS? The above attack requires access to a PCI device, which means that it can be performed only from the NetVM or USB VM, so someone must first break into one of those VMs. But this isnt that hard, because there is a lot of complex code handling network traffic. There is a history of bugs in DHCP clients, DNS clients, etc. Most attacks on the NetVM and USB VM (but not all of them!) require being somewhat close to the target system, for example, being connected to the same Wi-Fi network, or in the case of a USB VM, having physical access to a USB port.
Can I use AMD-v instead of VT-x?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Yes, and see `this message <https://groups.google.com/group/qubes-devel/msg/6412170cfbcb4cc5>`__.
Can I install Qubes in a virtual machine (e.g., on VMware)?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Some users have been able to do this, but it is neither recommended nor supported. Qubes should be installed bare-metal. (After all, it uses its own bare-metal hypervisor!)
How many qubes should I have? What's a good way to organize them?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:doc:`How to organize your qubes </user/how-to-guides/how-to-organize-your-qubes>` walks through several examples of how different types of users can set up their Qubes OS system to support their unique use cases.
What is a terminal?
^^^^^^^^^^^^^^^^^^^
A `terminal emulator <https://en.wikipedia.org/wiki/Terminal_emulator>`__, nowadays often referred to as just a *terminal*, is a program which provides a text window. Inside that window, a `shell <https://en.wikipedia.org/wiki/Shell_(computing)>`__ is typically running in it. A shell provides a `command-line interface <https://en.wikipedia.org/wiki/Command-line_interface>`__ where the user can enter and run `commands <https://en.wikipedia.org/wiki/Command_(computing)>`__.
See introductions on Wikibooks: `here <https://en.wikibooks.org/wiki/Fedora_And_Red_Hat_System_Administration/Shell_Basics>`__, `here <https://en.wikibooks.org/wiki/A_Quick_Introduction_to_Unix>`__ and `here <https://en.wikibooks.org/wiki/Bash_Shell_Scripting>`__.
Why does my network adapter not work?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
You may have an adapter (wired, wireless), that is not compatible with open-source drivers shipped by Qubes. You may need to install a binary blob, which provides drivers, from the linux-firmware package.
Open a terminal and run ``sudo dnf install linux-firmware`` in the template upon which your NetVM is based. You have to restart the NetVM after the template has been shut down.
Can I install Qubes OS together with other operating system (dual-boot/multi-boot)?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
You shouldnt do that, because it poses a security risk for your Qubes OS installation. But if you understand the risk and accept it, read `documentation on multibooting <https://forum.qubes-os.org/t/18988>`__. It begins with an explanation of the risks with such a setup.
Which version of Qubes am I running?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
See :ref:`here <developer/releases/version-scheme:check installed version>`.
My qubes lost internet access after a template update. What should I do?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
See :ref:`Update Troubleshooting <user/troubleshooting/update-troubleshooting:lost internet access after a template update>`.
My keyboard layout settings are not behaving correctly. What should I do?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
See :ref:`Hardware Troubleshooting <user/troubleshooting/hardware-troubleshooting:keyboard layout settings not behaving correctly>`.
My dom0 and/or template update stalls when attempting to update via the GUI tool. What should I do?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This can usually be fixed by updating via the command line.
In dom0, open a terminal and run ``sudo qubes-dom0-update``.
In your templates, open a terminal and run ``sudo dnf upgrade``.
How do I run a Windows HVM in non-seamless mode (i.e., as a single window)?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Enable “debug mode” in the qubes settings, either by checking the box labeled “Run in debug mode” in the Qubes VM Manager qube settings menu or by running the ``qvm-prefs`` command.
I created a USB VM and assigned USB controllers to it. Now the USB VM won't boot.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is probably because one of the controllers does not support reset. See the :ref:`USB Troubleshooting guide <user/troubleshooting/usb-troubleshooting:usb vm does not boot after creating and assigning usb controllers to it>`.
I assigned a PCI device to a qube, then unassigned it/shut down the qube. Why isn't the device available in dom0?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is an intended feature. A device which was previously assigned to a less trusted qube could attack dom0 if it were automatically reassigned there. In order to re-enable the device in dom0, either:
- Reboot the physical machine.
or
- Go to the sysfs (``/sys/bus/pci``), find the right device, detach it from the pciback driver and attach back to the original driver. Replace ``<BDF>`` with your device, for example ``00:1c.2``:
.. code:: bash
echo 0000:<BDF> > /sys/bus/pci/drivers/pciback/unbind
MODALIAS=`cat /sys/bus/pci/devices/0000:<BDF>/modalias`
MOD=`modprobe -R $MODALIAS | head -n 1`
echo 0000:<BDF> > /sys/bus/pci/drivers/$MOD/bind
See also :doc:`here </user/how-to-guides/how-to-use-pci-devices>`.
How do I play video files?
^^^^^^^^^^^^^^^^^^^^^^^^^^
If youre having trouble playing a video file in a qube, youre probably missing the required codecs. The easiest way to resolve this is to install VLC Media Player and use that to play your video files. You can do this in multiple different template distros (Fedora, Debian, etc.).
For Debian:
1. (Recommended) Clone an existing Debian template
2. Install VLC in that template:
.. code:: bash
$ sudo apt install vlc
3. Use VLC to play your video files.
For Fedora:
1. (Recommended) Clone an existing Fedora template
2. :ref:`Enable the appropriate RPMFusion repos in the desired Fedora template <user/how-to-guides/how-to-install-software:rpmfusion for fedora templates>`.
3. Install VLC in that template:
.. code:: bash
$ sudo dnf install vlc
4. Use VLC to play your video files.
How do I access my external drive?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The recommended approach is to pass only the specific partition you intend to use from :doc:`sys-usb </user/how-to-guides/how-to-use-usb-devices>` to another qube via ``qvm-block``. They will show up in the destination qube as ``/dev/xvd*`` and must be mounted manually. Another approach is to attach the entire USB drive to your destination qube. However, this could theoretically lead to an attack because it forces the destination qube to parse the devices partition table. If you believe your device is safe, you may proceed to attach it.
In Qubes 4.0, this is accomplished with the Devices Widget located in the tool tray (default top right corner, look for an icon with a yellow square). From the top part of the list, click on the drive you want to attach, then select the qube to attach it to. Although you can also attach the entire USB device to a qube by selecting it from the bottom part of the list, in general this approach should not be used because you are exposing the target qube to unnecessary additional attack surface.
Although external media such as external hard drives or flash drives plugged in via USB are available in the USB qube, it is not recommended to access them directly from inside the USB qube. See :doc:`Block (Storage) Devices </user/how-to-guides/how-to-use-block-storage-devices>` for more information.
My encrypted drive doesn't appear in Debian qube.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is an issue that affects qubes based on Debian Jessie. The problem is fixed in Stretch, and does not affect Fedora-based qubes.
A mixed drive with some encrypted partitions appears correctly in Nautilus. The encrypted partitions are identified and the user is prompted for password on attempting to mount the partition.
A fully encrypted drive does not appear in Nautilus.
The workaround is to manually decrypt and mount the drive:
1. Attach USB device to qube - it should be attached as ``/dev/xvdi`` or similar.
2. ``sudo cryptsetup open /dev/xvdi bk --type luks``
3. ``sudo cryptsetup status /dev/mapper/bk`` (Shows useful status info.)
4. ``sudo mount /dev/mapper/bk /mnt``
The decrypted device is now available at ``/mnt`` - when you have finished using it unmount and close the drive.
1. ``sudo umount /mnt``
2. ``sudo cryptsetup close bk --type luks``
3. Remove USB from qube.
Windows Update is stuck.
^^^^^^^^^^^^^^^^^^^^^^^^
This has nothing to do with Qubes. `Its a longstanding Windows bug. <https://superuser.com/questions/951960/windows-7-sp1-windows-update-stuck-checking-for-updates>`__
Fullscreen Firefox is frozen.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Press ``F11`` twice.
I have weird graphics glitches like the screen turning partially black.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If it seems like the issue described in `this thread <https://github.com/QubesOS/qubes-issues/issues/2399>`__, try disabling the window compositor:
- Q → System Tools → Window Manager Tweaks → Compositor → uncheck “Enable display compositing”
Please report (via the mailing lists) if you experience this issue, and whether disabling the compositor fixes it for you or not.
My HVM in Qubes R4.0 won't let me start/install an OS
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I see a screen popup with SeaBios and 4 lines, last one being ``Probing EDD (edd=off to disable!... ok``.
From a ``dom0`` prompt, enter:
.. code:: bash
qvm-prefs <HVMname> kernel ""
When I try to install a template, it says no match is found.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
See :ref:`VM Troubleshooting <user/troubleshooting/vm-troubleshooting:"no match found" when trying to install a template>`.
I keep getting "Failed to synchronize cache for repo" errors when trying to update my Fedora templates
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
See :ref:`Update Troubleshooting <user/troubleshooting/update-troubleshooting:"failed to synchronize cache for repo" errors when updating fedora templates>`.
I see a "Failed to start Load Kernel Modules" message on boot
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The full message looks like:
.. code:: bash
[FAILED] Failed to start Load Kernel Modules.
See 'systemctl status systemd-modules-load.service' for details.
This is cosmetic only, and can safely be ignored.
Why is Qubes so slow and how can I make it faster?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
During boot, Qubes starts several virtual machines. Having so many qubes running at once inevitably strains the resources of your computer and causes slowness. The most effective way to speed up Qubes is to get more powerful hardware a fast CPU, a lot of memory and fast SSDs. Qubes is slower when reading from the disk because of the VM overhead, which is why we recommend installing it on a fast SSD.
Could you please make my preference the default?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
It would be great if Qubes were configured just the way we like it by default with all of our favorite programs and settings. Then, we could just install Qubes without having to install any programs in it or adjust any settings. We might even think that if a particular program or setting works so well for *us*, it would work well for *everyone*, so wed actually be doing everyone a favor! The problem is that Qubes has :doc:`tens of thousands of different users </introduction/statistics>` with radically different needs and purposes. There is no particular configuration that will be ideal for everyone (despite how much we might feel that our preference would be better for everyone), so the best we can do is to put power in the hands of users to configure their Qubes installations the way they like (subject to security constraints, of course). For this reason, we generally do not grant requests for peoples favorite programs to be installed by default or for some setting that obviously varies by user preference to be changed so that it matches the requesters preference.
See also: `What is Qubes attitude toward changing guest distros? <#what-is-qubes-attitude-toward-changing-guest-distros>`__
Software installed in a qube is gone after restarting. Why?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Software must be :doc:`installed in the template </user/how-to-guides/how-to-install-software>` on which your qube is based.
Developers
----------
Are there restrictions on the software that the Qubes developers are willing to use?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Yes. In general, the Qubes developers will not use a piece of software unless there is an *easy* way to verify both its **integrity** and **authenticity**, preferably via PGP signatures (see :doc:`Verifying Signatures </project-security/verifying-signatures>`). Specifically:
- If PGP signatures are used, the signing key(s) should have well-publicized fingerprint(s) verifiable via multiple independent channels or be accessible to the developers through a web of trust.
- If the software is security-sensitive and requires communication with the outside world, a “split” implementation is highly preferred (for examples, see :doc:`Split GPG </user/security-in-qubes/split-gpg>` and `Split Bitcoin <https://forum.qubes-os.org/t/19017>`__).
- If the software has dependencies, these should be packaged and available in repos for a :ref:`current, Qubes-supported version <user/downloading-installing-upgrading/supported-releases:templates>` of Fedora (preferred) or Debian (unless all the insecure dependencies can run in an untrusted VM in a “split” implementation).
- If the software must be built from source, the source code and any builders must be signed. (Practically speaking, the more cumbersome and time-consuming it is to build from source, the less likely the developers are to use it.)
Why does dom0 need to be 64-bit?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Since 2013 `Xen has not supported 32-bit x86 architecture <https://wiki.xenproject.org/wiki/Xen_Project_Release_Features>`__ and Intel VT-d, which Qubes uses to isolate devices and drivers, is available on Intel 64-bit processors only.
In addition, with features like improved ASLR, it is often more difficult to exploit a bug on x64 Linux than x86 Linux. While we designed Qubes from the beginning to limit potential attack vectors, we still realize that some of the code running in Dom0, e.g. our GUI daemon or xen-store daemon, however simple, might contain some bugs. Plus since we havent implemented a separate storage domain, the disk backends are in Dom0 and are “reachable” from the VMs, which adds up to the potential attack surface. So, having faced a choice between 32-bit and 64-bit OS for Dom0, it was almost a no-brainer. The 64-bit option provides some (little perhaps, but some) more protection against some classes of attacks, and at the same time does not have any disadvantages except the extra requirement of a 64 bit processor. And even though Qubes now “needs” a 64 bit processor, it didnt make sense to run Qubes on a system without 3-4GB of memory, and those have 64-bit CPUs anyway.
What is the recommended build environment for Qubes OS?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Any rpm-based, 64-bit environment, the preferred OS being Fedora.
How do I build Qubes from sources?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
See :doc:`these instructions </developer/building/qubes-builder-v2>`.
How do I submit a patch?
^^^^^^^^^^^^^^^^^^^^^^^^
See the :doc:`Qubes Source Code Repositories </developer/code/source-code>` article.
What is Qubes' attitude toward changing guest distros?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In general, we try to respect each distros culture, but we reserve the right to make modifications that we deem appropriate. See the discussion on issue `#1014 <https://github.com/QubesOS/qubes-issues/issues/1014>`__ for an example.
The policy is there mostly to ease maintenance, on several levels:
- Less modifications means easier migration to new upstream distribution releases.
- The upstream documentation matches the distribution running in the Qubes VM.
- Were less likely to introduce Qubes-specific issues.
- Each officially supported distribution (ideally) should offer the same set of Qubes-specific features - a change in one supported distribution should be followed also in others, including new future distributions.
Why don't you fix upstream bugs that affect Qubes OS?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
First, a bit of background in case youre new to the open-source software world: There are a huge number of different open-source projects that each focus on the software they create and maintain. Some focus on specific frameworks, libraries, and background subsystems that most users never see. Others focus on specific tools and apps that use these frameworks, libraries, and background subsystems. Still others focus on combining many different tools and apps. And some, like Qubes OS, are entire operating systems that include all kinds of other software. When one piece of software uses a different piece of software, the piece of software being used is said to be “upstream,” while the piece of software using it said to be “downstream.” For example, Qubes OS uses the Xen hypervisor, so Xen is upstream relative to Qubes, and Qubes is downstream relative to Xen (and likewise for the respective project that creates and maintains each piece of software).
Many open-source operating systems, including Qubes OS, are transparent about the fact that they are “compilations” of upstream software. By contrast, proprietary, commercial operating systems like Windows and macOS tend to either obscure this fact or avoid using upstream software in favor of doing everything in-house, because they have the huge workforce and commercial revenue that allows them to do so. If youre accustomed to using a proprietary, commercial operating system, then you may need some time to get used to the fact that Qubes OS is a compilation of many different pieces of open-source software.
Now, lets get to the original question: Why dont we fix upstream bugs that affect Qubes OS? This question can come up in different ways. For example, many people, especially those who arent familiar with how open-source software development works, wonder why we sometimes close :doc:`issues </introduction/issue-tracking>` as “not our bug.” Dont we care about the Qubes users who are affected by these bugs? Are we really so cold and heartless?
On the contrary, it is precisely because we care so much about Qubes users that we do this. Its important to understand that Qubes OS combines different pieces of software from a very large number of upstream projects (especially since it includes entire separate OSes inside of itself) and that many of these projects have much larger workforces and much more funding than we do. They are better equipped to fix bugs in their own software. Not only are they the ones who wrote the code, theyre also more familiar with how best to integrate any fixes into the entire code base for maintainability. Besides, they own the code. We cant force any other project to accept a patch, even if we sincerely believe its a good bug fix. In some cases, we have to maintain our own fork of an upstream project, which just adds to our ongoing maintenance burden.
In contrast to some of the large upstream projects whose software we use, the Qubes OS Project is small, lean, and focused on one goal: creating and maintaining a reasonably secure operating system for regular desktop users. The Qubes core developers are specialists. They are among the best in the world at virtualization security, low-level system security, and implementing security-by-compartmentalization at the operating-system level. There are many aspects of Qubes OS engineering work for which they are uniquely qualified. Recognizing this, it only makes sense to focus their time where it will provide the greatest benefit, on doing security-related work that only they can do. By contrast, it would be a wasteful misallocation of skill and talent (to the long-term detriment of Qubes users) to have them fixing bugs that are in code they didnt write, that doesnt belong to them, that (in some cases) belongs to a huge upstream project with ample time and resources, and that the upstream project is equally capable of fixing (and, in many cases, is *better* suited to fix, as thats *their* area of specialization).
Moreover, the question is based on a faulty assumption in the first place, because we already *do* in fact fix some upstream bugs that affect Qubes OS. For example, the Qubes core developers have made significant upstream Xen contributions, particularly in the area of security, as thats where our developers specialize. So, the original question should really be rephrased to ask, “Why dont you fix *every* upstream bug that affects Qubes OS?” In light of the foregoing explanation, we hope you agree that this would be an unreasonable expectation.
“Very well,” you might be thinking, “but theres still an upstream bug that affects me! What can I do about it?” Recall what we discussed above about how the open-source world works. If theres a bug in some piece of upstream software, then theres an open-source project responsible for creating and maintaining that software. Theyre the ones who wrote the code and who are best equipped to fix the bug. You should file a bug report in *that* projects issue tracker instead. Not only will you be helping all other affected Qubes users, youll also be helping *all* downstream users of that software!
(**Note:** If youre wondering about cases in which a bug has already been fixed upstream but hasnt yet arrived in your Qubes OS release, please see :ref:`backports <introduction/issue-tracking:backports>`. These are *not* cases in which an issue is closed as “not our bug.”)
Is the I/O emulation component (QEMU) part of the Trusted Computing Base (TCB)?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
No. Unlike many other virtualization systems, Qubes takes special effort to keep QEMU *outside* of the TCB. This has been achieved thanks to the careful use of Xens stub domain feature. For more details about how we improved on Xens native stub domain use, see `here <https://blog.invisiblethings.org/2012/03/03/windows-support-coming-to-qubes.html>`__.
Is Secure Boot supported?
^^^^^^^^^^^^^^^^^^^^^^^^^
UEFI Secure Boot is not supported out of the box as UEFI support in Xen is very basic. Arguably secure boot reliance on UEFI integrity is not the best design. The relevant binaries (shim.efi, xen.efi, kernel / initramfs) are not signed by the Qubes Team and secure boot has not been tested. Intel TXT (used in :doc:`Anti Evil Maid </user/security-in-qubes/anti-evil-maid>`) at least tries to avoid or limit trust in BIOS. See the Heads project `[1] <https://trmm.net/Heads>`__ `[2] <https://osresearch.net/>`__ for a better-designed non-UEFI-based secure boot scheme with very good support for Qubes.
What is the canonical way to detect Qubes VM?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Check ``/usr/share/qubes/marker-vm`` file existence. Additionally, its last line contains Qubes release version (e.g., ``4.0``). The file was introduced after the initial Qubes 4.0 release. If you need to support not-fully-updated systems, check for the existence of ``/usr/bin/qrexec-client-vm``.
Is there a way to automate tasks for continuous integration or DevOps?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Yes, Qubes natively supports automation via :doc:`Salt (SaltStack) </user/advanced-topics/salt>`. There is also the unofficial `ansible-qubes toolkit <https://github.com/Rudd-O/ansible-qubes>`__. (**Warning:** Since this is an external project that has not been reviewed or endorsed by the Qubes team, `allowing it to manage dom0 may be a security risk <https://forum.qubes-os.org/t/19075#dom0-precautions>`__.)
.. |checkmark| image:: /attachment/doc/checkmark.png
.. |redx| image:: /attachment/doc/red_x.png

250
introduction/getting-started.md
View file

@ -1,250 +0,0 @@
---
lang: en
layout: doc
permalink: /doc/getting-started/
redirect_from:
- /doc/how-to-get-started/
- /getting-started/
- /en/doc/getting-started/
- /doc/GettingStarted/
- /wiki/GettingStarted/
ref: 190
title: Getting started
---
After [downloading](/downloads/) and [installing](/doc/installation-guide/)
Qubes OS, it's time to dive in and get to work! (Already know your way around?
Dive right in to [organizing your qubes](/doc/how-to-organize-your-qubes/).)
## The Basics
Qubes OS is an operating system built out of securely-isolated compartments, or [qubes](/doc/glossary/#qube).
You can have a work qube, a personal qube, a banking qube, a web browsing qube, a standalone Windows qube and so on.
You can have as many qubes as you want! Most of the time, you'll be using an [app
qube](/doc/glossary/#app-qube), a qube for running software
programs like web browsers, email clients, and word processors. Each app qube
is based on another type of qube called a [template](/doc/glossary/#template).
The same template can be a base for various qubes. Importantly, a qube
cannot modify its template in any way. This means that, if a qube is ever
compromised, its template and any other qubes based on that template will
remain safe. This is what makes Qubes OS so secure. Even if an attack is
successful, the damage is limited to a single qube.
Suppose you want to use your favorite web browser in several different qubes.
You'd install the web browser in a template, then every qube based on that
template would be able to run the web browser software (while still being
forbidden from modifying the template and any other qubes). This way, you only
have to install the web browser a single time, and updating the template updates all the qubes based on it.
This elegant design saves time and space while enhancing security.
There are also some "helper" qubes in your system. Each qube that connects to
the Internet does so through a network-providing [service
qube](/doc/glossary/#service-qube). If you need to access USB devices, another
service qube will do that. There's also a [management
qube](/doc/glossary/#management-qube) that automatically handles a lot of
background housekeeping. For the most part, you won't have to worry about it,
but it's nice to know that it's there. As with app qubes, service qubes and
management qubes are also based on templates. Templates are usually named after
their operating system (often a [Linux
distribution](https://en.wikipedia.org/wiki/Linux_distribution)) and
corresponding version number. There are many ready-to-use
[templates](/doc/templates) to choose from, and you can download and have as
many as you like.
