Qubes OS Security in the Public Record

sciences44 86 points 15 comments July 18, 2026
arxiv.org · View on Hacker News

Discussion Highlights (6 comments)

Topfi

Blast from the past for me, though primarily interacted with the complementary Whonix side of things. Not surprising to read, considering how lean Qubes was from the get-go designed to be it makes sense that most things are from resulting upstream rather than with their code. Fully aware that it was never the goal for Qubes, but I have never been able to shake the idea that one could leverage their architecture in ways beyond security hardening, especially that screenshot with MSFT Office running in its own guest got my mind spinning back then. Might be worth revisiting some old ideas I'm just recalling, especially with there having been over a decade in development across many projects focused on hypervisors by many smart people, making a few old experiments likely less impossible.

adg001

Author of the paper here; AMA.

preetham_rangu

Security claims backed by public evidence are a lot more convincing than marketing.

jmakov

Would need to create a lab and throw LLMs at it to see if they can break anything. That would be an interesting paper.

khurs

First I heard of Qubes was when Edward Snowden endorsed it https://www.qubes-os.org/endorsements/ https://xcancel.com/Snowden/status/781493632293605376

nullc

QubesOS is really fantastic, I wouldn't consider using anything less today.

Semantic search powered by Rivestack pgvector
14,015 stories · 131,331 chunks indexed