After qubes, what's second to best


I’ve been wanting to use Qubes for a while, but I can’t seem to find a laptop that has the features I want and would also work with qubes.

I was wondering if anyone knows what is the next best option? What is the second to best most secure operating system?

Thank you!

You can run still use virtual machines and easily manage them via virt-manager on any distro.

Here is how to make them disposable too:

<transient shareBacking="yes"/>

But if you want to have multiple at once from same template image you need to point them their own backing file.

Thank you so much for the advice. But I need something that works out of the box, I’m far from tech savvy enough to be able to do all that.

Android (e.g. GrapheneOS, stock Pixel OS, DivestOS, …) , iOS, iPadOS and ChromeOS are other secure options.

Thank you.

I use graphene but I can’t put that on a laptop.

I’m looking for something secure and private, so Apple and Chrome products aren’t for me. I’m looking for the next best Linux OS.

They are all as far away from QubesOS in terms of security as it gets. So you need to put in significant effort to make it somewhat secure. Which brings us to this:

Either choose (security and effort) or (no effort and no security) or pick something outside of the Linux desktop world.

Exactly. Qubes is secure out of the box, but I can’t find a laptop with a features I need that can support Qubes. That’s why I want the next best, so hopefully it’ll work on more OS’s.

Which feature? Even if a laptop is not on the officially supported list of devices, QubesOS might still work on it.

1 Like

I can’t seem to find a laptop that’s Lenovo, screen 15 inches or larger, touch, and 32 GB of RAM that also meets the Qubes criteria

Are you financially constrained? If not, check out NovaCustom’s QubesOS certified NV41 laptop, it’s really nice and works out of the box.

You don’t need some overpriced certified laptop to run Qubes.

There are decade old laptops that meet the requirements.


I appreciate the recommendation, but I prefer not to buy from these small companies. I want to be able to buy it from Costco or Best buy, so I’m always able to return it in case anything goes wrong.

1 Like

Chill dude! :slight_smile: It is a reasonable reommondation for someone who said about themselves that they are not tech savvy and need someting that works out of the box.
Also, it’s very questionable whether a decade old laptop with likely unpatched microcode vulnerabilities is the best solution today.

But I’m offtopic with recommending QubesOS laptops anyway as OP is asking for the second best thing. :slight_smile:

unpatched microcode

This is a good reason to use a newer machine indeed.

On that note, reminder that current AMD consumer platforms still are not properly patched against Zenbleed, as AMD is only providing the fix via AGESA updates and not providing microcode:

@SkewedZeppelin is right, though. There is no need to buy one of the officially recommended devices. If you can’t get QubesOS running, you can still return it and buy a different one.

And it’s much better to have QubesOS on an old laptop than to have a Linux desktop OS without a good security model on a modern device.

MacBooks with Lulu/Little Snitch, no apple account and running stuff inside Linux VMs are probably your best combination of privacy and security for computers today.

Thank you, but I can’t stand Apple. I’m looking for a Linux distro.


I probably hate no other company more than Google, yet I have a Pixel phone with GOS. Decided 800 dollars make more of an impact in my privacy and security than in Google’s income statement.

1 Like

I use hate Google and use Graphene OS on a Pixel as well. The reason I don’t want to use Apple is because I HATE their UX…

1 Like

As a past user of iPad Air 2, I agree.

1 Like