Last but not least, there's a very special [admin
qube](/doc/glossary/#admin-qube) used to administer your entire system.
There's only one admin qube, and it's called [dom0](/doc/glossary/#dom0).
You can think of it as the master qube, holding ultimate power over everything that happens in Qubes OS.
Dom0 is the most trusted one of all qubes. If dom0 were ever to be compromised, it would be "game over"- an effective compromise of the entire system.
That's why everything in Qubes OS is specifically designed to protect dom0 and ensure that doesn't
happen. Due to its overarching importance, dom0 has no network connectivity and
is used only for running the [desktop
environment](https://en.wikipedia.org/wiki/Desktop_environment) and [window
manager](https://en.wikipedia.org/wiki/Window_manager). Dom0 should never be
used for anything else. In particular, you should never run user applications
in dom0. (That's what your app qubes are for!) In short, be very careful when interacting with dom0.
### Color & Security
You'll choose a **color** for each of your qubes out of a predefined set of
colors. The color of the frame of each window on your desktop will correspond to the color of that qube.
These colored frames help you keep track of which qube you're currently using.
You may use them to show how trustworthy it is. This is especially helpful
when you have the same program running in multiple qubes at the same time. For
example, if you're logged in to your bank account in one qube while doing some
random web surfing in a different qube, you wouldn't want to accidentally enter
your banking password in the latter! The colored frames help to avoid such
mistakes.
[![snapshot_41.png](/attachment/doc/r4.1-snapshot_40.png)](/attachment/doc/r4.1-snapshot_40.png)
Most Qubes users associate red with what's untrusted and dangerous (like a red
stop light signalling danger), green with what's safe and trusted, and yellow and
orange with things in-between. This color scheme also includes
blue and black, commonly interpreted as indicating progressively more
trusted domains than green, with black being ultimately trusted. However, color and
associated meanings are entirely up to you. The system itself does
not treat the colors differently - they're all equally safe on their own. If you create two identical qubes --- black
and red, say --- they'll be the same until you start using them differently.
Feel free to use the colors in the way that best meets your needs. For example,
you might decide to use three or four qubes for work activities and give them
all the same color --- or all different colors depending on the nature of the task they are used for.
### User Interface
On operating systems like Windows and macOS, the desktop environment is
unchangeable and part of that operating system. With Linux, any of a number of
desktop environments are an option. Qubes OS is installed with XFCE as its
default desktop environment, but it also supports [KDE](/doc/kde/), as well as
the window managers [i3](/doc/i3/) and [AwesomeWM](/doc/awesomewm/).
[![r4.0-taskbar.png](/attachment/doc/r4.0-taskbar.png)](/attachment/doc/r4.0-taskbar.png)
The bar at the top of your screen in Qubes 4.2 includes the following XFCE
component areas:
- The **App Menu**, where you go to open an application within a qube, to open
a dom0 terminal, to access administrative UI tools such as the Qube Manager,
or to access settings panels for your desktop environment.
- The **Task Bar** where buttons for open and hidden windows live.
- **Spaces**, an interface for [virtual
desktops](https://en.wikipedia.org/wiki/Virtual_desktop). Virtual desktops do
not have any inherent security isolation properties, but some users find them
useful for organizing things.
- The **Tray**, where many functional widgets live.
There are several tray widgets that are unique to Qubes OS:
- The **Whonix SDWDate** allows you to control the Tor connection in your
[`sys-whonix`](https://www.whonix.org/wiki/Qubes) qube.
- The **Qubes Clipboard** lets you easily [copy text](https://wwwpreview.qubes-os.org/doc/how-to-copy-and-paste-text/) between various qubes and from dom0.
- The **Qubes Devices** widget allows you to attach and detach devices --- such
as USB drives and cameras --- to qubes.
- The **Qubes Disk Space** widget shows you how much storage you're using.
It'll notify you if you're ever running out of space.
- The **Qubes Domains** widget allows you to manage running qubes, turn them on
and off, and monitor RAM and CPU usage.
- The **Qubes Updater** widget informs you when updates are available and helps
you install them.
[![r4.1-widgets.png](/attachment/doc/r4.1-widgets.png)](/attachment/doc/r4.1-widgets.png)
To learn more about how to customize your desktop environment, we recommend you
go through [XFCE's documentation](https://docs.xfce.org/).
#### Qube Manager
To see all of your qubes at the same time, you can use the **Qube Manager**.
It displays the states of all the qubes in your system, even the ones that arent running.
To access Qube Manager go to:
Qubes Icon (App Menu) → Settings Icon → Qubes Tools → **Qube Manager**
[![r4.1-qubes-manager.png](/attachment/doc/r4.1-qubes-manager.png)](/attachment/doc/r4.1-qubes-manager.png)
#### Command-line interface
All aspects of Qubes OS can be controlled using command-line tools such as the terminal emulator.
The default terminal emulator in Qubes is Xfce Terminal.
Opening a terminal emulator in dom0 can be done in several ways:
- Go to the App Menu, click on the Settings icon, choose Other from the drop-down menu, and select **Xfce Terminal Emulator** at the bottom.
- Press `Alt` + `F3` and search for `xfce terminal`.
- Right-click on the desktop and select **Open Terminal Here**.
Various command-line tools are described as part of this guide, and the whole reference can be found [here](/doc/tools/).
Terminal emulators can also be run in other qubes as normal programs.
## First boot
When you install Qubes OS, a number of qubes are pre-configured for you:
- **App qubes** such as `work`, `personal`, `untrusted`, and `vault` are your "starter pack" qubes to compartmentalize tasks
and types of data to suit most basic needs. (There is nothing special about these pre-configured qubes - they are identical in nature to more specific ones you might wish to create later.)
- **Templates:** `fedora-XX`, `debian-XX` (`XX` being the version number)
- **Service qubes:** `sys-usb`, `sys-net`, `sys-firewall`, and `sys-whonix`)
- **Admin qube:** `dom0`
Other software installed in Qubes OS by default includes open-source applications such as file managers,
command-line terminals, printer managers, text editors, and applets for configuring audio and user interface settings.
Most of these applications are incorporated within each template.
### Adding, removing, and listing qubes
To create a new qube or remove one, use **Create Qubes VM** option in the App Menu.
Creating a New Qube:
Qubes Icon → Settings → Qubes Tools → Qube Manager → Create Qubes VM → **New Qube**
Removing a qube:
To remove a qube, use the **Delete qube button** as the final step instead.
You can also add, remove, and list qubes from the
command line using the following tools:
- `qvm-create`
- `qvm-remove`
- `qvm-ls`
### How many qubes do I need?
It's a good idea to start out with the pre-installed app qubes: `work`, `personal`, `untrusted`, and `vault`.
If you start to feel that some activity just doesn't fit into any of your existing qubes, or
you want to partition some part of your life, you can easily create a new qube
for it. You'll also be able to easily [copy any
files](/doc/how-to-copy-and-move-files) you need to the newly-created qube.
Want to see some examples? Check out our in-depth guide on [how to organize your
qubes](/doc/how-to-organize-your-qubes/), which walks through several common use
cases based on our user research and years of experience from veteran Qubes
users.
## Secure Habits
It is *very important* to [keep Qubes updated](/doc/how-to-update/) to ensure
you have the latest security updates. Frequently updating is one of the best
ways to remain secure against new threats.
It's also *very important* to make regular backups so that you don't lose your
data unexpectedly. The [Qubes backup
system](/doc/how-to-back-up-restore-and-migrate/) allows you to do this
securely and easily.
## How-To Guides
Here are some basic tasks you're likely to want to perform often that are
unique to Qubes as a multi-environment system. A full list is available in the
[How-To Guides](/doc/#how-to-guides) section in the docs.
- [How to organize your qubes](/doc/how-to-organize-your-qubes/)
- [How to Update](/doc/how-to-update/)
- [How to Back Up, Restore, and Migrate](/doc/how-to-back-up-restore-and-migrate/)
- [How to Copy and Paste Text](/doc/how-to-copy-and-paste-text/)
- [How to Copy and Move Files](/doc/how-to-copy-and-move-files/)
- [How to Copy from Dom0](/doc/how-to-copy-from-dom0/)
- [How to Install Software](/doc/how-to-install-software/)
- [How to Use Devices (block storage, USB, and PCI devices)](/doc/how-to-use-devices/)
If you encounter any problems, please visit the [Help, Support, Mailing Lists,
and Forum](/support/) page.
## Compatible Hardware
Make sure your hardware satisfies the [system
requirements](/doc/system-requirements/), as Qubes OS cannot run on every type
of computer. You may also want to check out [Qubes-certified
Hardware](/doc/certified-hardware/) and take a look at the [Hardware
Compatibility List (HCL)](/hcl/).
## Downloads
[Download an ISO](/downloads/), learn how to [verify its
authenticity](/doc/verifying-signatures/), and follow our [guide to install
Qubes OS](/doc/installation-guide/). Looking for the [source
code](/doc/source-code/)? You'll find it [on
GitHub](https://github.com/QubesOS).
## Documentation
Browse our extensive library of [documentation](/doc/) for users and developers
of Qubes OS. You can even [help us improve it](/doc/how-to-edit-the-documentation/)!

204
introduction/getting-started.rst Normal file
View file

@ -0,0 +1,204 @@
===============
Getting started
===============
After `downloading <https://www.qubes-os.org/downloads/>`__ and :doc:`installing </user/downloading-installing-upgrading/installation-guide>` Qubes OS, its time to dive in and get to work! (Already know your way around? Dive right in to :doc:`organizing your qubes </user/how-to-guides/how-to-organize-your-qubes>`.)
The Basics
----------
Qubes OS is an operating system built out of securely-isolated compartments, or :ref:`qubes <user/reference/glossary:qube>`. You can have a work qube, a personal qube, a banking qube, a web browsing qube, a standalone Windows qube and so on. You can have as many qubes as you want! Most of the time, youll be using an :ref:`app qube <user/reference/glossary:app qube>`, a qube for running software programs like web browsers, email clients, and word processors. Each app qube is based on another type of qube called a :ref:`template <user/reference/glossary:template>`. The same template can be a base for various qubes. Importantly, a qube cannot modify its template in any way. This means that, if a qube is ever compromised, its template and any other qubes based on that template will remain safe. This is what makes Qubes OS so secure. Even if an attack is successful, the damage is limited to a single qube.
Suppose you want to use your favorite web browser in several different qubes. Youd install the web browser in a template, then every qube based on that template would be able to run the web browser software (while still being forbidden from modifying the template and any other qubes). This way, you only have to install the web browser a single time, and updating the template updates all the qubes based on it. This elegant design saves time and space while enhancing security.
There are also some “helper” qubes in your system. Each qube that connects to the Internet does so through a network-providing :ref:`service qube <user/reference/glossary:service qube>`. If you need to access USB devices, another service qube will do that. Theres also a :ref:`management qube <user/reference/glossary:management qube>` that automatically handles a lot of background housekeeping. For the most part, you wont have to worry about it, but its nice to know that its there. As with app qubes, service qubes and management qubes are also based on templates. Templates are usually named after their operating system (often a `Linux distribution <https://en.wikipedia.org/wiki/Linux_distribution>`__) and corresponding version number. There are many ready-to-use :doc:`templates </user/templates/templates>` to choose from, and you can download and have as many as you like.
Last but not least, theres a very special :ref:`admin qube <user/reference/glossary:admin qube>` used to administer your entire system. Theres only one admin qube, and its called :ref:`dom0 <user/reference/glossary:dom0>`. You can think of it as the master qube, holding ultimate power over everything that happens in Qubes OS. Dom0 is the most trusted one of all qubes. If dom0 were ever to be compromised, it would be “game over”- an effective compromise of the entire system. Thats why everything in Qubes OS is specifically designed to protect dom0 and ensure that doesnt happen. Due to its overarching importance, dom0 has no network connectivity and is used only for running the `desktop environment <https://en.wikipedia.org/wiki/Desktop_environment>`__ and `window manager <https://en.wikipedia.org/wiki/Window_manager>`__. Dom0 should never be used for anything else. In particular, you should never run user applications in dom0. (Thats what your app qubes are for!) In short, be very careful when interacting with dom0.
Color & Security
^^^^^^^^^^^^^^^^
Youll choose a **color** for each of your qubes out of a predefined set of colors. The color of the frame of each window on your desktop will correspond to the color of that qube. These colored frames help you keep track of which qube youre currently using. You may use them to show how trustworthy it is. This is especially helpful when you have the same program running in multiple qubes at the same time. For example, if youre logged in to your bank account in one qube while doing some random web surfing in a different qube, you wouldnt want to accidentally enter your banking password in the latter! The colored frames help to avoid such mistakes.
|snapshot_41.png|
Most Qubes users associate red with whats untrusted and dangerous (like a red stop light signalling danger), green with whats safe and trusted, and yellow and orange with things in-between. This color scheme also includes blue and black, commonly interpreted as indicating progressively more trusted domains than green, with black being ultimately trusted. However, color and associated meanings are entirely up to you. The system itself does not treat the colors differently - theyre all equally safe on their own. If you create two identical qubes — black and red, say — theyll be the same until you start using them differently. Feel free to use the colors in the way that best meets your needs. For example, you might decide to use three or four qubes for work activities and give them all the same color — or all different colors depending on the nature of the task they are used for.
User Interface
^^^^^^^^^^^^^^
On operating systems like Windows and macOS, the desktop environment is unchangeable and part of that operating system. With Linux, any of a number of desktop environments are an option. Qubes OS is installed with XFCE as its default desktop environment, but it also supports :doc:`KDE </user/advanced-topics/kde>`, as well as the window managers :doc:`i3 </user/advanced-topics/i3>` and :doc:`AwesomeWM </user/advanced-topics/awesomewm>`.
|r4.0-taskbar.png|
The bar at the top of your screen in Qubes 4.2 includes the following XFCE component areas:
- The **App Menu**, where you go to open an application within a qube, to open a dom0 terminal, to access administrative UI tools such as the Qube Manager, or to access settings panels for your desktop environment.
- The **Task Bar** where buttons for open and hidden windows live.
- **Spaces**, an interface for `virtual desktops <https://en.wikipedia.org/wiki/Virtual_desktop>`__. Virtual desktops do not have any inherent security isolation properties, but some users find them useful for organizing things.
- The **Tray**, where many functional widgets live.
There are several tray widgets that are unique to Qubes OS:
- The **Whonix SDWDate** allows you to control the Tor connection in your `sys-whonix <https://www.whonix.org/wiki/Qubes>`__ qube.
- The **Qubes Clipboard** lets you easily `copy text <https://wwwpreview.qubes-os.org/doc/how-to-copy-and-paste-text/>`__ between various qubes and from dom0.
- The **Qubes Devices** widget allows you to attach and detach devices — such as USB drives and cameras — to qubes.
- The **Qubes Disk Space** widget shows you how much storage youre using. Itll notify you if youre ever running out of space.
- The **Qubes Domains** widget allows you to manage running qubes, turn them on and off, and monitor RAM and CPU usage.
- The **Qubes Updater** widget informs you when updates are available and helps you install them.
|r4.1-widgets.png|
To learn more about how to customize your desktop environment, we recommend you go through `XFCEs documentation <https://docs.xfce.org/>`__.
Qube Manager
^^^^^^^^^^^^
To see all of your qubes at the same time, you can use the **Qube Manager**. It displays the states of all the qubes in your system, even the ones that arent running.
To access Qube Manager go to: Qubes Icon (App Menu) → Settings Icon → Qubes Tools → **Qube Manager**
|r4.1-qubes-manager.png|
Command-line interface
^^^^^^^^^^^^^^^^^^^^^^
All aspects of Qubes OS can be controlled using command-line tools such as the terminal emulator. The default terminal emulator in Qubes is Xfce Terminal. Opening a terminal emulator in dom0 can be done in several ways:
- Go to the App Menu, click on the Settings icon, choose Other from the drop-down menu, and select **Xfce Terminal Emulator** at the bottom.
- Press ``Alt`` + ``F3`` and search for ``xfce terminal``.
- Right-click on the desktop and select **Open Terminal Here**.
Various command-line tools are described as part of this guide, and the whole reference can be found :doc:`here </user/reference/tools>`. Terminal emulators can also be run in other qubes as normal programs.
First boot
----------
When you install Qubes OS, a number of qubes are pre-configured for you:
- **App qubes** such as ``work``, ``personal``, ``untrusted``, and ``vault`` are your “starter pack” qubes to compartmentalize tasks and types of data to suit most basic needs. (There is nothing special about these pre-configured qubes - they are identical in nature to more specific ones you might wish to create later.)
- **Templates:** ``fedora-XX``, ``debian-XX`` (``XX`` being the version number)
- **Service qubes:** ``sys-usb``, ``sys-net``, ``sys-firewall``, and ``sys-whonix``)
- **Admin qube:** ``dom0``
Other software installed in Qubes OS by default includes open-source applications such as file managers, command-line terminals, printer managers, text editors, and applets for configuring audio and user interface settings. Most of these applications are incorporated within each template.
Adding, removing, and listing qubes
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
To create a new qube or remove one, use **Create Qubes VM** option in the App Menu.
Creating a New Qube: Qubes Icon → Settings → Qubes Tools → Qube Manager → Create Qubes VM → **New Qube**
Removing a qube: To remove a qube, use the **Delete qube button** as the final step instead.
You can also add, remove, and list qubes from the command line using the following tools:
- ``qvm-create``
- ``qvm-remove``
- ``qvm-ls``
How many qubes do I need?
^^^^^^^^^^^^^^^^^^^^^^^^^
Its a good idea to start out with the pre-installed app qubes: ``work``, ``personal``, ``untrusted``, and ``vault``. If you start to feel that some activity just doesnt fit into any of your existing qubes, or you want to partition some part of your life, you can easily create a new qube for it. Youll also be able to easily :doc:`copy any files </user/how-to-guides/how-to-copy-and-move-files>` you need to the newly-created qube.
Want to see some examples? Check out our in-depth guide on :doc:`how to organize your qubes </user/how-to-guides/how-to-organize-your-qubes>`, which walks through several common use cases based on our user research and years of experience from veteran Qubes users.
Secure Habits
-------------
It is *very important* to :doc:`keep Qubes updated </user/how-to-guides/how-to-update>` to ensure you have the latest security updates. Frequently updating is one of the best ways to remain secure against new threats.
Its also *very important* to make regular backups so that you dont lose your data unexpectedly. The :doc:`Qubes backup system </user/how-to-guides/how-to-back-up-restore-and-migrate>` allows you to do this securely and easily.
How-To Guides
-------------
Here are some basic tasks youre likely to want to perform often that are unique to Qubes as a multi-environment system. A full list is available in the :ref:`How-To Guides <how-to-guides>` section in the docs.
- :doc:`How to organize your qubes </user/how-to-guides/how-to-organize-your-qubes>`
- :doc:`How to Update </user/how-to-guides/how-to-update>`
- :doc:`How to Back Up, Restore, and Migrate </user/how-to-guides/how-to-back-up-restore-and-migrate>`
- :doc:`How to Copy and Paste Text </user/how-to-guides/how-to-copy-and-paste-text>`
- :doc:`How to Copy and Move Files </user/how-to-guides/how-to-copy-and-move-files>`
- :doc:`How to Copy from Dom0 </user/how-to-guides/how-to-copy-from-dom0>`
- :doc:`How to Install Software </user/how-to-guides/how-to-install-software>`
- :doc:`How to Use Devices (block storage, USB, and PCI devices) </user/how-to-guides/how-to-use-devices>`
If you encounter any problems, please visit the :doc:`Help, Support, Mailing Lists, and Forum </introduction/support>` page.
Compatible Hardware
-------------------
Make sure your hardware satisfies the :doc:`system requirements </user/hardware/system-requirements>`, as Qubes OS cannot run on every type of computer. You may also want to check out :doc:`Qubes-certified Hardware </user/hardware/certified-hardware/certified-hardware>` and take a look at the `Hardware Compatibility List (HCL) <https://www.qubes-os.org/hcl/>`__.
Downloads
---------
`Download an ISO <https://www.qubes-os.org/downloads/>`__, learn how to :doc:`verify its authenticity </project-security/verifying-signatures>`, and follow our :doc:`guide to install Qubes OS </user/downloading-installing-upgrading/installation-guide>`. Looking for the :doc:`source code </developer/code/source-code>`? Youll find it `on GitHub <https://github.com/QubesOS>`__.
Documentation
-------------
Browse our extensive library of :doc:`documentation </index>` for users and developers of Qubes OS. You can even `help us improve it <https://www.qubes-os.org/doc/how-to-edit-the-documentation/>`__!
.. |snapshot_41.png| image:: /attachment/doc/r4.1-snapshot_40.png
.. |r4.0-taskbar.png| image:: /attachment/doc/r4.0-taskbar.png
.. |r4.1-widgets.png| image:: /attachment/doc/r4.1-widgets.png
.. |r4.1-qubes-manager.png| image:: /attachment/doc/r4.1-qubes-manager.png

344
introduction/intro.md
View file

@ -1,344 +0,0 @@
---
lang: en
layout: site
permalink: /intro/
redirect_from:
- /tour/
- /en/tour/
- /about/
- /en/about/
ref: 126
title: Introduction
---
<h2>What is Qubes OS?</h2>
<a id = "what-is-qubes-os"></a>
<div class="row">
<div class="col-lg-12 col-md-12">
<p>
Qubes OS is a free and open-source, security-oriented operating system for
single-user desktop computing. Qubes OS leverages
<a href="https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview">
Xen-based virtualization</a> to allow for the creation and management of
isolated compartments called <a href="/doc/glossary#qube">qubes</a>.
</p>
</div>
</div>
<div class="row">
<div class="col-lg-3 col-md-3 text-left">
<p>
These qubes, which are implemented as <a href="/doc/glossary#vm">virtual
machines (VMs)</a>, have specific:
<ul>
<li class="more-bottom">
<b>Purposes:</b> with a predefined set of one or many isolated
applications, for personal or professional projects, to manage the
<a href="/doc/networking/">network stack</a>,
<a href="/doc/firewall/">the firewall</a>, or to fulfill other
user-defined purposes.
