TL;DR - About switching from Linux Mint to Qubes OS from among various other options that try to provide security out-of-the-box (also discussed: OpenBSD, SculptOS, Ghaf, GrapheneOS)
TL;DR - About switching from Linux Mint to Qubes OS from among various other options that try to provide security out-of-the-box (also discussed: OpenBSD, SculptOS, Ghaf, GrapheneOS)
I think Secureblue + GrapheneOS are the most reasonable choices imo. Qubes is highly hardware intensive for what it does, it will frustrate most people.
It works decently with just 8 GB RAM, and I’m going to upgrade the RAM.
Secureblue is based on sandboxing rather than paravirtualization, and I’m not sure that’s secure enough for me.
I do agree it’s likely more secure, but the tradeoff for common use cases (gaming, development) is steep. I could see using it solely for browsing and messaging people
You can also just slot secure blue into a qube I believe
Not only is it resource‑intensive, but Qubes also lacks Secure Boot and Wayland support. Secure Boot is critical to ensure the OS has not been tampered with, and Wayland is required to isolate individual apps running within a single VM from capturing input intended for other apps. For an average user, I would recommend SecureBlue rather than Qubes.
Qubes OS has an Anti-Evil Maid option that is far, far better than signed boot.
AppVMs are isolated in Qubes even without the help of Wayland