An update of the Qubes 4.1.2 operating system has been generated, which implements the idea of using a hypervisor for strict isolation of applications and OS components (each class of applications and system services run in separate virtual machines). Requires a system with 6 GB of RAM and a 64-bit Intel or AMD CPU with support for VT-x c EPT / AMD-v c RVI and VT-d / AMD IOMMU technologies, an Intel GPU is desirable (NVIDIA and AMD GPUs are not well tested ). The size of the installation image is 6 GB.
Applications in Qubes are divided into classes based on the importance of the data they process and the tasks they perform. Each application class (e.g., work, entertainment, banking), as well as system services (network subsystem, firewall, storage, USB stack, etc.), runs in separate virtual machines, running using the Xen hypervisor. These applications are available within a single desktop and are highlighted with different window border colors for clarity. Each environment has read access to the underlying root file system and local storage, which does not overlap with the storage of other environments. A special service is used to facilitate application interaction.
The Fedora package base can be used as a basis for creating virtual environments and Debian, templates for Ubuntu, Gentoo and Arch LinuxIt is possible to organize access to applications in a virtual machine with Windows, as well as creation virtual machines Based on Whonix to provide anonymous access via Tor. The user interface is built on Xfce. When the user launches an application from the menu, it starts in a specific virtual machine. The content of the virtual environments is determined by a set of templates.
In the new release, only the update of the versions of the programs that form the basic system environment (dom0) is noted. A template for creating virtual environments based on Fedora 37 has been prepared. The ability to use USB keyboards has been added to the installer. The boot menu of the install image offers a kernel-latest option to use the latest kernel release with extended hardware support.
Source: opennet.ru