</li>
<li class="more-bottom">
<b>Natures:</b> <a href="/doc/standalone-and-hvm/">full-fledged</a> or
<a href="/doc/getting-started/">
stripped-down</a> virtual machines based on popular operating systems,
such as <a href="/doc/templates/fedora/">Fedora</a>,
<a href="/doc/templates/debian/">Debian</a>, and
<a href="/doc/windows/">Windows</a>.
</li>
<li class="more-bottom">
<b>Levels of trust:</b> from complete to non-existent. All windows are
displayed in a unified desktop environment with
<a href="/doc/getting-started/">unforgeable colored window borders</a> so
that different security levels are easily identifiable.
</li>
</ul>
</p>
</div>
<div class="col-lg-9 col-md-9">
<a href="/attachment/site/qubes-trust-level-architecture.png">
<img src="/attachment/site/qubes-trust-level-architecture.png"
class="center-block more-bottom" alt="Qubes system diagram">
</a>
</div>
</div>
<div class="alert alert-info more-bottom" role="alert">
<i class="fa fa-info-circle"></i>
<b>Note:</b> See our <a href="/doc/glossary/">glossary</a> and
<a href="/faq/">FAQ</a> for more information.
</div>
<h2 class="more-bottom">Features</h2>
<div class="row">
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Strong isolation</h3>
<p>
Isolate different pieces of software as if they were installed on separate
physical machines using advanced virtualization techniques.
</p>
</div>
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Template system</h3>
<p>
Use <a href="/doc/glossary/#app-qube">app qubes</a> to
share a root file system without sacrificing security using the innovative
<a href="/doc/templates/">Template system</a>.
</p>
</div>
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Multiple operating systems</h3>
<p>
Use multiple operating systems at the same time, including
<a href="/doc/templates/fedora/">Fedora</a>,
<a href="/doc/templates/debian/">Debian</a>, and
<a href="/doc/windows/">Windows.</a>
</p>
</div>
</div>
<hr>
<div class="row">
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Disposables</h3>
<p>
Create <a href="/doc/how-to-use-disposables/">disposables</a> on the fly that
self-destruct when shut down.
</p>
</div>
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Whonix integration</h3>
<p>
Run <a href="https://www.torproject.org/">Tor</a> securely system-wide
using <a href="https://www.whonix.org/wiki/Qubes">Whonix with Qubes</a>.
</p>
</div>
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Device isolation</h3>
<p>
Secure <a href="/doc/device-handling/">device handling</a> through
isolation of network cards and USB controllers.
</p>
</div>
</div>
<hr>
<div class="row">
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Split GPG</h3>
<p>
Utilize <a href="/doc/split-gpg/">Split GPG</a> to keep your private keys
safe.
</p>
</div>
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>CTAP proxy</h3>
<p>
Operate <a href="/doc/ctap-proxy/">Qubes CTAP proxy</a> to use your
two-factor authentication devices without exposing your web browser to the
full USB stack.
</p>
</div>
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Open-source</h3>
<p>
Users are free to use, copy, and modify Qubes OS and
<a href="/doc/contributing/">are encouraged to do so!</a>
</p>
</div>
</div>
<div class="alert alert-info more-bottom" role="alert">
<i class="fa fa-info-circle"></i>
<b>Note:</b> Given the technical nature of Qubes OS, prior experience with
Linux can be helpful.
</div>
<h2 class="more-bottom">Why Qubes OS?</h2>
<a id = "why-qubes-os"></a>
<h3>Physical isolation is a given safeguard that the digital world lacks</h3>
<div class="row">
<div class="col-lg-6 col-md-6 text-left">
<p>
Throughout our lives, we engage in various activities, such as going to
school, working, voting, taking care of our families, and visiting with
friends. These activities are spatially and temporally bound: They happen
in isolation from one another, in their own compartments, which often
represent an essential safeguard, as in the case of voting.
</p>
<p>
In our digital lives, the situation is quite different: All of our
activities typically happen on a single device. This causes us to worry
about whether it's safe to click on a link or install an app, since being
hacked imperils our entire digital existence.
</p>
<p>
Qubes eliminates this concern by allowing us to divide a device into many
compartments, much as we divide a physical building into many rooms.
Better yet, it allows us to create new compartments whenever we need them,
and it gives us sophisticated tools for securely managing our activities
and data across these compartments.
</p>
</div>
<div class="col-lg-6 col-md-6">
<a href="/attachment/doc/r4.0-qubes-manager.png">
<img src="/attachment/doc/r4.0-qubes-manager.png"
class="center-block more-bottom" alt="Qube Manager">
</a>
</div>
</div>
<h3>Qubes allows you to compartmentalize your digital life</h3>
<div class="row">
<div class="col-lg-6 col-md-6">
<a href="/attachment/site/qubes-partition-data-flows.jpg">
<img src="/attachment/site/qubes-partition-data-flows.jpg"
class="center-block more-bottom" alt="Compartmentalization example">
</a>
</div>
<div class="col-lg-6 col-md-6 text-left center-block">
<p>
Many of us are initially surprised to learn that our devices do not
support the kind of secure compartmentalization that our lives demand, and
we're disappointed that software vendors rely on generic defenses that
repeatedly succumb to new attacks.
</p>
<p>
In building Qubes, our working assumption is that all software contains
bugs. Not only that, but in their stampeding rush to meet deadlines, the
world's stressed-out software developers are pumping out new code at a
staggering rate &mdash; far faster than the comparatively smaller
population of security experts could ever hope to analyze it for
vulnerabilities, much less fix everything. Rather than pretend that we can
prevent these inevitable vulnerabilities from being exploited, we've
designed Qubes under the assumption that they <em>will</em> be exploited.
It's only a matter of time until the next zero-day attack.
</p>
<p>
In light of this sobering reality, Qubes takes an eminently practical
approach: confine, control, and contain the damage. It allows you to keep
valuable data separate from risky activities, preventing
cross-contamination. This means you can do everything on the same
physical computer without having to worry about a single successful
cyberattack taking down your entire digital life in one fell swoop. In
fact, Qubes has
<a href="https://invisiblethingslab.com/resources/2014/Software_compartmentalization_vs_physical_separation.pdf">
distinct advantages over physical air gaps</a>.
</p>
</div>
</div>
<h3>Made to support vulnerable users and power users alike</h3>
<div class="row">
<div class="col-lg-6 col-md-6 text-left">
<p>
Qubes provides practical, usable security to vulnerable and
actively-targeted individuals, such as journalists, activists,
whistleblowers, and researchers. Qubes is designed with the understanding
that people make mistakes, and it allows you to protect yourself from your
own mistakes. It's a place where you can click on links, open attachments,
plug in devices, and install software free from worry. It's a place where
<em>you</em> have control over your software, not the other way around.
(See some <a href="/doc/how-to-organize-your-qubes/">examples of how
different types of users organize their qubes</a>.)
</p>
<p>
Qubes is also powerful. Organizations like the <a
href="https://securedrop.org/news/piloting-securedrop-workstation-qubes-os/">Freedom
of the Press Foundation</a>, <a
href="https://twitter.com/mullvadnet/status/631010362083643392">Mullvad</a>,
and <a
href="https://twitter.com/letsencrypt/status/1239934557710737410">Let's
Encrypt</a> rely on Qubes as they build and maintain critical privacy and
security internet technologies that are in turn relied upon by countless
users around the world every day. Renowned security <a
href="/endorsements/">experts</a> like Edward Snowden, Daniel J. Bernstein,
Micah Lee, Christopher Soghoian, Isis Agora Lovecruft, Peter Todd, Bill
Budington, and Kenn White use and recommend Qubes.
</p>
<p>
Qubes is one of the few operating systems that places the security of
its users above all else. It is, and always will be, free and open-source
software, because the fundamental operating system that constitutes the
core infrastructure of our digital lives <em>must</em> be free and
open-source in order to be trustworthy.
</p>
</div>
<div class="col-lg-6 col-md-6">
<a href="/attachment/doc/r4.0-snapshot12.png">
<img src="/attachment/doc/r4.0-snapshot12.png"
class="center-block more-bottom" alt="Qubes desktop screenshot">
</a>
</div>
</div>
<hr class="add-top more-bottom">
<div class="row more-bottom">
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Video Tours</h3>
<p>
Want to see Qubes OS in action? Sit back and watch a guided tour!
</p>
<a href="/video-tours/" class="btn btn-primary more-bottom">
<i class="fa fa-play-circle"></i> Video Tours
</a>
</div>
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Screenshots</h3>
<p>
See what using Qubes actually looks like with these screenshots of various
applications running in Qubes.
</p>
<a href="/screenshots/" class="btn btn-primary more-bottom">
<i class="fa fa-picture-o"></i> Screenshots
</a>
</div>
<div class="col-lg-4 col-md-4 col-xs-12">
<h3>Getting Started</h3>
<p>
Ready to get started with Qubes? Here's what you need to know after
installing.
</p>
<a href="/doc/getting-started/" class="btn btn-primary more-bottom">
<i class="fa fa-cubes"></i> Getting Started
</a>
</div>
</div>
<h2>More information</h2>
<p>
This page is just a brief introduction to what Qubes is all about, and many
technical details have been omitted here for the sake of presentation.
<ul>
<li>
If you're a current or potential Qubes user, you may want to check out the
<a href="/doc/">documentation</a> and the
<a href="/faq/#users">user FAQ</a>.
</li>
<li>
If you're a developer, there's dedicated
<a href="/doc/#developer-documentation">developer documentation</a> and a
<a href="/faq/#developers">developer FAQ</a> just for you.
</li>
<li>
Ready to give Qubes a try? Head on over to the
<a href="/downloads/">downloads</a> page, and read the
<a href="/doc/installation-guide">installation guide</a>.
</li>
<li>
Need help, or just want to join the conversation? Learn more about
<a href="/support/">help, support, the mailing lists, and the forum</a>.
</li>
</ul>
</p>

195
introduction/intro.rst Normal file
View file

@ -0,0 +1,195 @@
============
Introduction
============
What is Qubes OS?
----------------
Qubes OS is a free and open-source, security-oriented operating system for
single-user desktop computing. Qubes OS `leverages Xen-based virtualization <https://wiki.xen.org/wiki/Xen_Project_Software_Overview>`__ to allow for the creation and management of isolated compartments called :ref:`qubes <user/reference/glossary:qube>`.
These qubes, which are implemented as :ref:`virtual machines (VMs)<user/reference/glossary:vm>`, have specific:
- **Purposes:** with a predefined set of one or many isolated
applications, for personal or professional projects, to manage the
:doc:`network stack </developer/system/networking>`, :doc:`the firewall </user/security-in-qubes/firewall>`, or to fulfill other
user-defined purposes.
- **Natures:** :doc:`full-fledged </user/advanced-topics/standalones-and-hvms>` or
:doc:`stripped-down </introduction/getting-started/>` virtual machines based on popular operating systems,
such as :doc:`Fedora </user/templates/fedora/fedora>`, :doc:`Debian </user/templates/debian/debian>`, and
`Windows <https://github.com/Qubes-Community/Contents/blob/master/docs/os/windows/windows.md>`__.
- **Levels of trust:** from complete to non-existent. All windows are displayed in a unified desktop environment with
:doc:`unforgeable colored window borders </introduction/getting-started>` so that different security levels are easily identifiable.
.. figure:: /attachment/site/qubes-trust-level-architecture.png
:alt: Qubes system diagram
.. note::
**Note:** See our :doc:`glossary </user/reference/glossary>` and :doc:`FAQ </introduction/faq>` for more information.
Features
--------
- **Strong isolation** Isolate different pieces of software as if they were installed on separate
physical machines using advanced virtualization techniques.
- **Template system** Use :ref:`app qubes <user/reference/glossary:app qube>` to
share a root file system without sacrificing security using the innovative
:doc:`Template system </user/templates/templates>`.
- **Multiple operating systems** Use multiple operating systems at the same time, including
:doc:`Fedora </user/templates/fedora/fedora>`, :doc:`Debian </user/templates/debian/debian/>`, and
`Windows <https://github.com/Qubes-Community/Contents/blob/master/docs/os/windows/windows.md>`__
- **Disposables** Create :doc:`disposables </user/how-to-guides/how-to-use-disposables>` on the fly that self-destruct when shut down.
- **Whonix integration** Run `Tor <https://www.torproject.org/>`__ securely system-wide using `Whonix with Qubes <https://www.whonix.org/wiki/Qubes>`__.
- **Device isolation** Secure :doc:`device handling </user/how-to-guides/how-to-use-devices>` through isolation of network cards and USB controllers.
- **Split GPG** Utilize :doc:`Split GPG </user/security-in-qubes/split-gpg>` to keep your private keys safe.
- **CTAP proxy** Operate :doc:`Qubes CTAP proxy </user/security-in-qubes/ctap-proxy>` to use your two-factor authentication devices without exposing your web browser to the full USB stack.
- **Open-source** Users are free to use, copy, and modify Qubes OS and :doc:`are encouraged to do so! </introduction/contributing>`
.. note::
**Note:** Given the technical nature of Qubes OS, prior experience with Linux can be helpful.
Why Qubes OS?
------------
Physical isolation is a given safeguard that the digital world lacks
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Throughout our lives, we engage in various activities, such as going to
school, working, voting, taking care of our families, and visiting with
friends. These activities are spatially and temporally bound: They happen
in isolation from one another, in their own compartments, which often
represent an essential safeguard, as in the case of voting.
In our digital lives, the situation is quite different: All of our
activities typically happen on a single device. This causes us to worry
about whether it's safe to click on a link or install an app, since being
hacked imperils our entire digital existence.
Qubes eliminates this concern by allowing us to divide a device into many
compartments, much as we divide a physical building into many rooms.
Better yet, it allows us to create new compartments whenever we need them,
and it gives us sophisticated tools for securely managing our activities
and data across these compartments.
.. figure:: /attachment/doc/r4.0-qubes-manager.png
:alt: Qubes manager
Qubes allows you to compartmentalize your digital life
------------------------------------------------------
.. figure:: /attachment/site/qubes-partition-data-flows.jpg
:alt: Compartmentalization example
Many of us are initially surprised to learn that our devices do not
support the kind of secure compartmentalization that our lives demand, and
we're disappointed that software vendors rely on generic defenses that
repeatedly succumb to new attacks.
In building Qubes, our working assumption is that all software contains
bugs. Not only that, but in their stampeding rush to meet deadlines, the
world's stressed-out software developers are pumping out new code at a
staggering rate - far faster than the comparatively smaller
population of security experts could ever hope to analyze it for
vulnerabilities, much less fix everything. Rather than pretend that we can
prevent these inevitable vulnerabilities from being exploited, we've
designed Qubes under the assumption that they **will** be exploited.
It's only a matter of time until the next zero-day attack.
In light of this sobering reality, Qubes takes an eminently practical
approach: confine, control, and contain the damage. It allows you to keep
valuable data separate from risky activities, preventing
cross-contamination. This means you can do everything on the same
physical computer without having to worry about a single successful
cyberattack taking down your entire digital life in one fell swoop. In
fact, Qubes has `distinct advantages over physical air gaps <https://invisiblethingslab.com/resources/2014/Software_compartmentalization_vs_physical_separation.pdf>`__.
Made to support vulnerable users and power users alike
-----------------------------------------------------
Qubes provides practical, usable security to vulnerable and
actively-targeted individuals, such as journalists, activists,
whistleblowers, and researchers. Qubes is designed with the understanding
that people make mistakes, and it allows you to protect yourself from your
own mistakes. It's a place where you can click on links, open attachments,
plug in devices, and install software free from worry. It's a place where
**you** have control over your software, not the other way around.
(See some :doc:`examples of how different types of users organize their qubes </user/how-to-guides/how-to-organize-your-qubes>`.)
Qubes is also powerful. Organizations like the `Freedom of the Press Foundation <https://securedrop.org/news/piloting-securedrop-workstation-qubes-os>`__,
`Mullvad <https://twitter.com/mullvadnet/status/631010362083643392>`__,
and `Let's Encrypt <https://twitter.com/letsencrypt/status/1239934557710737410>`__
rely on Qubes as they build and maintain critical privacy and
security internet technologies that are in turn relied upon by countless
users around the world every day. Renowned security `experts <https://qubes-os.org/endorsements/>`__ like Edward Snowden, Daniel J. Bernstein,
Micah Lee, Christopher Soghoian, Isis Agora Lovecruft, Peter Todd, Bill
Budington, and Kenn White use and recommend Qubes.
Qubes is one of the few operating systems that places the security of
its users above all else. It is, and always will be, free and open-source
software, because the fundamental operating system that constitutes the
core infrastructure of our digital lives **must** be free and
open-source in order to be trustworthy.
.. figure:: /attachment/doc/r4.0-snapshot12.png
:alt: Qubes desktop screenshot
Video Tours
~~~~~~~~~~~
Want to see Qubes OS in action? Sit back and watch a guided :doc:`tour! </introduction/video-tours/>`
Screenshots
~~~~~~~~~~~
See what using Qubes actually looks like with these :doc:`screenshots </introduction/screenshots/>` of various
applications running in Qubes.
Getting Started
~~~~~~~~~~~~~~~
Ready to get started with Qubes? :doc:`Here's </introduction/getting-started>` what you need to know after installing.
More information
----------------
This page is just a brief introduction to what Qubes is all about, and
many technical details have been omitted here for the sake of
presentation.
- If youre a current or potential Qubes user, you may want to check out the :doc:`documentation </index>` and the :ref:`user FAQ <introduction/faq:users>`.
- If youre a developer, theres dedicated :ref:`developer documentation <index:developer documentation>` and a :ref:`developer FAQ <introduction/faq:developers>` just for you.
- Ready to give Qubes a try? Head on over to the `downloads page <https://www.qubes-os.org/downloads/>`__, and read the :doc:`installation guide </user/downloading-installing-upgrading/installation-guide>`.
- Need help, or just want to join the conversation? Learn more about :doc:`help, support, the mailing lists, and the forum </introduction/support>`.

223
introduction/issue-tracking.md
View file

@ -1,223 +0,0 @@
---
lang: en
layout: doc
permalink: /doc/issue-tracking/
redirect_from:
- /doc/reporting-bugs/
- /en/doc/reporting-bugs/
- /doc/BugReportingGuide/
- /wiki/BugReportingGuide/
- /reporting-bugs/
- /bug/
- /bugs/
- /bug-report/
- /bug-reports/
ref: 121
title: Issue tracking
---
We use [GitHub Issues](https://docs.github.com/en/issues) as our [issue tracking system](https://en.wikipedia.org/wiki/Issue_tracking_system). All issues pertaining to the Qubes OS Project (including auxiliary infrastructure such as this website) are tracked in [qubes-issues](https://github.com/QubesOS/qubes-issues/issues).
## How to open a new issue
First, let's make sure the issue tracker is the right place.
### I need help, have a question, or want to discuss something.
We're happy to help, answer questions, and have discussions, but the issue tracker is not the right place for these activities. Instead, please see [Help, Support, Mailing Lists, and Forum](/support/).
### I see something that should be changed in the documentation.
We encourage you to submit the change yourself! Please see the [how to edit the documentation](/doc/how-to-edit-the-documentation/) for instructions on how to do so. If it's something you can't do yourself, please proceed to open an issue.
### I would like to report a security vulnerability.
Thank you! If the vulnerability is confidential, please do not report it in our public issue tracker. Instead, please see [Reporting Security Issues in Qubes OS](/security/#reporting-security-issues-in-qubes-os).
### I still want to open an issue.
Great! Thank you for taking the time and effort to help improve Qubes! To ensure the process is efficient and productive for everyone involved, please follow these steps:
1. Carefully read our issue tracking [guidelines](#guidelines). If your issue would violate any of the guidelines, **stop**. Please do not submit it.
2. [Search through the existing issues](#search-tips), both open and closed, to see if your issue already exists. If it does, **stop**. [Do not open a duplicate.](/doc/issue-tracking/#new-issues-should-not-be-duplicates-of-existing-issues) Instead, comment on the existing issue.
3. Go [here](https://github.com/QubesOS/qubes-issues/issues/new/choose).
4. Select the [type](#types) of issue you want to open.
5. Enter a descriptive title.
6. Do not delete the provided issue template. Fill out every applicable section.
7. Make sure to mention any relevant documentation and other issues you've already seen. We don't know what you've seen unless you tell us. If you don't list it, we'll assume you haven't seen it.
8. If any sections of the issue template are *truly* not applicable, you may remove them.
9. Submit your issue.
10. Respond to any questions the official team asks. For example, you may be asked to provide specific logs or other additional information.
Eventually, your issue may be closed. See [how issues get closed](/doc/issue-tracking/#how-issues-get-closed) for details about when, why, and how this occurs.
## How issues are organized
Issues can have several different properties and be organized in various ways. This section explains how we use labels, issue types, projects, and other features of GitHub's issue tracking system in order to keep [qubes-issues](https://github.com/QubesOS/qubes-issues/issues) organized.
### Labels
When an issue is first created, it will receive the `P: default` (i.e., default priority) [label](https://github.com/QubesOS/qubes-issues/labels) automatically. After an issue has been created, only Qubes team members have permission to modify labels. Many labels have descriptions on them that can be viewed by hovering over them or on the [list of labels](https://github.com/QubesOS/qubes-issues/labels). Let's go over some of the most important ones.
#### Priority
There are several issue **priority** levels ranging from `P: minor` to `P: blocker` (see [here](https://github.com/QubesOS/qubes-issues/labels?q=P%3A) for the full list). Every open issue should have exactly one priority. An open issue should not have more than one priority, and it should not lack a priority entirely. See [here](/doc/version-scheme/#bug-priorities) for details about how the developers use these priorities.
