top | item 42678034

(no title)

Have used it for several months as my daily OS and dropped it because of bad graphics performance (only software rendering supported, many frame drops when watching HD videos on YT) and bad battery management. Due to software rendering the overall systems perfmance also dropped. So I cannot recommend it for people with high requirements on graphics and battery duration. Besides that it was an interesting and good experience.

I think it would be good to make it possible to deactivate certain security features such as strict graphics isolation so that users can adjust their settings to their risk acceptance level. It would also be interesting to be able to optionally replace Xen with lighter isolation mechanisms, even if the user would compromise on security here too.

discuss

dmm|1 year ago

> dropped it because of bad graphics performance (only software rendering supported, many frame drops when watching HD videos on YT)

Around Firefox 92 or 93 the new GPU-based renderer ported from Servo was made default and performance under Qubes became much worse. Unfortunately, it seems applications increasingly assume the presence of video acceleration and don't prioritize software rendering.

josephcsible|1 year ago

Isn't it reasonable for applications to assume that, now that virtually all hardware has it, even super-cheap computers like the Raspberry Pi?

NegativeK|1 year ago

Given the tendency for people to lower their unknowingly compromise their security for the sake of convenience, I can understand why a project wouldn't do that. Knowingly is different and is what you're requesting -- it's when someone is following some Stack Overflow post or some such and doesn't have the training (similarly with the SO commenter, potentially) to know the implications.

It kind of feels like a tradeoff between protecting users who are critically in need of something like Qubes or expanding its reach to people who are less at risk and won't use it if it's too inconvenient.

Etherdrake|1 year ago

QubesOS is best enjoyed with a hefty CPU, lots of SSD space and a multi-screen set-up (in my opinion). Have you tried using Freetube instead of Youtube? In my experience it works a little better.

jwrallie|1 year ago

The most annoying issue I had was that even using mpv would lead to audio samples being dropped. I think I fixed it eventually by increasing buffer sizes, but I would expect at least audio should work out of the box.

jwrallie|1 year ago

I could tolerate no graphic acceleration and battery issues as part of the virtualization overhead, but I had issues with sleep (it would sleep and wake up perfectly only with when plugged in) and other related problems such as Windows VMs crashing when waking up from sleep.

I was using it well at home but could not stand it when I travelled around with my laptop.

I think Xen is mostly at fault for the issues, but I’m sure using something like KVM would be insecure, or they would have migrated already.

dmm|1 year ago

Does sleep and wake work for you with a standard Linux distro? If so a newer kernel might help,like the kernel-latest-qubes-vm package, might help:

https://www.qubes-os.org/doc/managing-vm-kernels/#installing...

fsflover|1 year ago

> but I had issues with sleep

If you choose Community-recommended hardware (https://forum.qubes-os.org/t/community-recommended-computers...), sleep will work fine for you.

fsflover|1 year ago

> dropped it because of bad graphics performance (only software rendering supported

This is by design, to provide high security, which is the point of Qubes. It's planned to allow GPU for chosen, trusted VMs: https://github.com/QubesOS/qubes-issues/issues/8552

Alternatively, you could perform a GPU passthrough, https://www.qubes-os.org/faq/#can-i-run-applications-like-ga...

sureglymop|1 year ago

Your link concerning GPU pass through only links to a google groups discussion with last activity in 2020 and 2015. So.. I guess this is not possible nor recommended?

I've been using vms with passed through gpu for a while and it's great but I would love to switch to qubes. I wish this was prioritized.

Dalewyn|1 year ago

>bad graphics performance (only software rendering supported, many frame drops when watching HD videos on YT)

It might help if you used a computer with CPU horsepower that actually exists.

And in case this sounded facetious, any reasonable CPU from the past 15 years can handle software decoding of high resolution video just fine.

This all said however, if you do actually need full use of all hardware resources then being constrained to software is certainly a factor worth considering.

crest|1 year ago

You have to do more than just decode the the video stream to display it as smoothly playing video without dropping frames or audio samples or loosing sync. It requires always scheduling the context switches correctly between different virtual machines when using Qubes OS, performing multiple copies across protection domains.

Brute force helps a lot, but do you want a ≥5GHz multi-core CPU burning 150W just to watch a single video stream with maximum paranoia settings?

kllrnohj|1 year ago

> any reasonable CPU from the past 15 years can handle software decoding of high resolution video just fine.

4k VP9 from youtube takes my 5950x around 20-25% CPU usage to handle with hardware acceleration disabled.

The fastest consumer CPU available 15 years ago could not handle that. Hell, even CPUs from 10 years ago couldn't do that. Add power & thermal limitations of a laptop CPU? Not a chance.

And that's just VP9! HEVC or AV1 would really put the hurt on.

irundebian|1 year ago

I'm using an Intel i7-8850H with 6 cores so I think it's powerful enough. It's not that I couldn't watch HD videos but I was experiencing stutters and it left me with the feeling that the CPU is insufficiently utilised.

em3rgent0rdr|1 year ago

> only software rendering supported

Isn't this something GPU Virtualization is intended to solve?

samoit|1 year ago

I think you do have GPU acceleration in the Dom0 but I do not remember if you can use/install programs on it, it was the "coordinator" dom.

bobertlo|1 year ago

Yeah, I could not do it without other computers to use, but after a year of keeping a system running it, I find myself mostly using my other systems for specific purposes like a windows machine for gaming (no web browsing ever lol), my macbook air for printing, managing photos, doing stuff with my iOS devices, etc.