Mugwump's Fish World
Misc Topics... yada yada => Computers / Computer Related => Topic started by: Mugwump on January 02, 2016, 12:27:39 PM
(https://www.qubes-os.org/attachment/wiki/GettingStarted/r2b1-appsmenu-1.png)
In Qubes, you run all your programs in domains. Domains are also called AppVMs because they?re implemented as lightweight virtual machines (VMs). Not every app runs in its own VM. (That would be a big waste of resources!) Instead, each VM represents a security domain (e.g., ?work,? ?personal,? ?banking,? etc.). Each domain is based, by default, on a single, common TemplateVM (but you can create as many as you?d like). This means that when you create a new AppVM, you don?t copy the whole root filesystem needed for this AppVM to work (which would include copying all the programs). Instead, each AppVM shares the root filesystem with its respective TemplateVM. An AppVM has read-only access to the filesystem of the Template on which it?s based, so an AppVM cannot modify a TemplateVM in any way. This is important, as it means that if an AppVM is ever compromised, the TemplateVM on which it?s based (and any other AppVMs based on that TemplateVM) will still be safe. This means that creating a large number of domains is cheap: Each one needs only as much disk space as is necessary to store its private files (e.g., the ?home? folder).
If you?ve installed Qubes using the default options, a few domains have already been created for you:
work
personal
untrusted
Each domain, apart from having a distinct name, is also assigned a label, which is one of several pre-defined colors. The trusted window manager uses these colors in order to draw window decorations (color frames) around the windows of applications running in each domain. These allow you to quickly and easily identify the trust level of a given window at a glance. It?s totally up to you how you?d like to interpret these colors. Personally, I find it natural to associate red with that which is untrusted and dangerous (the ?red light? ? stop! danger!), green with that which is safe and trusted, and yellow and orange with things in the middle. I?ve also extended this scheme to include blue and black, which I interpret as indicating progressively more trusted domains than green, with black being ultimately trusted.
...more...
https://www.qubes-os.org/getting-started/ (https://www.qubes-os.org/getting-started/)