[Tails-dev] SecureDrop and tails vs Qubes

Delete this message

Reply to this message
Autor: Loic Dachary
Data:  
A: tails-dev
CC: Jennifer Helsby, Conor Schaefer
Assumpte: [Tails-dev] SecureDrop and tails vs Qubes
Hi,

It was suggested to launch a thread (https://labs.riseup.net/code/issues/15052#note-3) about the reasons why SecureDrop is working on a Qubes based workstation for journalists as an alternative to using an airgap tails. Conor & Jen are cc'ed so they can comment on this.

First of all this is not something new: people asked for it long ago but Qubes was not mature enough. The upcoming Qubes version 4 changes that and motivated new development in the SecureDrop team. As a result of this effort, started a few months ago, the pro and cons of using tails vs Qubes appear more clearly. IMHO the most prominent ones are:

* Qubes is not amnesic and the user can customize it more easily than Tails
* Tails is amnesic, usable with an airgap workstation and more secure than Qubes
* Adding a software distribution channel to a Qubes workstation is easy while creating and distributing tails derivatives is challenging and discouraged
* Tails is already mature while Qubes reaches maturity in 2018
* Qubes is based on Xen and runs on a limited range of hardware compared to tails

On a personal note I'd like to work on improving the tails experience for all existing SecureDrop users. Migrating to Qubes or not will eventually be their decision, they won't be forced. In 2018 there will be a significant SecureDrop effort to improve the tails journalist user experience.

Cheers

--
Loïc Dachary, Artisan Logiciel Libre