From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.3 (2019-12-06) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.3 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RDNS_NONE, SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=3.4.3 Received: by atuin.qyliss.net (Postfix, from userid 496) id 7537B8562; Sun, 14 Jun 2020 21:28:36 +0000 (UTC) Received: from [127.0.0.1] (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id D42B885A7; Sun, 14 Jun 2020 21:28:22 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 496) id EEADC858D; Sun, 14 Jun 2020 21:28:20 +0000 (UTC) Received: from wout2-smtp.messagingengine.com (unknown [64.147.123.25]) by atuin.qyliss.net (Postfix) with ESMTPS id 490B5858C for ; Sun, 14 Jun 2020 21:28:17 +0000 (UTC) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.west.internal (Postfix) with ESMTP id 80A6C432; Sun, 14 Jun 2020 17:28:00 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Sun, 14 Jun 2020 17:28:00 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h= from:to:cc:subject:in-reply-to:references:date:message-id :mime-version:content-type; s=fm3; bh=qUzRT4FOy+BxOtxMLTSzMps0My A3znYAZgXEEduhqZg=; b=y7VTIitGzwnFlQ8D1YxHAJWsrggN1MfMyROMY9xafn QI/ledSBJ323HtDbrZUfTSLIYd8oBQJNP2yLTyKLBqi0MIk6elj6rUz5RWdue/S+ Iuc4qidOi3jbseyIVwWoJsUf+G2LdazcTroXvdcQDqjEJhb3HB+DlvdbrgJ3YUuH zOWbqsPwWExjUgfaUYVczcssG8PVSZ3NcfBc/BMIvY2TymGd24r0sXjLj00TlTa2 Ms/jbv8NUq4FefWl7pRhAyCAotmqs4udeHdtQVDvvKPrhWdmx5O4NXaVDHmPsJaH hPqxZufmdbJc9QhyhMeGoje5KZSC+LWPX2TXjtCOFP3w== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=qUzRT4 FOy+BxOtxMLTSzMps0MyA3znYAZgXEEduhqZg=; b=FnNlNpywyu1mWpUk78mTJO FZVEt5DirOr3C0yqMh3QWd5xBT6jbnCejrO+txD2wovuzHZVBVglBER8sX8A76Be FjRe/aOP7v5O1wrycUP4cuTikL42Jbkb/Rn9AF/AdzEHkfw5YiTFrixnuMqfkHEN g2KwlqttlerWLKQ4S0Nqfxe1KJHdJegU2z0fpExVgy7BaXGxa94QsxpthI54fZzs bz7dd+hb4FeSw7/3NFKHCnboLfdMY6xuMpTwG7VZdKbLR4QDnj4ZsZz9GSd6G2ts Xto6RAFyaWo16N5R9+5WEHgJWOY+IzOIeWLBMsssL5xDuyst4aQKNK8Py61An/+w == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrudeiiedgudeihecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhephffvufgjfhffkfggtgesghdtre ertddttdenucfhrhhomheptehlhihsshgrucftohhsshcuoehhihesrghlhihsshgrrdhi sheqnecuggftrfgrthhtvghrnhepgfefhfeiieejfeffgffhkeduieeuhfevtdegleffie ehueetgfeutdelgeegheeknecuffhomhgrihhnpehshhgrtghkshhprggtvgdruggvnecu kfhppeegiedrkedtrdduvdekrdduhedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrg hrrghmpehmrghilhhfrhhomhephhhisegrlhihshhsrgdrihhs X-ME-Proxy: Received: from x220.qyliss.net (p2e508098.dip0.t-ipconnect.de [46.80.128.152]) by mail.messagingengine.com (Postfix) with ESMTPA id 78CE53060FE7; Sun, 14 Jun 2020 17:27:59 -0400 (EDT) Received: by x220.qyliss.net (Postfix, from userid 1000) id 949849FA; Sun, 14 Jun 2020 21:27:57 +0000 (UTC) From: Alyssa Ross To: infokiller =?utf-8?Q?=E2=80=8B?= Subject: Re: Comparison to Qubes OS In-Reply-To: <159216598815.15924.16535121967350748778@localhost> References: <87o8pnci1i.fsf@alyssa.is> <159216598815.15924.16535121967350748778@localhost> Date: Sun, 14 Jun 2020 21:27:55 +0000 Message-ID: <87h7vdqqw4.fsf@alyssa.is> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Message-ID-Hash: ZLRZ7Q45OQSP7MKQYPKNTZMUCQPKXPA4 X-Message-ID-Hash: ZLRZ7Q45OQSP7MKQYPKNTZMUCQPKXPA4 X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: discuss@spectrum-os.org X-Mailman-Version: 3.3.1 Precedence: list List-Id: General high-level discussion about Spectrum Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable >> > - "GUI applications are buggy, command line tools >> > are mostly >> > undocumented": I assume that the reason for this is the lack of >> > resources the Qubes project has. However, I don't see how this will= be >> > be better in the case of Spectrum which is a new project with one >> > developer.=20 >> My understanding is that a lot of the instability I've encountered with >> Qubes's tools comes down to some severe technical debt with their >> inter-VM communication system. This is likely something that is very >> difficult to fix, but easy to learn from. Being a new project allows >> Spectrum to learn from Qubes' mistakes. > I agree, but I'm still not convinced this will be different in the > case of Spectrum, having even more limited dev resources than > Qubes'. I mean, if the Qubes folks could fix these issues without a > huge effort, even if it meant rewriting all the inter-VM communication > tools, they probably would. If they didn't, I assume this is because > this is just a huge undertaking (as is the whole project), and they're > busy with other work which has higher priority. I would assume that > you will end up in exactly the same