#### Component
There are many **component** labels, each beginning with `C:` (see [here](https://github.com/QubesOS/qubes-issues/labels?q=C%3A) for the full list). Every open issue should have at least one component. An open issue may have more than one component, but it should not lack a component entirely. When no other component applies, use `C: other`.
#### Affected release
A label of the form `affects-<RELEASE_NUMBER>` indicates that an issue affects the corresponding Qubes OS release. An issue can have more than one of these labels if it affects multiple releases.
### Types
There are three issue [types](https://docs.github.com/en/issues/tracking-your-work-with-issues/configuring-issues/managing-issue-types-in-an-organization): Bug, Feature, and Task.
- **Bug** --- An unexpected problem or behavior
- **Feature** --- A request, idea, or new functionality
- **Task** --- A specific piece of work
Every open issue should have exactly one type. **Bug** reports are for problems in things that already exist. If something doesn't exist yet, but you think it ought to exist, then that issue should instead be a **Feature** request. If something already exists, but you think it could be improved in some way, that also qualifies as a **Feature** request. The **Task** type is for issues that are actionable but that fall under neither the **Bug** nor **Feature** types.
### Projects
According to GitHub, a [project](https://docs.github.com/en/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects) is "an adaptable spreadsheet, task-board, and road map that integrates with your issues and pull requests on GitHub to help you plan and track your work effectively." The issue tracker has several [projects](https://github.com/QubesOS/qubes-issues/projects). Github projects allows more detailed issue states, and also attaching more metadata to issues. They also allow more focused view.
There is a special project in Qubes OS project: the [Current team tasks project](https://github.com/orgs/QubesOS/projects/19/views/1) which represents current work of the core team. Issues in this project's **backlog** section are not yet ready for work - they might be waiting for clarifications, blockers, decisions on priorities etc. Issues that are **ready** can be picked up by any team member. There should not be too many issues in **ready** column to decrease confusion and decision paralysis - good number is around 20. The **in review** state means that the developer is finished with the work (the completion state has been reached) - if something has to be postponed or abandoned, a justification should be posted in issue discussion.
### Meta-issues
A meta-issue is an issue that serves primarily to collect and organize a group of other issues. This group of other issues typically exists in a hierarchy of [sub-issues](https://docs.github.com/en/issues/tracking-your-work-with-issues/using-issues/adding-sub-issues), usually with the meta-issue at the top. (For example, we use meta-issues when we need a way to track work on specific features. We cannot use [projects](#projects) for this, because we already use a project for tracking the work of the Qubes team as a whole, and projects cannot contain milestones or other projects.)
Meta-issues should have informative descriptions, not just lists of issues. In particular, each meta-issue should explain its goal, what is in scope, and what the relevant categories and priorities are.
In addition, meta-issues should have clear, concrete, and actionable criteria for when they will be closed. Meta-issues should never be "open-ended" or expected to stay open indefinitely. If this ever becomes unclear, the meta-issue should be closed until it becomes clear.
## Search tips
- [Search both open and closed issues.](https://github.com/QubesOS/qubes-issues/issues?utf8=%E2%9C%93&q=is%3Aissue) For example, you may be experiencing a bug that was just fixed, in which case the report for that bug is probably closed. In this case, it would be useful to view [all bug reports, both open and closed, with the most recently updated sorted to the top](https://github.com/QubesOS/qubes-issues/issues?q=label%3A%22T%3A+bug%22+sort%3Aupdated-desc).
- [Search with labels.](https://github.com/QubesOS/qubes-issues/labels) For example, you can search issues by priority ([blocker](https://github.com/QubesOS/qubes-issues/labels/P%3A%20blocker), [critical](https://github.com/QubesOS/qubes-issues/labels/P%3A%20critical), [major](https://github.com/QubesOS/qubes-issues/labels/P%3A%20major), etc.) and by component ([core](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aopen+is%3Aissue+label%3A%22C%3A+core%22), [manager/widget](https://github.com/QubesOS/qubes-issues/issues?utf8=%E2%9C%93&q=is%3Aopen+is%3Aissue+label%3A%22C%3A+manager%2Fwidget%22+), [Xen](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aopen+is%3Aissue+label%3A%22C%3A+Xen%22), etc.).
- Search by closure reason: [`reason:completed`](https://github.com/QubesOS/qubes-issues/issues?q=reason%3Acompleted) and [`reason:"not planned"`](https://github.com/QubesOS/qubes-issues/issues?q=reason%3A%22not+planned%22).
- [Search by project](https://github.com/QubesOS/qubes-issues/projects).
## Guidelines
### The issue tracker is not a discussion forum
The issue tracker is a tool to help the developers be more productive and efficient in their work. It is not a place for discussion. If you wish to discuss something in the issue tracker, please do so on the forum or mailing lists (see [Help, Support, Mailing Lists, and Forum](/support/)). You can simply link to the relevant issue in your discussion post.
This guideline is important for keeping issues focused on *actionable information*, which helps the developers to stay focused on their work. When developers come back to an issue to work on it, we do not want them to have to sift through a large number of unnecessary comments before they can get started. In many cases, an issue that gets "too big" essentially becomes more trouble than it's worth, and no developer will touch it (also see [every issue must be about a single, actionable thing](#every-issue-must-be-about-a-single-actionable-thing)). In these cases, we sometimes have to close the issue and open a new one. This is a waste of energy for everyone involved, so we ask that everyone help to avoid repeating this pattern.
### Do not submit questions
[qubes-issues](https://github.com/QubesOS/qubes-issues/issues) is not the place to ask questions. This includes, but is not limited to, troubleshooting questions and questions about how to do things with Qubes. Instead, see [Help, Support, Mailing Lists, and Forum](/support/) for appropriate places to ask questions. By contrast, [qubes-issues](https://github.com/QubesOS/qubes-issues/issues) is meant for tracking more general bugs, enhancements, and tasks that affect a broad range of Qubes users.
### Use the issue template
When you open a new issue, an issue template is provided for you. Please use it. Do not delete it. The issue template is carefully designed to elicit important information. Without this information, the issue is likely to be incomplete. (If certain sections are not applicable, you may remove them, but please do so only sparingly and only if they are *truly* not applicable.)
It is also important to note the placement and content of the HTML comments in the issue template. These help us to have issues with a consistent format.
### Every issue must be about a single, actionable thing
If your issue is not actionable, please see [Help, Support, Mailing Lists, and Forum](/support/) for the appropriate place to post it. If your issue would be about more than one thing, file them as separate issues instead. This means we should generally not try to use a single issue as a "meta" or "epic" issue that exists only to group, contain, or track other issues. Instead, when there is a need to group multiple related issues together, use [projects](https://github.com/QubesOS/qubes-issues/projects).
This guideline is extremely important for making the issue tracker a useful tool for the developers. When an issue is too big and composite, it becomes intractable and drastically increases the likelihood that nothing will get done. Such issues also tend to encourage an excessive amount of general discussion that is simply not appropriate for a technical issue tracker (see [the issue tracker is not a discussion forum](#the-issue-tracker-is-not-a-discussion-forum)).
### New issues should not be duplicates of existing issues
Before you submit an issue, check to see whether it has already been reported. Search through the existing issues -- both open and closed -- by typing your key words in the **Filters** box. If you find an issue that seems to be similar to yours, read through it. If you find an issue that is the same as or subsumes yours, leave a comment on the existing issue rather than filing a new one, even if the existing issue is closed. If an issue affects more than one Qubes version, we usually keep only one issue for all versions. The Qubes team will see your comment and reopen the issue, if appropriate. For example, you can leave a comment with additional information to help the maintainer debug it. Adding a comment will subscribe you to email notifications, which can be helpful in getting important updates regarding the issue. If you don't have anything to add but still want to receive email updates, you can click the "Subscribe" button at the side or bottom of the comments.
### Every issue must be of a single type
Every issue must be exactly one of the following types: a bug report (`bug`), a feature or improvement request (`enhancement`), or a task (`task`). Do not file multi-typed issues. Instead, file multiple issues of distinct types. The Qubes team will classify your issue according to its type.
### New issues should include all relevant information
When you file a new issue, you should be sure to include the version of Qubes you're using, as well as versions of related software packages ([how to copy information out of dom0](/doc/how-to-copy-from-dom0/)). If your issue is related to hardware, provide as many details as possible about the hardware. A great way to do this is by [generating and submitting a Hardware Compatibility List (HCL) report](/doc/how-to-use-the-hcl/#generating-and-submitting-new-reports), then linking to it in your issue. You may also need to use command-line tools such as `lspci`. If you're reporting a bug in a package that is in a [testing](/doc/testing/) repository, please reference the appropriate issue in the [updates-status](https://github.com/QubesOS/updates-status/issues) repository. Project maintainers really appreciate thorough explanations. It usually helps them address the problem more quickly, so everyone wins!
### There are no guarantees that your issue will be addressed
Keep in mind that [qubes-issues](https://github.com/QubesOS/qubes-issues/issues) is an issue tracker, not a support system. Creating a new issue is simply a way for you to submit an item for the Qubes team's consideration. It is up to the Qubes team to decide whether or how to address your issue, which may include closing the issue without taking any action on it. Even if your issue is kept open, however, you should not expect it to be addressed within any particular time frame, or at all. At the time of this writing, there are well over one thousand open issues in [qubes-issues](https://github.com/QubesOS/qubes-issues/issues). The Qubes team has its own roadmap and priorities, which will govern the manner and order in which open issues are addressed.
### Issues and comments must be written in English
If English is not your native language, you may post a machine translation. If you wish, you may also include the original non-English text in a [collapsible section](#use-collapsible-sections-for-long-nonessential-content).
### Use collapsible sections for long, nonessential content
On GitHub, create collapsible sections in Markdown like so:
```
<details>
<summary>Summary goes here. This line is optional.</summary>
Long, nonessential content goes here. You can put a code block here, but make sure to leave empty lines before and after the fence lines (```).
</details>
```
**Tip:** Use the "Preview" tab to make sure it renders correctly before posting.
## How issues get closed
If the Qubes developers make a code change that resolves an issue, then the issue will typically be [closed from the relevant commit or merged pull request (PR)](https://docs.github.com/en/issues/tracking-your-work-with-issues/creating-issues/linking-a-pull-request-to-an-issue).
### Bug reports
In the case of bugs, the package containing the change will move to the appropriate [testing](/doc/testing/) repository, then to the appropriate stable repository. If you so choose, you can test the fix while it's in the [testing](/doc/testing/) repository, or you can wait for it to land in the stable repository. If, after testing the fix, you find that it does not really fix the reported bug, please leave a comment on the issue explaining the situation. When you do, we will receive a notification and respond on the issue or reopen it (or both). Please **do not** create a duplicate issue or attempt to contact the developers individually about a problem.
### Resolution
In GitHub, an issue can be [closed as either `completed` or `not planned`](https://github.blog/changelog/2022-03-10-the-new-github-issues-march-10th-update/#%F0%9F%95%B5%F0%9F%8F%BD%E2%99%80%EF%B8%8F-issue-closed-reasons).
Being closed as `completed` means that the issue has been fixed (in the case of bugs) or done (in the case of enhancements and tasks). More precisely, it means that a commit containing the relevant work has been pushed. It takes time for this work to make its way into a package, which must then go through the [testing](/doc/testing/) process before finally landing in the relevant stable repository. Automated comments on the issue will announce when key events in this process occur.
Being closed as `not planned` means that the issue will *not* be fixed (in the case of bugs) or done (in the case of enhancements and tasks). When an issue is closed as `not planned`, we add a **resolution** label starting with `R:` that specifies the reason for the closure, such as `R: duplicate` or `R: cannot reproduce`. Each of these labels has a description that briefly explains the label. We also leave a comment containing a longer explanation for why the issue is being closed along with general information.
While issues that are closed as `not planned` get a more specific resolution label, issues that are closed as `completed` do not always get one, since the linked PRs, commits, automated messages, and the `completed` reason itself are often sufficient to convey all relevant information. For information about using closure reasons in searches, see [Search tips](#search-tips).
### Backports
Issues in GitHub can only be open or closed, but when it comes to bugs that affect multiple versions of Qubes OS, there are several possible states:
1. Not fixed yet
2. Fix developed but not yet committed (PR open)
3. Fix committed (PR merged), but update not yet pushed to any repo
4. Update pushed to testing repo for the most recent development version
5. Update pushed to stable repo for the most recent development version
6. Update backported to stable version(s) and pushed to the testing repo
7. Update pushed to stable repo of stable version(s)
We close issues at step 3. Then, as updates are released, the issue automatically gets the appropriate `current-testing` (`rX.Y-*-cur-test`) and `stable` (`rX.Y-*-stable`) labels. Based on these labels, it's possible to select issues waiting for step 6 (see [issues by release](https://github.com/QubesOS/qubes-issues#issues-by-release)).
Therefore, if you see that an issue is closed, but the fix is not yet available to you, be aware that it may be at an intermediate stage of this process between issue closure and the update being available in whichever repos you have enabled in whichever version of Qubes you're using.
In order to assist with this, we have a label called [backport pending](https://github.com/QubesOS/qubes-issues/labels/backport%20pending), which means, "The fix has been released for the testing release but is pending backport to the stable release." Our infrastructure will attempt to apply this label automatically, when appropriate, but it is not perfect, and the developers may need to adjust it manually.
### Understanding open and closed issues
Every issue is always in one of two states: open or closed, with open being the default. The **open** and **closed** states mean that, according to our available information at present, the issue in question either **is** or **is not** (respectively) actionable for the Qubes team. The open and closed states do not mean anything more than this, and it's important not to read anything else into them. It's also important to understand that closing an issue is, in effect, nothing more than changing a virtual tag on an issue. Closing an issue is never "final" in any sense, and it does not affect the issue itself in any other way. Issues can be opened and closed instantly with a single button press an unlimited number of times at no cost. In fact, since the open and closed states reflect our available information at present, one should expect these states to change back and forth as new information becomes available. Closed issues are fully searchable, just like open issues, and we explicitly instruct all users of the issue tracker to search *both* open *and* closed issues, which GitHub makes easy.
## Workflow and what do issue states mean
There are some rules we use when assigning issues and tagging them.
### Assigning issues
To avoid a situation where an issue is "dead" - assigned to someone who is not actively working on it - and to help the team organize their work, an issue should be assigned to a person who currently works on it, or will start working on it in a very near future (about a week or two). One person can have several issues assigned at the same time (for example they may be working on one another issue while waiting for review), but if an issue is no longer actively being worked on (for example when it's blocked by something else), it should be unassigned. At that point, if there is some partial work already done, there should be a comment about that, including link to the code (some WIP commit in some branch?) if applicable.
Issues should not be assigned as a todo-list several months in the future, or assigned to someone without their explicit confirmation that they are currently working on that issue or will start doing it shortly.
### Working on an issue
Every issue should involve a clear statement of success: when is the issue finished? It might not be clear to the person making the issue, especially if it's an enhancement request, but before work starts, the person working on the issue should make sure that it includes clear completion criteria in the description (via editing the description, if necessary). The completion criteria would ideally be a checklist, and consist of a list of pull requests/features, each preferably no more than two weeks of work. It's also important to remember tests and documentation should also be part of the issue, if applicable.
An issue should also have a rough estimate how much time it needs, if it's more than one-two days. Of course this might be updated later, if an issue turns out to be more (or maybe less) complicated than it has initially seemed.
When an issue is done (that is, the completion checklist has been completed), the issue should be moved to **ready** column in the *Current team tasks* project.

303
introduction/issue-tracking.rst Normal file
View file

@ -0,0 +1,303 @@
==============
Issue tracking
==============
We use `GitHub Issues <https://docs.github.com/en/issues>`__ as our `issue tracking system <https://en.wikipedia.org/wiki/Issue_tracking_system>`__. All issues pertaining to the Qubes OS Project (including auxiliary infrastructure such as this website) are tracked in `qubes-issues <https://github.com/QubesOS/qubes-issues/issues>`__.
How to open a new issue
-----------------------
First, lets make sure the issue tracker is the right place.
I need help, have a question, or want to discuss something.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Were happy to help, answer questions, and have discussions, but the issue tracker is not the right place for these activities. Instead, please see :doc:`Help, Support, Mailing Lists, and Forum </introduction/support>`.
I see something that should be changed in the documentation.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We encourage you to submit the change yourself! Please see the `how to edit the documentation <https://www.qubes-os.org/doc/how-to-edit-the-documentation/>`__ for instructions on how to do so. If its something you cant do yourself, please proceed to open an issue.
I would like to report a security vulnerability.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Thank you! If the vulnerability is confidential, please do not report it in our public issue tracker. Instead, please see :ref:`Reporting Security Issues in Qubes OS <project-security/security:reporting security issues in qubes os>`.
I still want to open an issue.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Great! Thank you for taking the time and effort to help improve Qubes! To ensure the process is efficient and productive for everyone involved, please follow these steps:
1. Carefully read our issue tracking `guidelines <#guidelines>`__. If your issue would violate any of the guidelines, **stop**. Please do not submit it.
2. `Search through the existing issues <#search-tips>`__, both open and closed, to see if your issue already exists. If it does, **stop**. :ref:`Do not open a duplicate. <introduction/issue-tracking:new issues should not be duplicates of existing issues>` Instead, comment on the existing issue.
3. Go `here <https://github.com/QubesOS/qubes-issues/issues/new/choose>`__.
4. Select the `type <#types>`__ of issue you want to open.
5. Enter a descriptive title.
6. Do not delete the provided issue template. Fill out every applicable section.
7. Make sure to mention any relevant documentation and other issues youve already seen. We dont know what youve seen unless you tell us. If you dont list it, well assume you havent seen it.
8. If any sections of the issue template are *truly* not applicable, you may remove them.
9. Submit your issue.
10. Respond to any questions the official team asks. For example, you may be asked to provide specific logs or other additional information.
Eventually, your issue may be closed. See :ref:`how issues get closed <introduction/issue-tracking:how issues get closed>` for details about when, why, and how this occurs.
How issues are organized
------------------------
Issues can have several different properties and be organized in various ways. This section explains how we use labels, issue types, projects, and other features of GitHubs issue tracking system in order to keep `qubes-issues <https://github.com/QubesOS/qubes-issues/issues>`__ organized.
Labels
^^^^^^
When an issue is first created, it will receive the ``P: default`` (i.e., default priority) `label <https://github.com/QubesOS/qubes-issues/labels>`__ automatically. After an issue has been created, only Qubes team members have permission to modify labels. Many labels have descriptions on them that can be viewed by hovering over them or on the `list of labels <https://github.com/QubesOS/qubes-issues/labels>`__. Lets go over some of the most important ones.
Priority
^^^^^^^^
There are several issue **priority** levels ranging from ``P: minor`` to ``P: blocker`` (see `here <https://github.com/QubesOS/qubes-issues/labels?q=P%3A>`__ for the full list). Every open issue should have exactly one priority. An open issue should not have more than one priority, and it should not lack a priority entirely. See :ref:`here <developer/releases/version-scheme:bug priorities>` for details about how the developers use these priorities.
Component
^^^^^^^^^
There are many **component** labels, each beginning with ``C:`` (see `here <https://github.com/QubesOS/qubes-issues/labels?q=C%3A>`__ for the full list). Every open issue should have at least one component. An open issue may have more than one component, but it should not lack a component entirely. When no other component applies, use ``C: other``.
Affected release
^^^^^^^^^^^^^^^^
A label of the form ``affects-<RELEASE_NUMBER>`` indicates that an issue affects the corresponding Qubes OS release. An issue can have more than one of these labels if it affects multiple releases.
Types
^^^^^
There are three issue `types <https://docs.github.com/en/issues/tracking-your-work-with-issues/configuring-issues/managing-issue-types-in-an-organization>`__: Bug, Feature, and Task.
- **Bug** — An unexpected problem or behavior
- **Feature** — A request, idea, or new functionality
- **Task** — A specific piece of work
Every open issue should have exactly one type. **Bug** reports are for problems in things that already exist. If something doesnt exist yet, but you think it ought to exist, then that issue should instead be a **Feature** request. If something already exists, but you think it could be improved in some way, that also qualifies as a **Feature** request. The **Task** type is for issues that are actionable but that fall under neither the **Bug** nor **Feature** types.
Projects
^^^^^^^^
According to GitHub, a `project <https://docs.github.com/en/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects>`__ is “an adaptable spreadsheet, task-board, and road map that integrates with your issues and pull requests on GitHub to help you plan and track your work effectively.” The issue tracker has several `projects <https://github.com/QubesOS/qubes-issues/projects>`__. Github projects allows more detailed issue states, and also attaching more metadata to issues. They also allow more focused view.
There is a special project in Qubes OS project: the `Current team tasks project <https://github.com/orgs/QubesOS/projects/19/views/1>`__ which represents current work of the core team. Issues in this projects **backlog** section are not yet ready for work - they might be waiting for clarifications, blockers, decisions on priorities etc. Issues that are **ready** can be picked up by any team member. There should not be too many issues in **ready** column to decrease confusion and decision paralysis - good number is around 20. The **in review** state means that the developer is finished with the work (the completion state has been reached) - if something has to be postponed or abandoned, a justification should be posted in issue discussion.
Meta-issues
^^^^^^^^^^^
A meta-issue is an issue that serves primarily to collect and organize a group of other issues. This group of other issues typically exists in a hierarchy of `sub-issues <https://docs.github.com/en/issues/tracking-your-work-with-issues/using-issues/adding-sub-issues>`__, usually with the meta-issue at the top. (For example, we use meta-issues when we need a way to track work on specific features. We cannot use `projects <#projects>`__ for this, because we already use a project for tracking the work of the Qubes team as a whole, and projects cannot contain milestones or other projects.)
Meta-issues should have informative descriptions, not just lists of issues. In particular, each meta-issue should explain its goal, what is in scope, and what the relevant categories and priorities are.
In addition, meta-issues should have clear, concrete, and actionable criteria for when they will be closed. Meta-issues should never be “open-ended” or expected to stay open indefinitely. If this ever becomes unclear, the meta-issue should be closed until it becomes clear.
