url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Do not install Qubes inside a virtual machine - Qubes uses its own bare-metal hypervisor (Xen). ^[1]

According to qubes-os.org: ^[2]

Not all virtual machine software is equal when it comes to security. You may have used or heard of VMs in relation to software like VirtualBox or VMware Workstation. These are known as “Type 2” or “hosted” hypervisors. (The hypervisor is the software, firmware, or hardware that creates and runs virtual machines.) These programs are popular because they’re designed primarily to be easy to use and run under popular OSes like Windows (which is called the host OS, since it “hosts” the VMs). However, the fact that Type 2 hypervisors run under the host OS means that they’re really only as secure as the host OS itself. If the host OS is ever compromised, then any VMs it hosts are also effectively compromised. By contrast, Qubes uses a “Type 1” or “bare metal” hypervisor called Xen. Instead of running inside an OS, Type 1 hypervisors run directly on the “bare metal” of the hardware. This means that an attacker must be capable of subverting the hypervisor itself in order to compromise the entire system, which is vastly more difficult.

The take-home message is that [[Qubes|Template:Q project name]] is more secure than the default Kicksecure configuration using a Type 2 hypervisor like VirtualBox. Therefore, it is recommended to install Template:Q project name if users have suitably modern hardware.

Template:Q project name vs Physically-Isolated Kicksecure Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Template:Q_project_name_vs_Physically-Isolated_Kicksecure Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Virtualization_Platform_Security#Template:Q_project_name_vs_Physically-Isolated_Kicksecure|Template:Q project name vs Physically-Isolated Kicksecure]]
Copy as Wikitext Click = Copy Copied to clipboard! [Template:Q project name vs Physically-Isolated Kicksecure](https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Template:Q_project_name_vs_Physically-Isolated_Kicksecure)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Template:Q project name vs Physically-Isolated Kicksecure](https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Template:Q_project_name_vs_Physically-Isolated_Kicksecure)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Template:Q_project_name_vs_Physically-Isolated_Kicksecure]Template:Q project name vs Physically-Isolated Kicksecure[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

In [[Kicksecure|Template:Non q project name]], using a separate computer for Physical Isolation is certainly more secure than using the same computer for everything in the standard host OS / Type 2 hypervisor configuration. However, it is not clear this is superior to Qubes' compartmentalized software approach.

Consider the pros and cons of physical isolation relative to Qubes: ^[2]

Pros
Physical separation doesn’t rely on a hypervisor. (It’s very unlikely that an attacker will break out of Qubes’ hypervisor, but if one were to manage to do so, one could potentially gain control over the entire system).

Physical separation can be a natural complement to physical security. (For example, you might find it natural to lock your secure laptop in a safe when you take your unsecure laptop out with you).

Cons
Physical separation can be cumbersome and expensive, since we may have to obtain and set up a separate physical machine for each security level we need.

There’s generally no secure way to transfer data between physically separate computers running conventional OSes. (Qubes has a secure inter-VM file transfer system to handle this).

Physically separate computers running conventional OSes are still independently vulnerable to most conventional attacks due to their monolithic nature.

Malware which can bridge air gaps has existed for several years now and is becoming increasingly common.

In summary, the relative merits of physical isolation do not necessarily provide any more protection than Qubes' approach. Physical isolation is relatively difficult, still experimental, inconvenient and requires a significant time investment. On the other hand, Qubes is relatively easy to install, has fully integrated Kicksecure, and is convenient for most activities.

Qubes also supports a host of features unavailable in the physically-isolated model, such as: DisposableVMs, a USB VM, secure copy / paste operations between VMs, secure copying and transfers of files between VMs, and sanitization of PDFs and images.

For these reasons, [[Kicksecure-Qubes|Template:Q project name]] is recommended for the majority of users seeking a higher-security solution.

Template:Q project name Hardware Requirements Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Template:Q_project_name_Hardware_Requirements Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Virtualization_Platform_Security#Template:Q_project_name_Hardware_Requirements|Template:Q project name Hardware Requirements]]
Copy as Wikitext Click = Copy Copied to clipboard! [Template:Q project name Hardware Requirements](https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Template:Q_project_name_Hardware_Requirements)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Template:Q project name Hardware Requirements](https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Template:Q_project_name_Hardware_Requirements)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Template:Q_project_name_Hardware_Requirements]Template:Q project name Hardware Requirements[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

For Template:Q project name hardware requirements, see here.

