Kicksecure vs Qubes (Whonix)

You can use Qubes OS the secure OS together with Whonix (anonymity). You can use Kicksecure the security by default OS with Whonix too through VirtualBox.

How should an user who is looking for security and anonymity decide between those operating systems?

The main advantage of Qubes OS is its isolated design. In combination with Whonix you have a gateway which enforces all traffic from all VMs going through Tor.

But you might use Kicksecure as your OS exclusively to start your VirtualBox instance and use Whonix from there for all your work or offline VMs. Kicksecure OS updates would go through Tor by default.

What are the drawbacks in such a setup for using Kicksecure compared with Qubes OS?

Main advantage of Kicksecure is its live mode and protection against forensic analysis. There was an attempt to add live mode to Qubes, but it was unsuccessful. Qubes retains logs even for one-time DVMs. Kicksecure can run VMs even in live mode if you have at least 12 GB of RAM! This is a unique protection - virtualization and anti-forensics. If you are gamer, it is much easier to work with Kicksecure. And Kicksecure is a very lightweight OS, it works even on weak computers. Qubes is very demanding on computer hardware - on many computers it either won’t work or some features won’t work.

I believe the only drawback of Kicksecure is Debian. I think Fedora to be a more secure distro. I read on the Whonix forum that migrating system from Debian to Fedora or OpenSuse was being considered

1 Like

Without Qubes, you’re dodging the TCB of Fedora and Qubes.

I can not run many programs because of outdated Debian libraries. It is very frustrating. Using Fedora would be an ideal solution

To get your claim right. I understand you mean it is an advantage to dodge the TCB of Fedora and Qubes. Could you please tell why?

Considered, well…

Porting to a different base operating system is highly unlikely… See:
Requesting a Port to a Different Base Operating System

Fedora, OpenSuse are now less likely, potential blocker: Community Project versus Corporate Project

See also:

Consider other solutions…

  • backports
  • VMs
  • chroot
  • containers
  • …

Some options are mentioned here:
Install Newer Software Versions

1 Like

Glad to see you here @Patrick

Would you mind to provide some criteria how an user should choose between Kicksecure with Whonix and Qubes with Whonix. Assuming users only use case is to securely and anonymously browse and communicate through Tor.

I could imagine Kicksecure with Whonix as a reasonable and superior alternative to Qubes and Tails (as Tails does not contain the gateway architecture) in particular for beginners and would like to promote it.

Patrick, thank you. I agree with you

What do you think about the Nix package manager? Many people are writing about it now as the safest for any distro - Nix solves dependency problems, isolates programs, often has latest versions of packages, it has a very large number of packages and is safer than flatpak. I see more and more reviews about the Nix manager. I think you should write about it on the wiki. It will be an interesting review of a secure package manager from devs of the most secure distros