Search tips
-----------
- `Search both open and closed issues. <https://github.com/QubesOS/qubes-issues/issues?utf8=%E2%9C%93&q=is%3Aissue>`__ For example, you may be experiencing a bug that was just fixed, in which case the report for that bug is probably closed. In this case, it would be useful to view `all bug reports, both open and closed, with the most recently updated sorted to the top <https://github.com/QubesOS/qubes-issues/issues?q=label%3A%22T%3A+bug%22+sort%3Aupdated-desc>`__.
- `Search with labels. <https://github.com/QubesOS/qubes-issues/labels>`__ For example, you can search issues by priority (`blocker <https://github.com/QubesOS/qubes-issues/labels/P%3A%20blocker>`__, `critical <https://github.com/QubesOS/qubes-issues/labels/P%3A%20critical>`__, `major <https://github.com/QubesOS/qubes-issues/labels/P%3A%20major>`__, etc.) and by component (`core <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aopen+is%3Aissue+label%3A%22C%3A+core%22>`__, `manager/widget <https://github.com/QubesOS/qubes-issues/issues?utf8=%E2%9C%93&q=is%3Aopen+is%3Aissue+label%3A%22C%3A+manager%2Fwidget%22+>`__, `Xen <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aopen+is%3Aissue+label%3A%22C%3A+Xen%22>`__, etc.).
- Search by closure reason: `reason:completed <https://github.com/QubesOS/qubes-issues/issues?q=reason%3Acompleted>`__ and `reason:"not planned" <https://github.com/QubesOS/qubes-issues/issues?q=reason%3A%22not+planned%22>`__.
- `Search by project <https://github.com/QubesOS/qubes-issues/projects>`__.
Guidelines
----------
The issue tracker is not a discussion forum
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The issue tracker is a tool to help the developers be more productive and efficient in their work. It is not a place for discussion. If you wish to discuss something in the issue tracker, please do so on the forum or mailing lists (see :doc:`Help, Support, Mailing Lists, and Forum </introduction/support>`). You can simply link to the relevant issue in your discussion post.
This guideline is important for keeping issues focused on *actionable information*, which helps the developers to stay focused on their work. When developers come back to an issue to work on it, we do not want them to have to sift through a large number of unnecessary comments before they can get started. In many cases, an issue that gets “too big” essentially becomes more trouble than its worth, and no developer will touch it (also see `every issue must be about a single, actionable thing <#every-issue-must-be-about-a-single-actionable-thing>`__). In these cases, we sometimes have to close the issue and open a new one. This is a waste of energy for everyone involved, so we ask that everyone help to avoid repeating this pattern.
Do not submit questions
^^^^^^^^^^^^^^^^^^^^^^^
`qubes-issues <https://github.com/QubesOS/qubes-issues/issues>`__ is not the place to ask questions. This includes, but is not limited to, troubleshooting questions and questions about how to do things with Qubes. Instead, see :doc:`Help, Support, Mailing Lists, and Forum </introduction/support>` for appropriate places to ask questions. By contrast, `qubes-issues <https://github.com/QubesOS/qubes-issues/issues>`__ is meant for tracking more general bugs, enhancements, and tasks that affect a broad range of Qubes users.
Use the issue template
^^^^^^^^^^^^^^^^^^^^^^
When you open a new issue, an issue template is provided for you. Please use it. Do not delete it. The issue template is carefully designed to elicit important information. Without this information, the issue is likely to be incomplete. (If certain sections are not applicable, you may remove them, but please do so only sparingly and only if they are *truly* not applicable.)
It is also important to note the placement and content of the HTML comments in the issue template. These help us to have issues with a consistent format.
Every issue must be about a single, actionable thing
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If your issue is not actionable, please see :doc:`Help, Support, Mailing Lists, and Forum </introduction/support>` for the appropriate place to post it. If your issue would be about more than one thing, file them as separate issues instead. This means we should generally not try to use a single issue as a “meta” or “epic” issue that exists only to group, contain, or track other issues. Instead, when there is a need to group multiple related issues together, use `projects <https://github.com/QubesOS/qubes-issues/projects>`__.
This guideline is extremely important for making the issue tracker a useful tool for the developers. When an issue is too big and composite, it becomes intractable and drastically increases the likelihood that nothing will get done. Such issues also tend to encourage an excessive amount of general discussion that is simply not appropriate for a technical issue tracker (see `the issue tracker is not a discussion forum <#the-issue-tracker-is-not-a-discussion-forum>`__).
New issues should not be duplicates of existing issues
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Before you submit an issue, check to see whether it has already been reported. Search through the existing issues both open and closed by typing your key words in the **Filters** box. If you find an issue that seems to be similar to yours, read through it. If you find an issue that is the same as or subsumes yours, leave a comment on the existing issue rather than filing a new one, even if the existing issue is closed. If an issue affects more than one Qubes version, we usually keep only one issue for all versions. The Qubes team will see your comment and reopen the issue, if appropriate. For example, you can leave a comment with additional information to help the maintainer debug it. Adding a comment will subscribe you to email notifications, which can be helpful in getting important updates regarding the issue. If you dont have anything to add but still want to receive email updates, you can click the “Subscribe” button at the side or bottom of the comments.
Every issue must be of a single type
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Every issue must be exactly one of the following types: a bug report (``bug``), a feature or improvement request (``enhancement``), or a task (``task``). Do not file multi-typed issues. Instead, file multiple issues of distinct types. The Qubes team will classify your issue according to its type.
New issues should include all relevant information
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
When you file a new issue, you should be sure to include the version of Qubes youre using, as well as versions of related software packages (:doc:`how to copy information out of dom0 </user/how-to-guides/how-to-copy-from-dom0>`). If your issue is related to hardware, provide as many details as possible about the hardware. A great way to do this is by :ref:`generating and submitting a Hardware Compatibility List (HCL) report <user/hardware/how-to-use-the-hcl:generating and submitting new reports>`, then linking to it in your issue. You may also need to use command-line tools such as ``lspci``. If youre reporting a bug in a package that is in a :doc:`testing </user/downloading-installing-upgrading/testing>` repository, please reference the appropriate issue in the `updates-status <https://github.com/QubesOS/updates-status/issues>`__ repository. Project maintainers really appreciate thorough explanations. It usually helps them address the problem more quickly, so everyone wins!
There are no guarantees that your issue will be addressed
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Keep in mind that `qubes-issues <https://github.com/QubesOS/qubes-issues/issues>`__ is an issue tracker, not a support system. Creating a new issue is simply a way for you to submit an item for the Qubes teams consideration. It is up to the Qubes team to decide whether or how to address your issue, which may include closing the issue without taking any action on it. Even if your issue is kept open, however, you should not expect it to be addressed within any particular time frame, or at all. At the time of this writing, there are well over one thousand open issues in `qubes-issues <https://github.com/QubesOS/qubes-issues/issues>`__. The Qubes team has its own roadmap and priorities, which will govern the manner and order in which open issues are addressed.
Issues and comments must be written in English
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If English is not your native language, you may post a machine translation. If you wish, you may also include the original non-English text in a `collapsible section <#use-collapsible-sections-for-long-nonessential-content>`__.
Use collapsible sections for long, nonessential content
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
On GitHub, create collapsible sections in Markdown like so:
.. code:: bash
<details>
<summary>Summary goes here. This line is optional.</summary>
Long, nonessential content goes here. You can put a code block here, but make sure to leave empty lines before and after the fence lines (```).
</details>
**Tip:** Use the “Preview” tab to make sure it renders correctly before posting.
How issues get closed
---------------------
If the Qubes developers make a code change that resolves an issue, then the issue will typically be `closed from the relevant commit or merged pull request (PR) <https://docs.github.com/en/issues/tracking-your-work-with-issues/creating-issues/linking-a-pull-request-to-an-issue>`__.
Bug reports
^^^^^^^^^^^
In the case of bugs, the package containing the change will move to the appropriate :doc:`testing </user/downloading-installing-upgrading/testing>` repository, then to the appropriate stable repository. If you so choose, you can test the fix while its in the :doc:`testing </user/downloading-installing-upgrading/testing>` repository, or you can wait for it to land in the stable repository. If, after testing the fix, you find that it does not really fix the reported bug, please leave a comment on the issue explaining the situation. When you do, we will receive a notification and respond on the issue or reopen it (or both). Please **do not** create a duplicate issue or attempt to contact the developers individually about a problem.
Resolution
^^^^^^^^^^
In GitHub, an issue can be `closed as either "completed" or "not planned" <https://github.blog/changelog/2022-03-10-the-new-github-issues-march-10th-update/#%F0%9F%95%B5%F0%9F%8F%BD%E2%99%80%EF%B8%8F-issue-closed-reasons>`__.
Being closed as ``completed`` means that the issue has been fixed (in the case of bugs) or done (in the case of enhancements and tasks). More precisely, it means that a commit containing the relevant work has been pushed. It takes time for this work to make its way into a package, which must then go through the :doc:`testing </user/downloading-installing-upgrading/testing>` process before finally landing in the relevant stable repository. Automated comments on the issue will announce when key events in this process occur.
Being closed as ``not planned`` means that the issue will *not* be fixed (in the case of bugs) or done (in the case of enhancements and tasks). When an issue is closed as ``not planned``, we add a **resolution** label starting with ``R:`` that specifies the reason for the closure, such as ``R: duplicate`` or ``R: cannot reproduce``. Each of these labels has a description that briefly explains the label. We also leave a comment containing a longer explanation for why the issue is being closed along with general information.
While issues that are closed as ``not planned`` get a more specific resolution label, issues that are closed as ``completed`` do not always get one, since the linked PRs, commits, automated messages, and the ``completed`` reason itself are often sufficient to convey all relevant information. For information about using closure reasons in searches, see `Search tips <#search-tips>`__.
Backports
^^^^^^^^^
Issues in GitHub can only be open or closed, but when it comes to bugs that affect multiple versions of Qubes OS, there are several possible states:
1. Not fixed yet
2. Fix developed but not yet committed (PR open)
3. Fix committed (PR merged), but update not yet pushed to any repo
4. Update pushed to testing repo for the most recent development version
5. Update pushed to stable repo for the most recent development version
6. Update backported to stable version(s) and pushed to the testing repo
7. Update pushed to stable repo of stable version(s)
We close issues at step 3. Then, as updates are released, the issue automatically gets the appropriate ``current-testing`` (``rX.Y-*-cur-test``) and ``stable`` (``rX.Y-*-stable``) labels. Based on these labels, its possible to select issues waiting for step 6 (see `issues by release <https://github.com/QubesOS/qubes-issues#issues-by-release>`__).
Therefore, if you see that an issue is closed, but the fix is not yet available to you, be aware that it may be at an intermediate stage of this process between issue closure and the update being available in whichever repos you have enabled in whichever version of Qubes youre using.
In order to assist with this, we have a label called `backport pending <https://github.com/QubesOS/qubes-issues/labels/backport%20pending>`__, which means, “The fix has been released for the testing release but is pending backport to the stable release.” Our infrastructure will attempt to apply this label automatically, when appropriate, but it is not perfect, and the developers may need to adjust it manually.
Understanding open and closed issues
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Every issue is always in one of two states: open or closed, with open being the default. The **open** and **closed** states mean that, according to our available information at present, the issue in question either **is** or **is not** (respectively) actionable for the Qubes team. The open and closed states do not mean anything more than this, and its important not to read anything else into them. Its also important to understand that closing an issue is, in effect, nothing more than changing a virtual tag on an issue. Closing an issue is never “final” in any sense, and it does not affect the issue itself in any other way. Issues can be opened and closed instantly with a single button press an unlimited number of times at no cost. In fact, since the open and closed states reflect our available information at present, one should expect these states to change back and forth as new information becomes available. Closed issues are fully searchable, just like open issues, and we explicitly instruct all users of the issue tracker to search *both* open *and* closed issues, which GitHub makes easy.
Workflow and what do issue states mean
--------------------------------------
There are some rules we use when assigning issues and tagging them.
Assigning issues
^^^^^^^^^^^^^^^^
To avoid a situation where an issue is “dead” - assigned to someone who is not actively working on it - and to help the team organize their work, an issue should be assigned to a person who currently works on it, or will start working on it in a very near future (about a week or two). One person can have several issues assigned at the same time (for example they may be working on one another issue while waiting for review), but if an issue is no longer actively being worked on (for example when its blocked by something else), it should be unassigned. At that point, if there is some partial work already done, there should be a comment about that, including link to the code (some WIP commit in some branch?) if applicable.
Issues should not be assigned as a todo-list several months in the future, or assigned to someone without their explicit confirmation that they are currently working on that issue or will start doing it shortly.
Working on an issue
^^^^^^^^^^^^^^^^^^^
Every issue should involve a clear statement of success: when is the issue finished? It might not be clear to the person making the issue, especially if its an enhancement request, but before work starts, the person working on the issue should make sure that it includes clear completion criteria in the description (via editing the description, if necessary). The completion criteria would ideally be a checklist, and consist of a list of pull requests/features, each preferably no more than two weeks of work. Its also important to remember tests and documentation should also be part of the issue, if applicable.
An issue should also have a rough estimate how much time it needs, if its more than one-two days. Of course this might be updated later, if an issue turns out to be more (or maybe less) complicated than it has initially seemed.
When an issue is done (that is, the completion checklist has been completed), the issue should be moved to **ready** column in the *Current team tasks* project.

97
introduction/privacy.md
View file

@ -1,97 +0,0 @@
---
lang: en
layout: doc
permalink: /privacy/
redirect_from:
- /en/privacy/
- /doc/privacy/
- /wiki/privacy/
ref: 243
title: Privacy policy
---
The short version is that we try to respect your privacy as much as possible.
We absolutely do not sell any user data. In fact, we go out of our way to help
you keep your data private from everyone, including us. For example, from the
moment you [install Qubes OS](/doc/installation-guide/), we offer to set up
[Whonix](https://www.whonix.org/) so that all of your updates are routed
through [Tor](https://www.torproject.org/).
## Website
For the legally-required boilerplate, see [Website Privacy
Policy](/website-privacy-policy/).
This is just a static website generated with Jekyll and hosted from GitHub
Pages. We try to use as little JavaScript as possible. We host all resources
locally (no third-party CDNs) so that you only have to connect to one domain.
This site should be easy to browse using Tor Browser and with scripts blocked.
We also have an [onion
service](http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/)
(access is not logged). We even go out of our way to make it easy to download
[this website's git repo](https://github.com/QubesOS/qubesos.github.io),
including all the website source code, so that you can host this entire site
from your own local machine offline. Better yet, we've specifically written all
of the [documentation](/doc/) in Markdown so that the plain text can be enjoyed
from the comfort of your terminal. Here's the
[repo](https://github.com/QubesOS/qubes-doc). (By the way, Git tags on our
repos are PGP-signed so you can [verify](/doc/verifying-signatures) the
authenticity of the content.) Obviously, we don't use any ads or trackers, but
this is still a public website, so man-in-the-middle attacks and such are
always a possibility. Please be careful. See [FAQ: Should I trust this
website?](/faq/#should-i-trust-this-website)
## Update Servers and Repositories
We provide repositories at <https://yum.qubes-os.org> and
<https://deb.qubes-os.org>.
We collect and store standard server access and error logs, which include IP
addresses. We use this data for generating [Qubes userbase
statistics](/statistics/) and for incident response.
The data is retained for up to three months so that we can re-calculate the
previous two months' statistics in case anything goes wrong. After that, the
data is deleted. We never sell the data to anyone or share it with any third
party.
If you would like to hide your IP address from us, we strongly encourage it and
are happy to help you do so! Simply choose the Whonix option to route all of
your updates over Tor when [installing Qubes OS](/doc/installation-guide/).
## Onion Services
We provide an [onion
service](http://www.qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion)
for the website and onion service mirrors of the repositories. Access to these
servers is not logged.
## Mirrors
There are also other third-party mirrors hosted by volunteers. These are used
both for [ISO downloads](/downloads/#mirrors) and
[updates](#update-servers-and-repositories). We have no control over what data
these mirrors collect or with whom they share it. Please see the privacy policy
of each respective mirror operator.
## Qubes OS
We have specifically designed Qubes OS so that it is not possible to collect
any data directly from Qubes OS installations. In other words, Qubes OS does
not have the ability to "phone home" and is intentionally architected to forbid
that from happening. This is mainly because we have ensured that dom0 has no
network access.
We don't want the ability to collect any data directly from Qubes OS
installations, because if anyone has that power, then the system is not secure.
We use Qubes OS ourselves as a daily driver for our work and personal
lives, so our interests are aligned with yours. We want privacy too!
Thankfully, Qubes OS is free and open-source software, so you don't have to
take our word for it.
Of course, third-party software (including other operating systems) running
inside of Qubes OS may not be as privacy-respecting, so please be mindful of
what you install. We have no control over such third-party software.
For more information, please see [FAQ: How does Qubes OS provide
privacy?](/faq/#how-does-qubes-os-provide-privacy)

50
introduction/privacy.rst Normal file
View file

@ -0,0 +1,50 @@
==============
Privacy policy
==============
The short version is that we try to respect your privacy as much as possible. We absolutely do not sell any user data. In fact, we go out of our way to help you keep your data private from everyone, including us. For example, from the moment you :doc:`install Qubes OS </user/downloading-installing-upgrading/installation-guide>`, we offer to set up `Whonix <https://www.whonix.org/>`__ so that all of your updates are routed through `Tor <https://www.torproject.org/>`__.
Website
-------
For the legally-required boilerplate, see `Website Privacy Policy <https://www.qubes-os.org/website-privacy-policy/>`__.
This is just a static website generated with Jekyll and hosted from GitHub Pages. We try to use as little JavaScript as possible. We host all resources locally (no third-party CDNs) so that you only have to connect to one domain. This site should be easy to browse using Tor Browser and with scripts blocked. We also have an `onion service <http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/>`__ (access is not logged). We even go out of our way to make it easy to download `this websites git repo <https://github.com/QubesOS/qubesos.github.io>`__, including all the website source code, so that you can host this entire site from your own local machine offline. Better yet, weve specifically written all of the :doc:`documentation </index>` in Markdown so that the plain text can be enjoyed from the comfort of your terminal. Heres the `repo <https://github.com/QubesOS/qubes-doc>`__. (By the way, Git tags on our repos are PGP-signed so you can :doc:`verify </project-security/verifying-signatures>` the authenticity of the content.) Obviously, we dont use any ads or trackers, but this is still a public website, so man-in-the-middle attacks and such are always a possibility. Please be careful. See :ref:`FAQ: Should I trust this website? <introduction/faq:should i trust this website?>`
Update Servers and Repositories
-------------------------------
We provide repositories at https://yum.qubes-os.org and https://deb.qubes-os.org.
We collect and store standard server access and error logs, which include IP addresses. We use this data for generating :doc:`Qubes userbase statistics </introduction/statistics>` and for incident response.
The data is retained for up to three months so that we can re-calculate the previous two months statistics in case anything goes wrong. After that, the data is deleted. We never sell the data to anyone or share it with any third party.
If you would like to hide your IP address from us, we strongly encourage it and are happy to help you do so! Simply choose the Whonix option to route all of your updates over Tor when :doc:`installing Qubes OS </user/downloading-installing-upgrading/installation-guide>`.
Onion Services
--------------
We provide an `onion service <http://www.qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion>`__ for the website and onion service mirrors of the repositories. Access to these servers is not logged.
Mirrors
-------
There are also other third-party mirrors hosted by volunteers. These are used both for `ISO downloads <https://www.qubes-os.org/downloads/#mirrors>`__ and `updates <#update-servers-and-repositories>`__. We have no control over what data these mirrors collect or with whom they share it. Please see the privacy policy of each respective mirror operator.
Qubes OS
--------
We have specifically designed Qubes OS so that it is not possible to collect any data directly from Qubes OS installations. In other words, Qubes OS does not have the ability to “phone home” and is intentionally architected to forbid that from happening. This is mainly because we have ensured that dom0 has no network access.
We dont want the ability to collect any data directly from Qubes OS installations, because if anyone has that power, then the system is not secure. We use Qubes OS ourselves as a daily driver for our work and personal lives, so our interests are aligned with yours. We want privacy too! Thankfully, Qubes OS is free and open-source software, so you dont have to take our word for it.
Of course, third-party software (including other operating systems) running inside of Qubes OS may not be as privacy-respecting, so please be mindful of what you install. We have no control over such third-party software.
For more information, please see :ref:`FAQ: How does Qubes OS provide privacy? <introduction/faq:how does qubes os provide privacy?>`

107
introduction/screenshots.md
View file

@ -1,107 +0,0 @@
---
lang: en
layout: site
permalink: /screenshots/
redirect_from:
- /media/
- /doc/QubesScreenshots/
- /wiki/QubesScreenshots/
ref: 123
title: Screenshots
---
[![r4.0-xfce-desktop.png](/attachment/doc/r4.0-xfce-desktop.png)](/attachment/doc/r4.0-xfce-desktop.png)
The default desktop environment is Xfce4.
* * * * *
[![r4.0-xfce-start-menu.png](/attachment/doc/r4.0-xfce-start-menu.png)](/attachment/doc/r4.0-xfce-start-menu.png)
Starting applications from different domains (AppVMs) is very easy.
* * * * *
[![r4.0-xfce-three-domains-at-work.png](/attachment/doc/r4.0-xfce-three-domains-at-work.png)](/attachment/doc/r4.0-xfce-three-domains-at-work.png)
In this example, the word processor runs in the “work” domain, which has been assigned the “blue” label. It is fully isolated from other domains, such as the “untrusted” domain (assigned the “red” label -- “Watch out!”, “Danger!”) used for random Web browsing, news reading, as well as from the "work-web" domain (assigned the "yellow" label), which is used for work-related Web browsing that is not security critical. Apps from different domains run in different AppVMs and have different X servers, filesystems, etc. Notice the different color frames (labels) and VM names in the titlebars. These are drawn by the trusted Window Manager running in Dom0, and apps running in domains cannot fake them:
* * * * *
[![r2b3-windows-seamless-1.png](/attachment/doc/r2b3-windows-seamless-1.png)](/attachment/doc/r2b3-windows-seamless-1.png)
Qubes Release 2 can also run Windows AppVMs in seamless mode, integrated onto the common Qubes trusted desktop, just like Linux AppVMs! The seamless GUI integration has been introduced in Qubes R2 Beta 3. This requires [Qubes Windows Tools](https://github.com/Qubes-Community/Contents/blob/master/docs/os/windows/windows-tools.md) to be installed in the Windows VMs first.
