Qubes implements a Security by Isolation approach. The assumption is that there can be no perfect, bug-free desktop environment. Such an environment counts millions of lines of code, billions of software/hardware interactions. One critical bug in any of these interactions may be enough for malicious software to take control over a machine.In order to secure a desktop, a Qubes user should take care of isolating various environments, so that if one of the components get compromised, the malicious software would get access to only the data inside that environment.In Qubes, the isolation is provided in two dimensions: hardware controllers are isolated into functional domains (GUI, network and storage domains), whereas the user’s digital life is decided in domains with different levels of trust. For instance: work domain (most trusted), shopping domain, random domain (less trusted). Each of those domains is run in a separate virtual machine.Qubes is not a multiuser system.
One of the most famous tales from Aesop’s Fables is that of “The Crow and the Pitcher.” A crow, half dead with thirst, discovers a jug that has only a little bit of water left in it. Unable to reach the water by sticking his head inside, the crow thinks for a moment, then picks up a pebble and drops it into the jug. He repeats this action over and over until the level of the water has risen to the brim of the jug, allowing him to dip his beak in and drink. The moral encoded in the fable teaches that one can accomplish a seemingly impossible task with a series of small actions. However, the story also illustrates the crow’s ability to problem solve and use what tools are at hand to achieve a specific purpose.