Desktop hardware for QubeOS

I was searching for hardware that is supported by QubeOS, I think I’ve done most of the research, but I got stuck at one point, the damn GPU passthrough, it’s a security issue…

In a few words, what I understood is that I should not use a dedicated GPU, at this point, there are 2 ways:

  • Use only Intel CPU (4K support too,I’ll use a 4K monitor)
  • Or use AMD APU (I didn’t see them supported…)

Any idea?

Also, what is the best hardware to avoid incompatibility in the future? I know I ask a lot :smiley: , but any hint is useful to reduce the hardware pain.

I will be interested to find out what you discover.

I agree that there seems to be a loss of potential security by the Firmware Drivers of Graphics Cards. I would guess the only ‘Threat Model’ that would be hacking Graphics Cards, are like the NSA, China Government, Someone who has a lot of resources.

You could look at ‘System 76’ as to what they are doing, and substitute into which ever hardware you buy the Graphics Cards, System 76.

For me, If I had the money, I would solve these problems by spending money on someones else’s work on these same subjects.

Pure (Librem) has a mini which uses all hardware which has free Firmware Drivers (actually I am told, for Linux, it is named Modules)

Debian, itself, only uses only Free Firmware, Qubes, usually does not use the latest Kernel, as to have Firmware for all the likely hardware of users actually have. And I think to have software, firmware that is more fully, tested and frequently used by those alert to the potential of security hazards. If I am wrong, then someone please correct me. My point being, if you pursue the Debian site for the Kernel you are using, likely you will quickly see that which is available.

One of the sites which has a lot of notes on how to maintain security is Whonix.

Sorry I am not very helpful on the subject you asked.

Let us know what you decide, find out.

Thanks for the answer.
I think you tried to give a wider overview of my quesite.

What I found out is that system76 is very expensive, useless if I can build the same system by myself sparing something like 2.7 times the budget (desktop version)

On purism instead, I get these kind of specs, my setup would cost 800 dollars, basically with 32 GB of RAM and 500 GB Nvme:
Processor: Intel Core i7-10510U (Comet Lake), Active (fan) Cooling, 4 Cores, 8 Threads, up to 4.9GHz
Graphics: Intel UHD Graphics 620
Memory: DDR4-2400, 2 SO-DIMM slots, Max 64GB Support, 1.2V DDR4 L2133/2400MHz
Storage: 1 SATA III 6Gbps SSD/HDD (7mm), 1 M.2 SSD (SATA III/NVMe x4)
Video: 1 HDMI 2.0 4K@60Hz, 1 DisplayPort 1.2 4K@60Hz
USB Ports: 4 x USB 3.0, 2 x USB 2.0, 1 x USB Type C 3.1
Audio: 3.5mm AudioJack (Mic-in & Headphone-out combo)
Networking: 1 RJ45 (Gigabit Ethernet LAN), with optional WiFi Atheros ATH9k Module, 802.11n (2.4/5.0 GHz)
Bluetooth: Ar3k Bluetooth 4.0 (optional)
Power: 1 Powerbutton, DC-IN Jack
Dimension: 5.0″ x 5.0″ x 1.5″ (12.8 cm x 12.8 cm x 3.8 cm)
Weight: 2.2 lbs (1 kg)

I’m not sure why you mentioned Debian, but QubeOS runs on Fedora if I remember well.
Or you were just talking about the VMs? I can choose any VM later, if QubeOS has the template though.

As I mentioned, GPU passthrough is a security hole basically, I’m not saying that scares me much, but what’s the point if I’m aware that the setup is wrong since the day one :smiley: . I can eve abandon the idea of QubeOS at that point, a simple distro is safer most probably, plus all the work behind the IDS, AV etc…
This implies that I can only consider Intel CPUs unfortunately, the AMD APU are not supported.

The issue with these companies is that I don’t live in US…