* * * * *
[![r2b3-windows-seamless-filecopy.png](/attachment/doc/r2b3-windows-seamless-filecopy.png)](/attachment/doc/r2b3-windows-seamless-filecopy.png)
Windows AppVMs are fully integrated with the rest of the Qubes OS system, which includes things such as secure, policy governed, inter-VM file copy, clipboard, and generally our whole elastic qrexec infrastructure for secure inter-VM RPC! Starting with Qubes R2 Beta 3 we also support HVM-based templates allowing to instantly create many Windows AppVMs with shared "root filesystem" from the Template VM (but one should ensure their license allows for such instantiation of the OS in the template). Just like with Linux AppVMs!
* * * * *
[![r4.0-xfce-programmers-desktop.png](/attachment/doc/r4.0-xfce-programmers-desktop.png)](/attachment/doc/r4.0-xfce-programmers-desktop.png)
Here we see Xfce4.14 Window Manager running in Dom0 (instead of KDE as on previous versions). Qubes supports customized Xfce4 in dom0 beginning with R2 Beta 2!
* * * * *
[![r4.0-password-prompt.png](/attachment/doc/r4.0-password-prompt.png)](/attachment/doc/r4.0-password-prompt.png)
It is always clearly visible to which domain a given window belongs. Here its immediately clear that the passphrase-prompting window belongs to some domain with the “blue” label. When we look at the titlebar, we see “[qubes]”, which is the name of the actual domain. Theoretically, the untrusted application (here, the red Tor Browser running in a DisposableVM) beneath the prompt window could draw a similar looking window within its contents. In practice, this would be very hard, because it doesnt know, e.g., the exact decoration style that is in use. However, if this is a concern, the user can simply try to move the more trusted window onto some empty space on the desktop such that no other window is present beneath it. Or, better yet, use the Expose-like effect (available via a hot-key). A malicious application from an untrusted domain cannot spoof the whole desktop because the trusted Window Manager will never let any domain “own” the whole screen. Its titlebar will always be visible.
* * * * *
[![r4.0-xfce-tray-icons.png](/attachment/doc/r4.0-xfce-tray-icons.png)](/attachment/doc/r4.0-xfce-tray-icons.png)
Qubes is all about seamless integration from the users point of view. Here you can see how it virtualizes tray icons from other domains. Notice the network icon is in red. This icon is in fact managed by the Network Manager running in a separate NetVM.
* * * * *
[![r4.0-manager-and-sysnet-network-prompt.png](/attachment/doc/r4.0-manager-and-sysnet-network-prompt.png)](/attachment/doc/r4.0-manager-and-sysnet-network-prompt.png)
All the networking runs in a special, unprivileged NetVM. (Notice the red frame around the Network Manager dialog box on the screen above.) This means that in the event that your network card driver, Wi-Fi stack, or DHCP client is compromised, the integrity of the rest of the system will not be affected! This feature requires Intel VT-d or AMD IOMMU hardware (e.g., Core i5/i7 systems)
* * * * *
[![r4.0-software-update.png](/attachment/doc/r4.0-software-update.png)](/attachment/doc/r4.0-software-update.png)
Qubes lets you update all the software in all the domains all at once, in a centralized way. This is possible thanks to Qubes' unique TemplateVM technology. Note that the user is not required to shut down any AppVMs (domains) for the update process. This can be done later, at a convenient moment, and separately for each AppVM.
* * * * *
[![r4.0-copy-paste.png](/attachment/doc/r4.0-copy-paste.png)](/attachment/doc/r4.0-copy-paste.png)
Qubes supports secure copy-and-paste operations between AppVMs. Only the user can initiate a copy or paste operation using a special key combination (Ctrl-Shift-C/V). Other AppVMs have no access to the clipboard buffer, so they cannot steal data from the clipboard. Only the user decides which AppVM should be given access to the clipboard. (This is done by selecting the destination AppVMs window and pressing the Ctrl-Shift-V combination.)
* * * * *
[!["r4.0-copy-to-other-appvm-1.png](/attachment/doc/r4.0-copy-to-other-appvm-1.png)](/attachment/doc/r4.0-copy-to-other-appvm-1.png) [![r4.0-copy-to-other-appvm-3.png](/attachment/doc/r4.0-copy-to-other-appvm-2.png)](/attachment/doc/r4.0-copy-to-other-appvm-2.png)
Qubes also supports secure file copying between AppVMs.
* * * * *
[![r4.0-open-in-dispvm-1.png](/attachment/doc/r4.0-open-in-dispvm-1.png)](/attachment/doc/r4.0-open-in-dispvm-1.png) [![r4.0-open-in-dispvm-2.png](/attachment/doc/r4.0-open-in-dispvm-2.png)](/attachment/doc/r4.0-open-in-dispvm-2.png)
Qubes' unique DisposableVMs (DispVMs) allow the user to open any file in a disposable VM in a matter of seconds! A file can be edited in a disposable VM, and any changes are projected back onto the original file. Currently, there is no way to mark files to be automatically opened in a disposable VM (one needs to right-click on the file and choose the "View in DisposableVM" or "Edit in DisposableVM" option), but this is planned for the R2 Beta 3 release.
* * * * *
[![r4.0-convert-to-trusted-pdf-1.png](/attachment/doc/r4.0-convert-to-trusted-pdf-1.png)](/attachment/doc/r4.0-convert-to-trusted-pdf-1.png) [![r4.1-converting-pdf.png](/attachment/doc/r4.1-converting-pdf.png)](/attachment/doc/r4.1-converting-pdf.png)
Qubes provides an advanced infrastructure for programming inter-VM services, such as a PDF converter for untrusted files (which is described in [this article](https://blog.invisiblethings.org/2013/02/21/converting-untrusted-pdfs-into-trusted.html)).
* * * * *
[![r4.0-manager-firewall.png](/attachment/doc/r4.0-manager-firewall.png)](/attachment/doc/r4.0-manager-firewall.png)
Qubes provides a dedicated firewall that itself runs in an isolated FirewallVM.
* * * * *
And some more screenshots:
[![r4.0-xfce-red-and-green-terminals.png](/attachment/doc/r4.0-xfce-red-and-green-terminals.png)](/attachment/doc/r4.0-xfce-red-and-green-terminals.png)
[![r2b3-windows-seamless-2.png](/attachment/doc/r2b3-windows-seamless-2.png)](/attachment/doc/r2b3-windows-seamless-2.png)

190
introduction/screenshots.rst Normal file
View file

@ -0,0 +1,190 @@
===========
Screenshots
===========
|r4.0-xfce-desktop.png|
The default desktop environment is Xfce4.
----
|r4.0-xfce-start-menu.png|
Starting applications from different domains (AppVMs) is very easy.
----
|r4.0-xfce-three-domains-at-work.png|
In this example, the word processor runs in the “work” domain, which has been assigned the “blue” label. It is fully isolated from other domains, such as the “untrusted” domain (assigned the “red” label “Watch out!”, “Danger!”) used for random Web browsing, news reading, as well as from the “work-web” domain (assigned the “yellow” label), which is used for work-related Web browsing that is not security critical. Apps from different domains run in different AppVMs and have different X servers, filesystems, etc. Notice the different color frames (labels) and VM names in the titlebars. These are drawn by the trusted Window Manager running in Dom0, and apps running in domains cannot fake them:
----
|r2b3-windows-seamless-1.png|
Qubes Release 2 can also run Windows AppVMs in seamless mode, integrated onto the common Qubes trusted desktop, just like Linux AppVMs! The seamless GUI integration has been introduced in Qubes R2 Beta 3. This requires `Qubes Windows Tools <https://github.com/Qubes-Community/Contents/blob/master/docs/os/windows/windows-tools.md>`__ to be installed in the Windows VMs first.
----
|r2b3-windows-seamless-filecopy.png|
Windows AppVMs are fully integrated with the rest of the Qubes OS system, which includes things such as secure, policy governed, inter-VM file copy, clipboard, and generally our whole elastic qrexec infrastructure for secure inter-VM RPC! Starting with Qubes R2 Beta 3 we also support HVM-based templates allowing to instantly create many Windows AppVMs with shared “root filesystem” from the Template VM (but one should ensure their license allows for such instantiation of the OS in the template). Just like with Linux AppVMs!
----
|r4.0-xfce-programmers-desktop.png|
Here we see Xfce4.14 Window Manager running in Dom0 (instead of KDE as on previous versions). Qubes supports customized Xfce4 in dom0 beginning with R2 Beta 2!
----
|r4.0-password-prompt.png|
It is always clearly visible to which domain a given window belongs. Here its immediately clear that the passphrase-prompting window belongs to some domain with the “blue” label. When we look at the titlebar, we see “[qubes]”, which is the name of the actual domain. Theoretically, the untrusted application (here, the red Tor Browser running in a DisposableVM) beneath the prompt window could draw a similar looking window within its contents. In practice, this would be very hard, because it doesnt know, e.g., the exact decoration style that is in use. However, if this is a concern, the user can simply try to move the more trusted window onto some empty space on the desktop such that no other window is present beneath it. Or, better yet, use the Expose-like effect (available via a hot-key). A malicious application from an untrusted domain cannot spoof the whole desktop because the trusted Window Manager will never let any domain “own” the whole screen. Its titlebar will always be visible.
----
|r4.0-xfce-tray-icons.png|
Qubes is all about seamless integration from the users point of view. Here you can see how it virtualizes tray icons from other domains. Notice the network icon is in red. This icon is in fact managed by the Network Manager running in a separate NetVM.
----
|r4.0-manager-and-sysnet-network-prompt.png|
All the networking runs in a special, unprivileged NetVM. (Notice the red frame around the Network Manager dialog box on the screen above.) This means that in the event that your network card driver, Wi-Fi stack, or DHCP client is compromised, the integrity of the rest of the system will not be affected! This feature requires Intel VT-d or AMD IOMMU hardware (e.g., Core i5/i7 systems)
----
|r4.0-software-update.png|
Qubes lets you update all the software in all the domains all at once, in a centralized way. This is possible thanks to Qubes unique TemplateVM technology. Note that the user is not required to shut down any AppVMs (domains) for the update process. This can be done later, at a convenient moment, and separately for each AppVM.
----
|r4.0-copy-paste.png|
Qubes supports secure copy-and-paste operations between AppVMs. Only the user can initiate a copy or paste operation using a special key combination (Ctrl-Shift-C/V). Other AppVMs have no access to the clipboard buffer, so they cannot steal data from the clipboard. Only the user decides which AppVM should be given access to the clipboard. (This is done by selecting the destination AppVMs window and pressing the Ctrl-Shift-V combination.)
----
|“r4.0-copy-to-other-appvm-1.png| |r4.0-copy-to-other-appvm-3.png|
Qubes also supports secure file copying between AppVMs.
----
|r4.0-open-in-dispvm-1.png| |r4.0-open-in-dispvm-2.png|
Qubes unique DisposableVMs (DispVMs) allow the user to open any file in a disposable VM in a matter of seconds! A file can be edited in a disposable VM, and any changes are projected back onto the original file. Currently, there is no way to mark files to be automatically opened in a disposable VM (one needs to right-click on the file and choose the “View in DisposableVM” or “Edit in DisposableVM” option), but this is planned for the R2 Beta 3 release.
----
|r4.0-convert-to-trusted-pdf-1.png| |r4.1-converting-pdf.png|
Qubes provides an advanced infrastructure for programming inter-VM services, such as a PDF converter for untrusted files (which is described in `this article <https://blog.invisiblethings.org/2013/02/21/converting-untrusted-pdfs-into-trusted.html>`__).
----
|r4.0-manager-firewall.png|
Qubes provides a dedicated firewall that itself runs in an isolated FirewallVM.
----
And some more screenshots:
|r4.0-xfce-red-and-green-terminals.png|
|r2b3-windows-seamless-2.png|
.. |r4.0-xfce-desktop.png| image:: /attachment/doc/r4.0-xfce-desktop.png
.. |r4.0-xfce-start-menu.png| image:: /attachment/doc/r4.0-xfce-start-menu.png
.. |r4.0-xfce-three-domains-at-work.png| image:: /attachment/doc/r4.0-xfce-three-domains-at-work.png
.. |r2b3-windows-seamless-1.png| image:: /attachment/doc/r2b3-windows-seamless-1.png
.. |r2b3-windows-seamless-filecopy.png| image:: /attachment/doc/r2b3-windows-seamless-filecopy.png
.. |r4.0-xfce-programmers-desktop.png| image:: /attachment/doc/r4.0-xfce-programmers-desktop.png
.. |r4.0-password-prompt.png| image:: /attachment/doc/r4.0-password-prompt.png
.. |r4.0-xfce-tray-icons.png| image:: /attachment/doc/r4.0-xfce-tray-icons.png
.. |r4.0-manager-and-sysnet-network-prompt.png| image:: /attachment/doc/r4.0-manager-and-sysnet-network-prompt.png
.. |r4.0-software-update.png| image:: /attachment/doc/r4.0-software-update.png
.. |r4.0-copy-paste.png| image:: /attachment/doc/r4.0-copy-paste.png
.. |“r4.0-copy-to-other-appvm-1.png| image:: /attachment/doc/r4.0-copy-to-other-appvm-1.png
.. |r4.0-copy-to-other-appvm-3.png| image:: /attachment/doc/r4.0-copy-to-other-appvm-2.png
.. |r4.0-open-in-dispvm-1.png| image:: /attachment/doc/r4.0-open-in-dispvm-1.png
.. |r4.0-open-in-dispvm-2.png| image:: /attachment/doc/r4.0-open-in-dispvm-2.png
.. |r4.0-convert-to-trusted-pdf-1.png| image:: /attachment/doc/r4.0-convert-to-trusted-pdf-1.png
.. |r4.1-converting-pdf.png| image:: /attachment/doc/r4.1-converting-pdf.png
.. |r4.0-manager-firewall.png| image:: /attachment/doc/r4.0-manager-firewall.png
.. |r4.0-xfce-red-and-green-terminals.png| image:: /attachment/doc/r4.0-xfce-red-and-green-terminals.png
.. |r2b3-windows-seamless-2.png| image:: /attachment/doc/r2b3-windows-seamless-2.png

59
introduction/statistics.md
View file

@ -1,59 +0,0 @@
---
lang: en
layout: site
permalink: /statistics/
redirect_from:
- /counter/
ref: 127
title: Statistics
---
<div class="center-block more-bottom">
<a href="https://tools.qubes-os.org/counter/stats.png">
<img src="https://tools.qubes-os.org/counter/stats.png" alt="Estimated Qubes OS userbase graph"/>
</a>
</div>
## FAQ
### How often is this graph updated?
Daily.
### Why is the bar for the current month so low?
Since the graph is updated daily, the bar for the current month will be very low at the start of the month and rise gradually until the end of the month.
### How is the userbase estimated?
We simply count the number of unique IPv4 addresses that connect to the Qubes update servers each month (except for Tor connections; see [below](#how-are-tor-users-counted)). (Note: Users who have manually configured their systems to bypass the metalink and connect directly to a mirror are not counted.)
### How are Tor users counted?
We estimate the number of Tor users as a proportion of the total number of *requests* from Tor exit nodes on the assumption that the proportion of users to requests is roughly the same for both clearnet and Tor users.
To be precise, the formula is:
```
tor_users = tor_requests * (plain_users / plain_requests)
```
Where:
- `tor_users` is the estimated number of Qubes users who download updates via Tor each month.
- `tor_requests` is the total number of requests the Qubes update servers receive from Tor exit nodes each month.
- `plain_users` is the number of unique clearnet IPv4 addresses that connect to the Qubes update servers each month.
- `plain_requests` is the total number of requests the Qubes update servers receive from clearnet IPv4 addresses each month.
We cross-reference the list of connecting IP addresses with [TorDNSEL's exit lists](https://metrics.torproject.org/collector.html#type-tordnsel) in order to distinguish Tor and clearnet IPs and requests.
For this purpose, we count an IP address as belonging to a Tor exit node if there was a Tor exit node active for that address within the 24-hour periods before or after it connected to the Qubes update servers.
### What kinds of data do you collect about Qubes users?
Please see our [Privacy Policy](/privacy/).
### Where can I find the raw data and source code?
The raw data is available [here](https://tools.qubes-os.org/counter/stats.json).
(This does not include any personally-identifying user data.)
Please note that the format of this data is not documented and may change any time if the developers feel the need to include something else.
The source code is available [here](https://github.com/woju/qubes-stats).

69
introduction/statistics.rst Normal file
View file

@ -0,0 +1,69 @@
==========
Statistics
==========
.. figure:: https://tools.qubes-os.org/counter/stats.png
:alt: Estimated Qubes OS userbase graph
FAQ
---
How often is this graph updated?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Daily.
Why is the bar for the current month so low?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Since the graph is updated daily, the bar for the current month will be very low at the start of the month and rise gradually until the end of the month.
How is the userbase estimated?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We simply count the number of unique IPv4 addresses that connect to the Qubes update servers each month (except for Tor connections; see `below <#how-are-tor-users-counted>`__). (**Note:** Users who have manually configured their systems to bypass the metalink and connect directly to a mirror are not counted.)
How are Tor users counted?
^^^^^^^^^^^^^^^^^^^^^^^^^^
We estimate the number of Tor users as a proportion of the total number of *requests* from Tor exit nodes on the assumption that the proportion of users to requests is roughly the same for both clearnet and Tor users. To be precise, the formula is:
.. code:: bash
tor_users = tor_requests * (plain_users / plain_requests)
Where:
- ``tor_users`` is the estimated number of Qubes users who download updates via Tor each month.
- ``tor_requests`` is the total number of requests the Qubes update servers receive from Tor exit nodes each month.
- ``plain_users`` is the number of unique clearnet IPv4 addresses that connect to the Qubes update servers each month.
- ``plain_requests`` is the total number of requests the Qubes update servers receive from clearnet IPv4 addresses each month.
We cross-reference the list of connecting IP addresses with `TorDNSELs exit lists <https://metrics.torproject.org/collector.html#type-tordnsel>`__ in order to distinguish Tor and clearnet IPs and requests. For this purpose, we count an IP address as belonging to a Tor exit node if there was a Tor exit node active for that address within the 24-hour periods before or after it connected to the Qubes update servers.
What kinds of data do you collect about Qubes users?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Please see our :doc:`Privacy Policy </introduction/privacy>`.
Where can I find the raw data and source code?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The raw data is available `here <https://tools.qubes-os.org/counter/stats.json>`__. (This does not include any personally-identifying user data.) Please note that the format of this data is not documented and may change any time if the developers feel the need to include something else. The source code is available `here <https://github.com/woju/qubes-stats>`__.

533
introduction/support.md
View file

@ -1,533 +0,0 @@
---
lang: en
layout: doc
permalink: /support/
redirect_from:
- /help/
- /mailing-lists/
- /doc/mailing-lists/
- /en/doc/mailing-lists/
- /en/doc/qubes-lists/
- /doc/qubes-lists/
- /doc/QubesLists/
- /wiki/QubesLists/
ref: 122
title: Help, support, mailing lists, and forum
---
The Qubes community is here to help! Since Qubes is a security-oriented
operating system, we want to make sure you [stay safe](#staying-safe) as you
get the support you need, and we want to make sure our community remains a
friendly and productive place by ensuring we all follow the [Code of
Conduct](/code-of-conduct/) and [discussion
guidelines](#discussion-guidelines).
## How to get help and support
First, let's see what kind of help you need.
### I have a problem or a question.
No worries! Here's how we recommend proceeding:
1. Check the [documentation](/doc/). There may already be a page about it.
Specifically, check out the [How-To Guides](/doc/#how-to-guides) and
[Troubleshooting](/doc/#troubleshooting) sections.
2. Search the [FAQ](/faq/). Your question might already be answered.
3. Try [searching the issue tracker](/doc/issue-tracking/#search-tips). There
may already be an open **or closed** issue about your problem. The issue
tracker is constantly being updated with known bugs and may contain
workarounds for problems you're experiencing. If there are any pinned issues at
the top, make sure to check them first!
4. Try [searching the Qubes Forum](https://forum.qubes-os.org/). There may
already be a matching topic.
5. Try [searching the `qubes-users`
archives](https://www.mail-archive.com/qubes-users@googlegroups.com/). There
may have already been a relevant thread.
### I didn't find a solution or an answer!
Sorry to hear that! In that case, we recommend asking for help on the [Qubes
Forum](https://forum.qubes-os.org/) or on the [`qubes-users` mailing
list](#qubes-users). Choose the venue you prefer, but please don't ask on both
at the same time! Before you ask, please review our [discussion
guidelines](#discussion-guidelines) and StackOverflow's advice on [how to ask
good questions](https://stackoverflow.com/help/how-to-ask). Don't forget to
[stay safe](#staying-safe)!
### I don't need support, but I think I found a bug.
We'd be grateful if you reported it (but please make sure no one else has
already reported it first)! Please see [Issue Tracking](/doc/issue-tracking/)
for details.
### I don't need support, but I'd like to request a feature.
No promises, but we'd be happy to consider it! Please see [Issue
Tracking](/doc/issue-tracking/) for details.
### Where's the best place to discuss Qubes?
That would be the [Qubes Forum](https://forum.qubes-os.org/) and the
[`qubes-users` mailing list](#qubes-users). Please have a look at our
[discussion guidelines](#discussion-guidelines) before diving in. Enjoy!
### How can I get involved and contribute?
Thank you for asking! Please see [How to Contribute](/doc/contributing/) for
all the ways you can do so.
