Help to form a setup for max threat model

I need help to understand what is a sufficient setup.

I use windows because I really need functionality, I assume you cannot install the “regular” common apps for Qubes.
I dont use tor because then the internet is very slow,
I use brave.
Is double layered VPN + system encryption enough?
Is router “hardening” & firmware like OpenWrt and OPNsense really helpful? if they are do you need to know how to use them? do you need a custom router or you can install them on any router like the one the ISP provide with their branding?

I know im a noobie please dont attack me xD,

Thank you all so much for your help!

1 Like

Quick answer : Contact Amnesty International SecurityLab for a personalized threat-model.

Long answer : I don’t think you need MAX THREAT MODEL. Especially since you seems to disregard some crucial elements, just for the sake of convenience over security or privacy.
Go consult PrivacyGuides guide to threat-modelling.

To actually answer more in-depth :

  • Define “regular” apps. Everything should be able to be used on it. Just don’t think about CPU or GPU heavy software, including video-accelerated one. Should suffice for most usage.
  • Seems counter-intuitive to use a “double-layered” VPN, except if it’s an option from your VPN provider. If not, you tend to have to trust those two separate VPN providers with your data then just your ISP. Seems also odd to use a 2-hop VPN when Tor does ~3/4 hops or so.
  • It really help to make sure you know what’s going on with your router, and that you are the only one being able to control it. It also allows for more in-depth configuration and customisation compared to your provider router. I assume most provider given routers won’t be able to be modified to install such software, in first for Support reason with mostly not-tech aware users. (The rest would be for telemetry and potential control/backdoor but i don’t have any sources to back that up)

Regular apps are for example crypto wallets etc… Can they be installed on Qubes?

Tor is just way too slow and if I use for example a desktop software I cant really use Tor can I.

Regarding the Router, can the ISP have a backdoor which they can hack my computer or bypass my VPN or something like that?
What would you recommend to do if I cant change the router they provide and thats my only option?

Thank you so much for your reply! I really appreciate it.

Yes, those apps can totally be installed. They may have anti-VM preventions, or require specific hardware security features (“plug-in” ones like physical USB 2FA keys or physical wallets should be fine, I meant meanly PC hardware wise such as TPM, even if it works fine, and even required in the main “core” OS).
I won’t go further there as I’m not an QubeOS user.

The thing is, if you require the maximum protection, Tor should be a giveaway. Hence that why, It seems you may be instead, looking to just an “harden” configuration. Again, people there will better help you if they know the possible reasons why you need such an high threat level (Activist, Journalist, person of Interest). Hence why i suggested to directly look to a private privacy firm or an association such as Amnesty International for such serious cases.

I’ll let the router question be answered by security expert and/or people able to link to some infected provider-provided router infection or intrusion cases.


Thank you so much for your professional answers!

And BTW, is there an OS you recommend over Qubes or its just not your cup of tea?

Personally a Debian-kicksecure OS user. It’s just an hardened Debian with optional Tor system routing.

I did used Whonix and had a live-key with Tails in the past.
Whonix is mostly about “hiding your actual affairs” on two VM running on your device, and Tails, to run your OS from a live session on your USB key only.
Both destroy your saved content, and reset themselves once closed.

Those two might be better suited for you, using your “regular” apps on the main installed OS, and doing everything that require security or anonimity inside of those two.
Do know that you need to trust the main OS in which Whonix is run on (So for example, Windows) or the hardware (For example, to not use a public access computer) for Tails.
If the main base is unsecure or untrusted, Tails or Whonix running on it will naturally be unsecure or untrusted.


This is actually interesting