situation. Maybe eventually, but the flexibility that comes with being a new project still gives us a significant opportunity to advance the state of the art before that happens. At that point, maybe something else will come along to innovate free of all the technical debt Spectrum has acquired by then, and then the state of the art will advance even further. Such is the nature of software development. >> > More generally, I'm wondering whether this >> > projects' goals couldn't be >> > better achieved by trying to work with the Qubes developers to >> > integrate Nix. It may very well be that they would reject it for some >> > reason, but then the logical next step would be to fork Qubes. Have >> > you reached out to the Qubes developers?=20 >> I've had the pleasure of speaking with several Qubes developers on >> multiple occasions. I also know that there is work being done to >> support NixOS templates in Qubes.=20=20 > Do you have any link you can share to work on Nix template being used in = Qubes? This was the last I heard of it: https://hackmd.shackspace.de/qubes-nixos >> As I see it, though, the real benefit >> of Nix here is that it would allow defining the whole system in one >> single Nix configuration. Doing this in Qubes would require big >> fundamental changes to how Qubes works. I believe the idea has been >> brought up to the Qubes developers, and as I recall they were not keen. >> I believe there is room in this space for Qubes and Spectrum to coexist. > > There's definitely a place for both efforts, but I'm just wondering if > it would not be better to implement Spectrum's ideas while working > more closely with Qubes. For example, creating a git branch or a fork > that replaces Xen with KVM and integrates Nix. Now, that may very be > not the best way to make progress on this project, because ramping up > on the Qubes codebase will be an inefficient use of your time, or > because you want to first experiment with some ideas in isolation, or > for any other reason. However, the potential benefits of such a > collaboration are, in my opinion, too big to pass on without strongly > pursuing it. Just to name a few: > > - You will get feedback from top tier security experts > - Qubes already has strong credibility which can be a huge driver of > adoption, especially if your project will be endorsed by Qubes devs > - You will be in a better position to integrate some of the tools of > Qubes, which you likely would need to do, and it is less likely > that changes in the Qubes tooling will break your project (if you > will indeed integrate them) > - You are less likely to be asked time and again "Why not Qubes"? :) > > So, why not start a public discussion in Qubes' mailing list on issue > tracker to figure out what is needed to accomplish Spectrum's goals? > > It will probably turn out that you made the right decision by starting > a separate project, but at the very least: > - You'll may get attention from people who can contribute to Spectrum > - The issues involved with be publicly documented and searchable for > future generations I think you maybe don't appreciate just how huge an undertaking this would be. There is so much that would have to change about how Qubes works that I think you'd end up having to reimplement most of it anyway, but you'd be doing it bit by bit, never having the opportunity to consider the system as a whole. At the end of the day I just don't believe that trying to shoehorn these changes into Qubes is the best way to make progress. It might well be valuable to try that, but even so it would make much more sense for somebody who believes in that approach to dedicate the huge amount of effort required to attempt it, rather than me. This could be another effort that could be pursued in parallel to my work on Spectrum. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEH9wgcxqlHM/ARR3h+dvtSFmyccAFAl7mllsACgkQ+dvtSFmy ccAzjw//WwtS0WcDC7ETfug5CFTp2hs7DjOpdsuvcvgIMWFk3UEkZu6K5LgjHlgc zEqEpUeEvAjysqEodG1KfyWwnGJCMKXqqUDC5FDwUjFUWnlShAd49mLYbHFBhUQ5 GFB8aPwnN3+7yKRHzPRkquZs2DzpUT9niXFeX1Mv5fepqDqt3N1xD8Gu5WvOds0J yBeHT7UAM8PatkZfIwojItynED2bLmySL11PfKpOgN82GzKRk12DR8G1enRtwo47 GxNqMyLXEJYyxtAXyTpkLNZhOjcY+4wYPmiOrKbp2XKPK4l1c8dlqeAgca6rKQt0 zeNYlXgKHL2LIb85wsi+h+o3ZpWMIkAB+54KlUyPLG+wi8PNeM/To7Ott63ujynU c3doJvskXxTin0oIimxXkKcFeSijModiQTCThuOTLBzo5dDCAXyG4sU+PjLwFC0G lqNmgO5cSBWdgOEmk0Gddy5IWVznOdqAja0WobT+ZW3026taTe7hCi35Ti5S37c3 mAI20kNNP+gAhtjhBoN2b2cobG28dmN+extNkCkQ1FNfbWx3j0dHO1ZsYBewGULE FI6jTKt+8YsjwbZPDp6k9RCfMLgmGPIrLNedI0LMAtlT4S3LKUL27KAnv+iEEyjb o5J1zRcvRfbOTYA/lypZ3MaCXomsgYpUjtXQUQktaf/IJ51dndE= =6UeN -----END PGP SIGNATURE----- --=-=-=--