### I would like to report a security vulnerability.
That sounds more like you helping us! Thanks! Please see [Reporting Security
Issues in Qubes OS](/security/#reporting-security-issues-in-qubes-os).
## Staying safe
The Qubes mailing lists and forum are open to the public. The contents are
crawled by search engines and archived by third-party services outside of our
control. Please do not send or post anything that you are not comfortable
seeing discussed in public. If confidentiality is a concern, please use PGP
encryption in an off-list email.
The Qubes community includes people from all walks of life and from around the
world. Individuals differ in areas of experience and technical expertise. You
will come into contact with others whose views and agendas differ from your
own. Everyone is free to write what they please, as long as it doesn't violate
our [Code of Conduct](/code-of-conduct/). Be friendly and open, but do not
believe everything you read. Use good judgment, and be especially careful when
following instructions (e.g., copying commands) given by others on the lists.
It's always possible that a bad actor could try to impersonate any member of
the [Qubes team](/team/) anywhere on the Internet. Please don't assume that
someone who claims to be an official Qubes team member really is one without an
appropriate form of authentication, such as a [verified PGP-signed
message](/security/verifying-signatures/). (But bear in mind that anyone can
generate a key with any name on it and use it to PGP-sign a message, so the
mere presence of a PGP signature does not indicate authority. Successful
[verification](/security/verifying-signatures/) is what counts.) All official
[news](/news/) can be authenticated by [verifying the
signatures](/security/verifying-signatures/) on the relevant tags or commits in
the [qubes-posts](https://github.com/QubesOS/qubes-posts) repository.
Given that there may be impostors and others trying to lead you astray, how
should you sort the good advice from the bad? This is up to each individual to
decide, but it helps to know that many members of our community have proven
themselves knowledgeable through their [contributions](/doc/contributing/) to
the project. Often, these individuals sign their messages with the same key as
(or another key authenticated by) the one they use to [sign their
contributions](/doc/code-signing/).
For example, you might find it easier to trust advice from someone who has a
proven track record of [contributing software
packages](/doc/package-contributions/) or [contributing to the
documentation](/doc/how-to-edit-the-documentation/). It's unlikely that
individuals who have worked hard to build good reputations for themselves
through their contributions over the years would risk giving malicious advice
in signed messages to public mailing lists. Since every contribution to the
Qubes OS Project is publicly visible and cryptographically signed, anyone would
be in a position to [verify](/security/verifying-signatures/) that these came
from the same keyholder.
## Discussion guidelines
Qubes discussions mainly take place on `qubes-users`, `qubes-devel`, and our
[forum](#forum), all of which are explained below. Most questions should be
directed to `qubes-users` or the [forum](#forum). **Please do not send
questions to individual Qubes developers.** By sending a message to the
appropriate mailing list, you are not only giving others a chance to help you,
but you may also be helping others by starting a public discussion about a
shared problem or interest.
These are open venues where people freely come together to discuss Qubes and
voluntarily help each other out of mutual interest and good will. They are
*not* your personal, paid support service. **No one owes you a reply.** No one
here is responsible for solving your problems for you. Nonetheless, there are
many things you can do to make it more likely that you will receive a reply.
This community is fortunate to have an exceptionally large number of friendly
and knowledgeable people who enjoy corresponding on these lists. The vast
majority of them will be happy to help you if you follow these simple
guidelines.
### Be polite and respectful
Remember, no one here is under any obligation to reply to you. Think about your
readers. Most of them are coming home after a long, hard day at work. The last
thing they need is someone's temper tantrum. If you are rude and disrespectful,
you are very likely to be ignored.
### Be concise
Include only essential information. Most of your readers lead busy lives and
have precious little time. We *want* to spend some of that time helping you, if
we can. But if you ramble, it will be easier to skip over you and help someone
else who gets right to the point.
### Help us help you
Tell us what you've already tried, and which documentation pages you've already
read. Put yourself in your readers' shoes. What essential information would
they require in order to be able to help you? Make sure to include that
information in your message. A great way to provide your hardware details is by
[generating and submitting a Hardware Compatibility List (HCL)
report](/doc/how-to-use-the-hcl/#generating-and-submitting-new-reports), then
linking to it in your message. [Ask questions the smart
way.](https://www.catb.org/esr/faqs/smart-questions.html)
### Be patient
Do not "bump" a thread more than once every three days *at most*. If it seems
like your messages to the mailing lists are consistently being ignored, make
sure you're following the guidelines explained on this page. If you're already
doing so but still not getting any replies, then it's likely that no one who
knows the answer has had time to reply yet. Remember that the devs are very
busy working on Qubes. They usually only have a chance to answer questions on
the mailing lists once every several days.
### Be a good community member
As with any social community, members earn different reputations for themselves
over time. We want these discussion venues to be friendly, productive places
where information and ideas are exchanged for the mutual benefit of all. We
understand that the best way to achieve this is to encourage and cultivate
other like-minded individuals. Those who have shown themselves to be good
community members through their past contributions have earned our good will,
and we will be especially eager to help them and collaborate with them. If you
are new to the community, you should understand that it may take time for you
to earn the good will of others. This does not mean that you will not receive
help. On the contrary, we are fortunate to have such a helpful and
understanding community that many of them spend hours of their personal time
helping complete strangers, including many who post anonymously. (Given the
integration of Qubes with [Whonix](https://www.whonix.org/wiki/Qubes), we
understand better than most the complexities of privacy and anonymity, and we
know that many users have no other choice but to post anonymously.) You can
read our project's [Code of Conduct](/code-of-conduct/) and [Privacy
Policy](/privacy/) for more information.
### Report issues and submit changes in the right places
The mailing lists and [forum](#forum) are good places to ask questions and
discuss things. However, if you're submitting a more formal report, we'd prefer
that you submit it to our [issue tracker](/doc/issue-tracking/) so that it
doesn't get overlooked. (However, please remember that [the issue tracker is
not a discussion
forum](/doc/issue-tracking/#the-issue-tracker-is-not-a-discussion-forum).)
Likewise, if you see that something in the documentation should be changed,
don't simply point it out in a discussion venue. Instead, [submit the
change](/doc/how-to-edit-the-documentation/).
### Moderation
The moderation team aims to enforce our [Code of Conduct](/code-of-conduct/).
Beyond this, users should not expect any specific action from the moderation
team. Specifically, users should not request that posts or messages be deleted
or edited by a moderator. Users are reminded that, in most venues, anything
posted will be sent out as an email to others, and these emails cannot be
deleted from others' inboxes.
### Specific mailing list rules and notes
#### Use the correct list
Send your message to the correct list. Read the sections below to determine
which list is correct for your message.
#### Do not top-post
[Top-posting](https://en.wikipedia.org/wiki/Posting_style#Top-posting) is
placing your reply above the quoted message to which you're replying. Please
refrain from doing this. Instead, either
[interleave](https://en.wikipedia.org/wiki/Posting_style#Interleaved_style)
your reply by placing parts of your message immediately below each quoted
portion to which it is replying, or
[bottom-post](https://en.wikipedia.org/wiki/Posting_style#Bottom-posting) by
placing your entire reply below the quoted message to which you're replying.
#### Use proper subject lines
Include a precise and informative subject line. This will allow others to
easily find your thread in the future and use it as a reference. (Bad: "Help!
Qubes problems!" Good: "R2B2 Installation problem: Apple keyboard not working
in installer.")
#### Do not send duplicates
If your message is not successfully sent to the list, it probably got caught in
the spam filter. We check the spam filter regularly, so please be patient, and
your message should be approved (and your email address added to the whitelist)
within a few days.
#### Keep the list CCed
Keep the mailing list CCed throughout the conversation unless there's a special
need for privacy (in which case, use PGP encryption). This increases the
likelihood that a greater quantity of useful information will be available to
everyone in the future.
#### Quote appropriately
If you're replying to a thread (whether your own or someone else's), you should
make sure to quote enough from previous messages in the thread so that people
reading your message can understand the context without having to find and read
earlier messages from that thread. Each reply should continue the conversation
and, ideally, be readable as a conversation in itself. Do not quote
advertisements in signatures or inline PGP signature blocks. (Quoting the
latter interferes with the ability of programs like Enigmail to properly quote
replies thereafter).
#### English not required
If you do not speak English, you should feel free to post in your own language.
However, bear in mind that most members of the list can only read English. You
may wish to include an automated translation in your message out of
consideration for those readers. If you choose to write in English, please do
not apologize for doing so poorly, as it is unnecessary. We understand and will
ask for clarification if needed.
#### Suggestions
While we're generally open to hearing suggestions for new features, please note
that we already have a pretty well defined
[roadmap](https://github.com/QubesOS/qubes-issues/milestones), and it's rather
unlikely that we will change our schedule in order to accommodate your request.
If there's a particular feature you'd like to see in Qubes, a much more
effective way to make it happen is to contribute a patch that implements it. We
happily accept such contributions, provided they meet our standards. Please
note, however, that it's always a good idea to field a discussion of your idea
on the `qubes-devel` list before putting in a lot of hard work on something
that we may not be able or willing to accept.
#### Google Groups
While the mailing lists are implemented as Google Group web forums, a Google
account is in no way required, expected, or encouraged. Many discussants
(including most members of the Qubes team) treat these lists as conventional
[mailing lists](https://en.wikipedia.org/wiki/Electronic_mailing_list),
interacting with them solely through plain text email with
[MUAs](https://en.wikipedia.org/wiki/Email_client) like
[Thunderbird](https://www.thunderbird.net/) and [Mutt](https://www.mutt.org/).
The Google Groups service is just free infrastructure, and we [distrust the
infrastructure](/faq/#what-does-it-mean-to-distrust-the-infrastructure). This
is why, for example, we encourage discussants to use [Split
GPG](/doc/split-gpg/) to sign all of their messages to the lists, but we do not
endorse the use of these Google Groups as web forums. For that, we have a
separate, dedicated [forum](#forum).
## Mailing lists
This section covers each of our individual [mailing
lists](https://en.wikipedia.org/wiki/Electronic_mailing_list), with details
about the purpose of each list and how to use it. A Google account is **not**
required for any of these mailing lists.
### qubes-announce
This is a read-only list for those who wish to receive only very important,
infrequent messages. Only the core Qubes team can post to this list. Only
[Qubes Security Bulletins (QSBs)](/security/qsb/), new stable Qubes OS releases,
and Qubes OS release end-of-life notices are announced here.
To subscribe, send a blank email to
`qubes-announce+subscribe@googlegroups.com`. (Note: A Google account is **not**
required. Any email address will work.) To unsubscribe, send a blank email to
`qubes-announce+unsubscribe@googlegroups.com`. This list also has a
[traditional mail
archive](https://www.mail-archive.com/qubes-announce@googlegroups.com/) and an
optional [Google Groups web
interface](https://groups.google.com/group/qubes-announce).
### qubes-users
This list is for helping users solve various daily problems with Qubes OS.
Examples of topics or questions suitable for this list include:
* [HCL](/doc/hcl/) reports
* Installation problems
* Hardware compatibility problems
* Questions of the form: "How do I...?"
Please try searching both the Qubes website and the archives of the mailing
lists before sending a question. In addition, please make sure that you have
read and understood the following basic documentation prior to posting to the
list:
* The [Installation Guide](/doc/installation-guide/), [System
Requirements](/doc/system-requirements/), and [HCL](/doc/hcl/) (for problems
related to installing Qubes OS)
* The [User FAQ](/faq/#users)
* The [documentation](/doc/) (for questions about how to use Qubes OS)
You must be subscribed in order to post to this list. To subscribe, send a
blank email to `qubes-users+subscribe@googlegroups.com`. (Note: A Google
account is **not** required. Any email address will work.) To post a message to
the list, address your email to `qubes-users@googlegroups.com`. If your post
does not appear immediately, please allow time for moderation to occur. To
unsubscribe, send a blank email to `qubes-users+unsubscribe@googlegroups.com`.
This list also has a [traditional mail
archive](https://www.mail-archive.com/qubes-users@googlegroups.com/) and an
optional [Google Groups web
interface](https://groups.google.com/group/qubes-users).
### qubes-devel
This list is primarily intended for people who are interested in contributing
to Qubes or who are willing to learn more about its architecture and
implementation. Examples of topics and questions suitable for this list
include:
* Questions about why we made certain architecture or implementation decisions.
* For example: "Why did you implement XYZ this way and not the other way?"
* Questions about code layout and where code is for certain functionality.
* Discussions about proposed new features, patches, etc.
* For example: "I would like to implement feature XYZ."
* Contributed code and patches.
* Security discussions which are relevant to Qubes in some way.
You must be subscribed in order to post to this list. To subscribe, send a
blank email to `qubes-devel+subscribe@googlegroups.com`. (Note: A Google
account is **not** required. Any email address will work.) To post a message to
the list, address your email to `qubes-devel@googlegroups.com`. If your post
does not appear immediately, please allow time for moderation to occur. To
unsubscribe, send a blank email to `qubes-devel+unsubscribe@googlegroups.com`.
This list also has a [traditional mail
archive](https://www.mail-archive.com/qubes-devel@googlegroups.com/) and an
optional [Google Groups web
interface](https://groups.google.com/group/qubes-devel).
### qubes-project
This list is for non-technical discussion and coordination around the Qubes OS
project.
Examples of topics or questions suitable for this list include:
* Participation (talks, workshops, etc.) at upcoming events
* Project funding applications and strategies
* FOSS governance discussions
* Most Github issues tagged
[business](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aopen+is%3Aissue+label%3Abusiness)
or
[project management](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aopen+is%3Aissue+label%3A%22project+management%22)
You must be subscribed in order to post to this list. To subscribe, send a
blank email to `qubes-project+subscribe@googlegroups.com`. (Note: A Google
account is **not** required. Any email address will work.) To post a message to
the list, address your email to `qubes-project@googlegroups.com`. If your post
does not appear immediately, please allow time for moderation to occur. To
unsubscribe, send a blank email to
`qubes-project+unsubscribe@googlegroups.com`. This list also has a
[traditional mail
archive](https://www.mail-archive.com/qubes-project@googlegroups.com/) and an
optional [Google Groups web
interface](https://groups.google.com/group/qubes-project).
### qubes-translation
This list is for discussion around the localization and translation of Qubes
OS, its documentation, and the website.
Examples of topics or questions suitable for this list include:
* Questions about or issues with [Transifex](https://www.transifex.com/), the
translation platform we use
* Who is managing localization for a given language
* Most Github issues tagged
[localization](https://github.com/QubesOS/qubes-issues/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aopen%20label%3Alocalization)
You must be subscribed in order to post to this list. To subscribe, send a
blank email to `qubes-translation+subscribe@googlegroups.com`. (Note: A Google
account is **not** required. Any email address will work.) To post a message to
the list, address your email to `qubes-translation@googlegroups.com`. If your
post does not appear immediately, please allow time for moderation to occur. To
unsubscribe, send a blank email to
`qubes-translation+unsubscribe@googlegroups.com`. This list also has an
optional [Google Groups web
interface](https://groups.google.com/group/qubes-translation).
## Forum
The official [Qubes Forum](https://forum.qubes-os.org) is a place where
you can ask questions, get help, share tips and experiences, and more! For a
long time, members of our community have sought a privacy-respecting forum
experience with modern features that traditional mailing lists do not support.
The open-source [Discourse](https://www.discourse.org/) platform fills this
need for us, as it does for many other open-source projects.
### Why was this forum created?
Previously, the only option for a forum-like experience was to interact with
our mailing lists via Google Groups, but we understand all too well that the
privacy implications and user experience were unacceptable for many members of
our community, especially with the recent addition of a sign-in requirement to
view threads. Many of you value the lower barrier to entry, organization,
ease-of-use, and modern social features that today's forums support. Moreover,
Discourse [features email
integration](https://forum.qubes-os.org/t/using-the-forum-via-email/533)
for those who still prefer the traditional mailing list format.
### How is this different from our mailing lists?
To be clear, this is *not* a replacement for the mailing lists. This forum is
simply an *additional* place for discussion. Certain types of discussions
naturally lend themselves more to mailing lists or to forums, and different
types of users prefer different venues. We've heard from some users who find
the mailing lists to be a bit intimidating or who may feel that their message
isn't important enough to merit creating a new email that lands in thousands of
inboxes. Others want more selective control over topic notifications. Some
users simply appreciate the ability to add a "reaction" to a message instead of
having to add an entirely new reply. Whatever your reasons, it's up to you to
decide where and how you want to join the conversation.
### Does this split the community?
Many open-source projects (such as Fedora and Debian) have both mailing lists
and forums (and additional discussion venues). In fact, the Qubes OS Project
already had non-mailing-list discussion venues such as
[Reddit](https://www.reddit.com/r/Qubes/) before this forum was introduced. We
believe that this additional venue fosters the continued growth of community
participation and improves everyone's experience. In addition, we fully expect
that many community members -- especially the most active ones -- will choose
to participate in both venues. (Again, for those who still prefer interacting
via email, [Discourse supports that
too](https://forum.qubes-os.org/t/using-the-forum-via-email/533)!)
## Social media
The Qubes OS Project has a presence on the following social media platforms:
- [Twitter](https://twitter.com/QubesOS)
- [Mastodon](https://mastodon.social/@QubesOS)
- [Reddit](https://www.reddit.com/r/Qubes/)
- [Facebook](https://www.facebook.com/QubesOS/)
- [LinkedIn](https://www.linkedin.com/company/qubes-os/)
Generally speaking, these are not intended to be primary support venues. (Those
would be [qubes-users](#qubes-users) and the [forum](#forum).) Rather, these
are primarily intended to be a way to more widely disseminate items published
on the [news](/news/) page. If you use one of these platforms, you may find it
convenient to follow the Qubes OS Project there as a way of receiving Qubes
news.
## Chat
If you'd like to chat, join us on
- the `#qubes` channel on `irc.libera.chat` or
- the `#qubes:invisiblethingslab.com` matrix channel.
these two should be linked/bridged, but for technical reasons currently are not.
## Unofficial venues
If you find another venue on the Internet that is not listed above, it is
**unofficial**, which means that the Qubes team does **not** monitor or
moderate it. Please be especially careful in unofficial venues.
(Note: If a Qubes team member discovers the venue and decides to pop in, that
should not be taken as a commitment to monitor or moderate the venue. It still
remains unofficial. Also, please make sure someone claiming to be a Qubes team
member really is one. It could be an impostor!)

362
introduction/support.rst Normal file
View file

@ -0,0 +1,362 @@
=======================================
Help, support, mailing lists, and forum
=======================================
The Qubes community is here to help! Since Qubes is a security-oriented operating system, we want to make sure you `stay safe <#staying-safe>`__ as you get the support you need, and we want to make sure our community remains a friendly and productive place by ensuring we all follow the :doc:`Code of Conduct </introduction/code-of-conduct>` and `discussion guidelines <#discussion-guidelines>`__.
How to get help and support
---------------------------
First, lets see what kind of help you need.
I have a problem or a question.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
No worries! Heres how we recommend proceeding:
1. Check the :doc:`documentation </index>`. There may already be a page about it. Specifically, check out the :ref:`How-To Guides <how-to-guides>` and :ref:`Troubleshooting <troubleshooting>` sections.
2. Search the :doc:`FAQ </introduction/faq>`. Your question might already be answered.
3. Try :ref:`searching the issue tracker <introduction/issue-tracking:search tips>`. There may already be an open **or closed** issue about your problem. The issue tracker is constantly being updated with known bugs and may contain workarounds for problems youre experiencing. If there are any pinned issues at the top, make sure to check them first!
4. Try `searching the Qubes Forum <https://forum.qubes-os.org/>`__. There may already be a matching topic.
5. Try `searching the qubes-users archives <https://www.mail-archive.com/qubes-users@googlegroups.com/>`__. There may have already been a relevant thread.
I didn't find a solution or an answer!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Sorry to hear that! In that case, we recommend asking for help on the `Qubes Forum <https://forum.qubes-os.org/>`__ or on the `qubes-users mailing list <#qubes-users>`__. Choose the venue you prefer, but please dont ask on both at the same time! Before you ask, please review our `discussion guidelines <#discussion-guidelines>`__ and StackOverflows advice on `how to ask good questions <https://stackoverflow.com/help/how-to-ask>`__. Dont forget to `stay safe <#staying-safe>`__!
I don't need support, but I think I found a bug.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Wed be grateful if you reported it (but please make sure no one else has already reported it first)! Please see :doc:`Issue Tracking </introduction/issue-tracking>` for details.
I don't need support, but I'd like to request a feature.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
No promises, but wed be happy to consider it! Please see :doc:`Issue Tracking </introduction/issue-tracking>` for details.
Where's the best place to discuss Qubes?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
That would be the `Qubes Forum <https://forum.qubes-os.org/>`__ and the `qubes-users mailing list <#qubes-users>`__. Please have a look at our `discussion guidelines <#discussion-guidelines>`__ before diving in. Enjoy!
How can I get involved and contribute?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Thank you for asking! Please see :doc:`How to Contribute </introduction/contributing>` for all the ways you can do so.
I would like to report a security vulnerability.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
That sounds more like you helping us! Thanks! Please see :ref:`Reporting Security Issues in Qubes OS <project-security/security:reporting security issues in qubes os>`.
Staying safe
------------
The Qubes mailing lists and forum are open to the public. The contents are crawled by search engines and archived by third-party services outside of our control. Please do not send or post anything that you are not comfortable seeing discussed in public. If confidentiality is a concern, please use PGP encryption in an off-list email.
The Qubes community includes people from all walks of life and from around the world. Individuals differ in areas of experience and technical expertise. You will come into contact with others whose views and agendas differ from your own. Everyone is free to write what they please, as long as it doesnt violate our :doc:`Code of Conduct </introduction/code-of-conduct>`. Be friendly and open, but do not believe everything you read. Use good judgment, and be especially careful when following instructions (e.g., copying commands) given by others on the lists.
