I would like to have a better operating system, one from QubesOS or Fedora.
I’m torn because both systems only partially fulfill my needs. My needs are as follows:
1, The ability to destroy encryption keys quickly so that I cannot access confidential files myself. To protect against a five dollar wrench attack
2, Be able to defend against 0 day exploits to some extent
For QubesOS:
Pros:
1, strong isolation mechanism, can effectively block the attack of 0 day vulnerability
2, there is a special design for defending against attacks, which reduces the possibility of virtual machine escape at design time
Disadvantages:
1, too much trouble to use
2, encryption system can only take the manual input method, can not use the key file
3, does not seem to support secure boot, the use of Anti evil maid (AEM) is too much trouble
For Fedora:
1, support for secure boot
2, although the full disk encryption can not use the key file, but you can enter the system through the key file mount encrypted partition, put the virtual machine files in the encrypted partition, and then most of the use of the virtual machine through the virtual machine, to encrypt the purpose of the virtual machine system. In QubesOS, you can’t use a virtual machine, so you can’t do this.
Disadvantages:
1, the virtual machine software (virtualbox) is not specifically designed for security, the risk of virtual machine escape is relatively high.
2, the use of multiple virtual machines than QubesOS trouble
I’m struggling to understand this paragraph, I may be misunderstanding you, but the first bit (“although the full disk encryption can not use the key file”) sounds incorrect. Fedora uses the same tools for encryption as most other linux distros dm-crypt/LUKS. Afaik, you can setup any combination of unlock methods including: a passphrase, a keyfile, the TPM, or more exotic/custom methods.
I can’t comment on the security aspect, but Virtualbox is unrelated to Fedora. Doesn’t come with Fedora. And isn’t your only option on Fedora or any other linux distro.
Look into KVM/QEMU + Libvirt (GUI frontends are virt-manager or gnome-boxes) if you want to use something other than Virtualbox. Fedora Virtualization Overview
You can probably find an answer to your question in the link below (see section 3.2):
Why does Qubes use Xen instead of KVM or some other hypervisor?
In short: we believe the Xen architecture allows for the creation of more secure systems (i.e. with a much smaller TCB, which translates to a smaller attack surface). We discuss this in much greater depth in our Architecture Specification document.
People seem to have forgotten the purpose of hardware security keys (e.g., FIDO tokens on Yubikey): to protect you from unauthorized account usage, remotely. Any advanced threat model requires more than this. You can be “asked” to give your hardware keys to your interrogator. Without being graphic, there are many more ways to get you to reveal access methods; you can only withstand what your body can withstand. Everyone eventually breaks. That’s why that method is so effective.
None of the guides online will explain how to keep you safe from an adversary that will just be able to physically beat you until you give up your secrets.
?