VirtualBox Hardening Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#VirtualBox_Hardening Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Virtualization_Platform_Security#VirtualBox_Hardening|VirtualBox Hardening]]
Copy as Wikitext Click = Copy Copied to clipboard! [VirtualBox Hardening](https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#VirtualBox_Hardening)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [VirtualBox Hardening](https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#VirtualBox_Hardening)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#VirtualBox_Hardening]VirtualBox Hardening[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

For an overview on VM security risks in general, see: How secure are Virtual Machines really?

The less features enabled, the smaller the attack surface. The following features can be removed or disabled without impacting core functionality:

Disable Audio.
Do not enable Shared Folders.
Do not enable video acceleration.
Do not enable 3D acceleration. ^[3] ^[4]
Do not enable the Serial Port.
Remove the Floppy drive.
Remove the CD/DVD drive.
Do not enable the Remote Display server.
Enable PAE/NX (NX is a security feature).
Disable Advanced Configuration and Power Interface (ACPI). ^[5]
Do not attach USB devices.
Disable the USB controller which is enabled by default. Set the Pointing Device to "PS/2 Mouse" or changes will revert.

It is unclear whether enabling IO APIC, EFI will provide additional protection; further investigation is required.

Footnotes Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Footnotes Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Virtualization_Platform_Security#Footnotes|Footnotes]]
Copy as Wikitext Click = Copy Copied to clipboard! [Footnotes](https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Footnotes)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Footnotes](https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Footnotes)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Virtualization_Platform_Security?direction=next&oldid=53647#Footnotes]Footnotes[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

↑ https://www.qubes-os.org/doc/system-requirements/
↑ ^{Jump up to: 2.0} ^2.1 https://www.qubes-os.org/intro/
↑ Quote http://www.virtualbox.org/manual/ch04.html#guestadd-3d

Untrusted guest systems should not be allowed to use VirtualBox's 3D acceleration features, just as untrusted host software should not be allowed to use 3D acceleration. Drivers for 3D hardware are generally too complex to be made properly secure and any software which is allowed to access them may be able to compromise the operating system running them. In addition, enabling 3D acceleration gives the guest direct access to a large body of additional program code in the VirtualBox host process which it might conceivably be able to use to crash the virtual machine.
↑ Quote https://hsmr.cc/palinopsia/

If the "3D-Acceleration" feature of VirtualBox is activated, running the proof-of-concept code from inside the VM provides the ability to read framebuffers from the host system.
↑ ACPI information is passed to the guest OS by default, which allows it to obtain battery status and manufacturer information.

Kicksecure

A secure by default operating system with the latest security research in place.

Dark mode

Supported by Power Up Privacy

Kicksecure is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint

2012- 2025 ENCRYPTED SUPPORT LLC

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!

[1] ttps://www.qubes-os.org/doc/system-requirements/

[hypervisors-2] {Jump up to: 2.0} ^2.1 https://www.qubes-os.org/intro/

[3] Quote http://www.virtualbox.org/manual/ch04.html#guestadd-3d

Untrusted guest systems should not be allowed to use VirtualBox's 3D acceleration features, just as untrusted host software should not be allowed to use 3D acceleration. Drivers for 3D hardware are generally too complex to be made properly secure and any software which is allowed to access them may be able to compromise the operating system running them. In addition, enabling 3D acceleration gives the guest direct access to a large body of additional program code in the VirtualBox host process which it might conceivably be able to use to crash the virtual machine.

[4] Quote https://hsmr.cc/palinopsia/

If the "3D-Acceleration" feature of VirtualBox is activated, running the proof-of-concept code from inside the VM provides the ability to read framebuffers from the host system.

[5] ACPI information is passed to the guest OS by default, which allows it to obtain battery status and manufacturer information.

[1]

[2]

[3]

[4]

[5]

Virtualization Platform Security

Contents

Navigation menu

Virtualization Platform Security

Navigation menu

Search

Disable server cache for this browser

Debug vis URL