Its always possible that a bad actor could try to impersonate any member of the `Qubes team <https://www.qubes-os.org/team/>`__ anywhere on the Internet. Please dont assume that someone who claims to be an official Qubes team member really is one without an appropriate form of authentication, such as a :doc:`verified PGP-signed message </project-security/verifying-signatures>`. (But bear in mind that anyone can generate a key with any name on it and use it to PGP-sign a message, so the mere presence of a PGP signature does not indicate authority. Successful :doc:`verification </project-security/verifying-signatures>` is what counts.) All official `news <https://www.qubes-os.org/news/>`__ can be authenticated by :doc:`verifying the signatures </project-security/verifying-signatures>` on the relevant tags or commits in the `qubes-posts <https://github.com/QubesOS/qubes-posts>`__ repository.
Given that there may be impostors and others trying to lead you astray, how should you sort the good advice from the bad? This is up to each individual to decide, but it helps to know that many members of our community have proven themselves knowledgeable through their :doc:`contributions </introduction/contributing>` to the project. Often, these individuals sign their messages with the same key as (or another key authenticated by) the one they use to :doc:`sign their contributions </developer/code/code-signing>`.
For example, you might find it easier to trust advice from someone who has a proven track record of :doc:`contributing software packages </developer/general/package-contributions>` or `contributing to the documentation <https://www.qubes-os.org/doc/how-to-edit-the-documentation/>`__. Its unlikely that individuals who have worked hard to build good reputations for themselves through their contributions over the years would risk giving malicious advice in signed messages to public mailing lists. Since every contribution to the Qubes OS Project is publicly visible and cryptographically signed, anyone would be in a position to :doc:`verify </project-security/verifying-signatures>` that these came from the same keyholder.
Discussion guidelines
---------------------
Qubes discussions mainly take place on ``qubes-users``, ``qubes-devel``, and our `forum <#forum>`__, all of which are explained below. Most questions should be directed to ``qubes-users`` or the `forum <#forum>`__. **Please do not send questions to individual Qubes developers.** By sending a message to the appropriate mailing list, you are not only giving others a chance to help you, but you may also be helping others by starting a public discussion about a shared problem or interest.
These are open venues where people freely come together to discuss Qubes and voluntarily help each other out of mutual interest and good will. They are *not* your personal, paid support service. **No one owes you a reply.** No one here is responsible for solving your problems for you. Nonetheless, there are many things you can do to make it more likely that you will receive a reply. This community is fortunate to have an exceptionally large number of friendly and knowledgeable people who enjoy corresponding on these lists. The vast majority of them will be happy to help you if you follow these simple guidelines.
Be polite and respectful
^^^^^^^^^^^^^^^^^^^^^^^^
Remember, no one here is under any obligation to reply to you. Think about your readers. Most of them are coming home after a long, hard day at work. The last thing they need is someones temper tantrum. If you are rude and disrespectful, you are very likely to be ignored.
Be concise
^^^^^^^^^^
Include only essential information. Most of your readers lead busy lives and have precious little time. We *want* to spend some of that time helping you, if we can. But if you ramble, it will be easier to skip over you and help someone else who gets right to the point.
Help us help you
^^^^^^^^^^^^^^^^
Tell us what youve already tried, and which documentation pages youve already read. Put yourself in your readers shoes. What essential information would they require in order to be able to help you? Make sure to include that information in your message. A great way to provide your hardware details is by :ref:`generating and submitting a Hardware Compatibility List (HCL) report <user/hardware/how-to-use-the-hcl:generating and submitting new reports>`, then linking to it in your message. `Ask questions the smart way. <https://www.catb.org/esr/faqs/smart-questions.html>`__
Be patient
^^^^^^^^^^
Do not “bump” a thread more than once every three days *at most*. If it seems like your messages to the mailing lists are consistently being ignored, make sure youre following the guidelines explained on this page. If youre already doing so but still not getting any replies, then its likely that no one who knows the answer has had time to reply yet. Remember that the devs are very busy working on Qubes. They usually only have a chance to answer questions on the mailing lists once every several days.
Be a good community member
^^^^^^^^^^^^^^^^^^^^^^^^^^
As with any social community, members earn different reputations for themselves over time. We want these discussion venues to be friendly, productive places where information and ideas are exchanged for the mutual benefit of all. We understand that the best way to achieve this is to encourage and cultivate other like-minded individuals. Those who have shown themselves to be good community members through their past contributions have earned our good will, and we will be especially eager to help them and collaborate with them. If you are new to the community, you should understand that it may take time for you to earn the good will of others. This does not mean that you will not receive help. On the contrary, we are fortunate to have such a helpful and understanding community that many of them spend hours of their personal time helping complete strangers, including many who post anonymously. (Given the integration of Qubes with `Whonix <https://www.whonix.org/wiki/Qubes>`__, we understand better than most the complexities of privacy and anonymity, and we know that many users have no other choice but to post anonymously.) You can read our projects :doc:`Code of Conduct </introduction/code-of-conduct>` and :doc:`Privacy Policy </introduction/privacy>` for more information.
Report issues and submit changes in the right places
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The mailing lists and `forum <#forum>`__ are good places to ask questions and discuss things. However, if youre submitting a more formal report, wed prefer that you submit it to our :doc:`issue tracker </introduction/issue-tracking>` so that it doesnt get overlooked. (However, please remember that :ref:`the issue tracker is not a discussion forum <introduction/issue-tracking:the issue tracker is not a discussion forum>`.) Likewise, if you see that something in the documentation should be changed, dont simply point it out in a discussion venue. Instead, `submit the change <https://www.qubes-os.org/doc/how-to-edit-the-documentation/>`__.
Moderation
^^^^^^^^^^
The moderation team aims to enforce our :doc:`Code of Conduct </introduction/code-of-conduct>`. Beyond this, users should not expect any specific action from the moderation team. Specifically, users should not request that posts or messages be deleted or edited by a moderator. Users are reminded that, in most venues, anything posted will be sent out as an email to others, and these emails cannot be deleted from others inboxes.
Specific mailing list rules and notes
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Use the correct list
^^^^^^^^^^^^^^^^^^^^
Send your message to the correct list. Read the sections below to determine which list is correct for your message.
Do not top-post
^^^^^^^^^^^^^^^
`Top-posting <https://en.wikipedia.org/wiki/Posting_style#Top-posting>`__ is placing your reply above the quoted message to which youre replying. Please refrain from doing this. Instead, either `interleave <https://en.wikipedia.org/wiki/Posting_style#Interleaved_style>`__ your reply by placing parts of your message immediately below each quoted portion to which it is replying, or `bottom-post <https://en.wikipedia.org/wiki/Posting_style#Bottom-posting>`__ by placing your entire reply below the quoted message to which youre replying.
Use proper subject lines
^^^^^^^^^^^^^^^^^^^^^^^^
Include a precise and informative subject line. This will allow others to easily find your thread in the future and use it as a reference. (Bad: “Help! Qubes problems!” Good: “R2B2 Installation problem: Apple keyboard not working in installer.”)
Do not send duplicates
^^^^^^^^^^^^^^^^^^^^^^
If your message is not successfully sent to the list, it probably got caught in the spam filter. We check the spam filter regularly, so please be patient, and your message should be approved (and your email address added to the whitelist) within a few days.
Keep the list CCed
^^^^^^^^^^^^^^^^^^
Keep the mailing list CCed throughout the conversation unless theres a special need for privacy (in which case, use PGP encryption). This increases the likelihood that a greater quantity of useful information will be available to everyone in the future.
Quote appropriately
^^^^^^^^^^^^^^^^^^^
If youre replying to a thread (whether your own or someone elses), you should make sure to quote enough from previous messages in the thread so that people reading your message can understand the context without having to find and read earlier messages from that thread. Each reply should continue the conversation and, ideally, be readable as a conversation in itself. Do not quote advertisements in signatures or inline PGP signature blocks. (Quoting the latter interferes with the ability of programs like Enigmail to properly quote replies thereafter).
English not required
^^^^^^^^^^^^^^^^^^^^
If you do not speak English, you should feel free to post in your own language. However, bear in mind that most members of the list can only read English. You may wish to include an automated translation in your message out of consideration for those readers. If you choose to write in English, please do not apologize for doing so poorly, as it is unnecessary. We understand and will ask for clarification if needed.
Suggestions
^^^^^^^^^^^
While were generally open to hearing suggestions for new features, please note that we already have a pretty well defined `roadmap <https://github.com/QubesOS/qubes-issues/milestones>`__, and its rather unlikely that we will change our schedule in order to accommodate your request. If theres a particular feature youd like to see in Qubes, a much more effective way to make it happen is to contribute a patch that implements it. We happily accept such contributions, provided they meet our standards. Please note, however, that its always a good idea to field a discussion of your idea on the ``qubes-devel`` list before putting in a lot of hard work on something that we may not be able or willing to accept.
Google Groups
^^^^^^^^^^^^^
While the mailing lists are implemented as Google Group web forums, a Google account is in no way required, expected, or encouraged. Many discussants (including most members of the Qubes team) treat these lists as conventional `mailing lists <https://en.wikipedia.org/wiki/Electronic_mailing_list>`__, interacting with them solely through plain text email with `MUAs <https://en.wikipedia.org/wiki/Email_client>`__ like `Thunderbird <https://www.thunderbird.net/>`__ and `Mutt <https://www.mutt.org/>`__. The Google Groups service is just free infrastructure, and we :ref:`distrust the infrastructure <introduction/faq:what does it mean to "distrust the infrastructure"?>`. This is why, for example, we encourage discussants to use :doc:`Split GPG </user/security-in-qubes/split-gpg>` to sign all of their messages to the lists, but we do not endorse the use of these Google Groups as web forums. For that, we have a separate, dedicated `forum <#forum>`__.
Mailing lists
-------------
This section covers each of our individual `mailing lists <https://en.wikipedia.org/wiki/Electronic_mailing_list>`__, with details about the purpose of each list and how to use it. A Google account is **not** required for any of these mailing lists.
qubes-announce
^^^^^^^^^^^^^^
This is a read-only list for those who wish to receive only very important, infrequent messages. Only the core Qubes team can post to this list. Only `Qubes Security Bulletins (QSBs) <https://www.qubes-os.org/security/qsb/>`__, new stable Qubes OS releases, and Qubes OS release end-of-life notices are announced here.
To subscribe, send a blank email to ``qubes-announce+subscribe@googlegroups.com``. (**Note:** A Google account is **not** required. Any email address will work.) To unsubscribe, send a blank email to ``qubes-announce+unsubscribe@googlegroups.com``. This list also has a `traditional mail archive <https://www.mail-archive.com/qubes-announce@googlegroups.com/>`__ and an optional `Google Groups web interface <https://groups.google.com/group/qubes-announce>`__.
qubes-users
^^^^^^^^^^^
This list is for helping users solve various daily problems with Qubes OS. Examples of topics or questions suitable for this list include:
- `HCL <https://www.qubes-os.org/hcl/>`__ reports
- Installation problems
- Hardware compatibility problems
- Questions of the form: “How do I…?”
Please try searching both the Qubes website and the archives of the mailing lists before sending a question. In addition, please make sure that you have read and understood the following basic documentation prior to posting to the list:
- The :doc:`Installation Guide </user/downloading-installing-upgrading/installation-guide>`, :doc:`System Requirements </user/hardware/system-requirements>`, and `HCL <https://www.qubes-os.org/hcl/>`__ (for problems related to installing Qubes OS)
- The :ref:`User FAQ <introduction/faq:users>`
- The :doc:`documentation </index>` (for questions about how to use Qubes OS)
You must be subscribed in order to post to this list. To subscribe, send a blank email to ``qubes-users+subscribe@googlegroups.com``. (**Note:** A Google account is **not** required. Any email address will work.) To post a message to the list, address your email to ``qubes-users@googlegroups.com``. If your post does not appear immediately, please allow time for moderation to occur. To unsubscribe, send a blank email to ``qubes-users+unsubscribe@googlegroups.com``. This list also has a `traditional mail archive <https://www.mail-archive.com/qubes-users@googlegroups.com/>`__ and an optional `Google Groups web interface <https://groups.google.com/group/qubes-users>`__.
qubes-devel
^^^^^^^^^^^
This list is primarily intended for people who are interested in contributing to Qubes or who are willing to learn more about its architecture and implementation. Examples of topics and questions suitable for this list include:
- Questions about why we made certain architecture or implementation decisions.
- For example: “Why did you implement XYZ this way and not the other way?”
- Questions about code layout and where code is for certain functionality.
- Discussions about proposed new features, patches, etc.
- For example: “I would like to implement feature XYZ.”
- Contributed code and patches.
- Security discussions which are relevant to Qubes in some way.
You must be subscribed in order to post to this list. To subscribe, send a blank email to ``qubes-devel+subscribe@googlegroups.com``. (**Note:** A Google account is **not** required. Any email address will work.) To post a message to the list, address your email to ``qubes-devel@googlegroups.com``. If your post does not appear immediately, please allow time for moderation to occur. To unsubscribe, send a blank email to ``qubes-devel+unsubscribe@googlegroups.com``. This list also has a `traditional mail archive <https://www.mail-archive.com/qubes-devel@googlegroups.com/>`__ and an optional `Google Groups web interface <https://groups.google.com/group/qubes-devel>`__.
qubes-project
^^^^^^^^^^^^^
This list is for non-technical discussion and coordination around the Qubes OS project.
Examples of topics or questions suitable for this list include:
- Participation (talks, workshops, etc.) at upcoming events
- Project funding applications and strategies
- FOSS governance discussions
- Most Github issues tagged `business <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aopen+is%3Aissue+label%3Abusiness>`__ or `project management <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aopen+is%3Aissue+label%3A%22project+management%22>`__
You must be subscribed in order to post to this list. To subscribe, send a blank email to ``qubes-project+subscribe@googlegroups.com``. (**Note:** A Google account is **not** required. Any email address will work.) To post a message to the list, address your email to ``qubes-project@googlegroups.com``. If your post does not appear immediately, please allow time for moderation to occur. To unsubscribe, send a blank email to ``qubes-project+unsubscribe@googlegroups.com``. This list also has a `traditional mail archive <https://www.mail-archive.com/qubes-project@googlegroups.com/>`__ and an optional `Google Groups web interface <https://groups.google.com/group/qubes-project>`__.
qubes-translation
^^^^^^^^^^^^^^^^^
This list is for discussion around the localization and translation of Qubes OS, its documentation, and the website.
Examples of topics or questions suitable for this list include:
- Questions about or issues with `Transifex <https://www.transifex.com/>`__, the translation platform we use
- Who is managing localization for a given language
- Most Github issues tagged `localization <https://github.com/QubesOS/qubes-issues/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aopen%20label%3Alocalization>`__
You must be subscribed in order to post to this list. To subscribe, send a blank email to ``qubes-translation+subscribe@googlegroups.com``. (**Note:** A Google account is **not** required. Any email address will work.) To post a message to the list, address your email to ``qubes-translation@googlegroups.com``. If your post does not appear immediately, please allow time for moderation to occur. To unsubscribe, send a blank email to ``qubes-translation+unsubscribe@googlegroups.com``. This list also has an optional `Google Groups web interface <https://groups.google.com/group/qubes-translation>`__.
Forum
-----
The official `Qubes Forum <https://forum.qubes-os.org>`__ is a place where you can ask questions, get help, share tips and experiences, and more! For a long time, members of our community have sought a privacy-respecting forum experience with modern features that traditional mailing lists do not support. The open-source `Discourse <https://www.discourse.org/>`__ platform fills this need for us, as it does for many other open-source projects.
Why was this forum created?
^^^^^^^^^^^^^^^^^^^^^^^^^^^
Previously, the only option for a forum-like experience was to interact with our mailing lists via Google Groups, but we understand all too well that the privacy implications and user experience were unacceptable for many members of our community, especially with the recent addition of a sign-in requirement to view threads. Many of you value the lower barrier to entry, organization, ease-of-use, and modern social features that todays forums support. Moreover, Discourse `features email integration <https://forum.qubes-os.org/t/using-the-forum-via-email/533>`__ for those who still prefer the traditional mailing list format.
How is this different from our mailing lists?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
To be clear, this is *not* a replacement for the mailing lists. This forum is simply an *additional* place for discussion. Certain types of discussions naturally lend themselves more to mailing lists or to forums, and different types of users prefer different venues. Weve heard from some users who find the mailing lists to be a bit intimidating or who may feel that their message isnt important enough to merit creating a new email that lands in thousands of inboxes. Others want more selective control over topic notifications. Some users simply appreciate the ability to add a “reaction” to a message instead of having to add an entirely new reply. Whatever your reasons, its up to you to decide where and how you want to join the conversation.
Does this split the community?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Many open-source projects (such as Fedora and Debian) have both mailing lists and forums (and additional discussion venues). In fact, the Qubes OS Project already had non-mailing-list discussion venues such as `Reddit <https://www.reddit.com/r/Qubes/>`__ before this forum was introduced. We believe that this additional venue fosters the continued growth of community participation and improves everyones experience. In addition, we fully expect that many community members especially the most active ones will choose to participate in both venues. (Again, for those who still prefer interacting via email, `Discourse supports that too <https://forum.qubes-os.org/t/using-the-forum-via-email/533>`__!)
Social media
------------
The Qubes OS Project has a presence on the following social media platforms:
- `Twitter <https://twitter.com/QubesOS>`__
- `Mastodon <https://mastodon.social/@QubesOS>`__
- `Reddit <https://www.reddit.com/r/Qubes/>`__
- `Facebook <https://www.facebook.com/QubesOS/>`__
- `LinkedIn <https://www.linkedin.com/company/qubes-os/>`__
Generally speaking, these are not intended to be primary support venues. (Those would be `qubes-users <#qubes-users>`__ and the `forum <#forum>`__.) Rather, these are primarily intended to be a way to more widely disseminate items published on the `news <https://www.qubes-os.org/news/>`__ page. If you use one of these platforms, you may find it convenient to follow the Qubes OS Project there as a way of receiving Qubes news.
Chat
----
If youd like to chat, join us on
- the ``#qubes`` channel on ``irc.libera.chat`` or
- the ``#qubes:invisiblethingslab.com`` matrix channel.
these two should be linked/bridged, but for technical reasons currently are not.
Unofficial venues
-----------------
If you find another venue on the Internet that is not listed above, it is **unofficial**, which means that the Qubes team does **not** monitor or moderate it. Please be especially careful in unofficial venues.
(**Note:** If a Qubes team member discovers the venue and decides to pop in, that should not be taken as a commitment to monitor or moderate the venue. It still remains unofficial. Also, please make sure someone claiming to be a Qubes team member really is one. It could be an impostor!)

35
introduction/video-tours.md
View file

@ -1,35 +0,0 @@
---
lang: en
layout: site
permalink: /video-tours/
ref: 226
title: Video tours
---
## Qubes OS Summit 2022
Watch all the talks from Qubes OS Summit 2022, which took place September 9-11, 2022 in Berlin, Germany.
<div class="video more-bottom">
<iframe class="responsive" referrerpolicy="no-referrer" scrolling="no" allowfullscreen src="https://www.youtube-nocookie.com/embed/hkWWz3xGqS8"></iframe>
</div>
<div class="video more-bottom">
<iframe class="responsive" referrerpolicy="no-referrer" scrolling="no" allowfullscreen src="https://www.youtube-nocookie.com/embed/A9GrlQsQc7Q"></iframe>
</div>
<div class="video more-bottom">
<iframe class="responsive" referrerpolicy="no-referrer" scrolling="no" allowfullscreen src="https://www.youtube-nocookie.com/embed/gnWHjv-9_YM"></iframe>
</div>
## Micah Lee presents "Qubes OS: The Operating System That Can Protect You Even If You Get Hacked"
[Micah Lee](https://micahflee.com/), a long-time Qubes [advocate](/endorsements/), presented [Qubes OS: The Operating System That Can Protect You Even If You Get Hacked](https://archive.org/details/QubesOSTheOperatingSystemThatCanProtectYouEvenIfYouGetHackedTalkByMicahLee) at the Circle of HOPE conference, which took place July 20-22, 2018 in New York City.
<div class="video more-bottom">
<iframe class="responsive" referrerpolicy="no-referrer" scrolling="no" allowfullscreen src="https://livestream.com/accounts/9197973/events/8286152/videos/178431606/player?autoPlay=false"></iframe>
</div>
## Explaining Computers presents "Qubes OS: Security Oriented Operating System"
<div class="video">
<iframe class="responsive" referrerpolicy="no-referrer" scrolling="no" allowfullscreen src="https://www.youtube-nocookie.com/embed/hWDvS_Mp6gc"></iframe>
</div>

65
introduction/video-tours.rst Normal file
View file

@ -0,0 +1,65 @@
===========
Video tours
===========
Qubes OS Summit 2022
--------------------
Watch all the talks from Qubes OS Summit 2022, which took place September 9-11, 2022 in Berlin, Germany.
----
.. youtube:: hkWWz3xGqS8
:height: 315
:width: 560
:align: left
----
.. youtube:: A9GrlQsQc7Q
:height: 315
:width: 560
:align: left
----
.. youtube:: gnWHjv-9_YM
:height: 315
:width: 560
:align: left
Micah Lee presents "Qubes OS: The Operating System That Can Protect You Even If You Get Hacked"
-----------------------------------------------------------------------------------------------
`Micah Lee <https://micahflee.com/>`__, a long-time Qubes `advocate <https://www.qubes-os.org/endorsements/>`__, presented `Qubes OS: The Operating System That Can Protect You Even If You Get Hacked <https://archive.org/details/QubesOSTheOperatingSystemThatCanProtectYouEvenIfYouGetHackedTalkByMicahLee>`__ at the Circle of HOPE conference, which took place July 20-22, 2018 in New York City.
----
.. generalvid:: https://livestream.com/accounts/9197973/events/8286152/videos/178431606/player?autoPlay=false
:height: 315
:width: 560
:align: left
Explaining Computers presents "Qubes OS: Security Oriented Operating System"
----------------------------------------------------------------------------
----
.. youtube:: hWDvS_Mp6gc
:height: 315
:width: 560
:align: left