Qubes released 3.0 today! Joanna Rutkowska posted a blog entry on it today. This release is dedicated to the memory of Caspar Bowden, a pioneer in privacy. Excerting Joanna’s anouncement of some of 3.0’s features:
Qubes is now based on what we call Hypervisor Abstraction Layer (HAL), which decouples Qubes logic from the underlying hypervisor. This will allow us to easily switch the underlying hypervisors in the near future, perhaps even during the installation time, depending on the user needs (think tradeoffs between hardware compatibility and performance vs. security properties desired, such as e.g. reduction of covert channels between VMs, which might be of importance to some users). More philosophically-wise, this is a nice manifestation of how Qubes OS is really “not yet another virtualization system”, but rather: a user of a virtualization system (such as Xen).
We upgraded from Xen 4.1 to Xen 4.4 (now that was really easy thanks to HAL), which allowed for: 1) better hardware compatibility (e.g. UEFI coming soon in 3.1), 2) better performance (e.g. via Xen’s libvchan that replaced our vchan). Also, new Qubes qrexec framework that has optimized performance for inter-VM services.
We introduced officially supported Debian templates.
We integrated Whonix templates, which optimize Tor workflows for Qubes.
The work on 3.1 is underway, with some features planned, including UEFI support, Live USV edition, and a management/pre-configuration stack.
EFI support ticket: