Create "Who uses Qubes" or "Why use Qubes" section

[bnvk]

We need some user friendly content that explains Who should use Qubes users base. The Tor project has a nice one.

This relates to #1833 @mfc are you up for working on this?

[andrewdavidwong]

As I brought up in the discussion of #1833, it's not really clear to me who exactly the intended userbase of Qubes is. I think it's a high-level project decision that ought to be consciously made. In some respects it doesn't matter (for example, it won't change the security-oriented nature of Qubes), and many different answers can be justified. But, for the purpose of writing for one's audience, it's important to have an idea of who that audience is.

[mfc]

First this should be framed "Who uses Qubes" not "Who should use Qubes". The should makes it into a value judgment which is unnecessarily thorny. Notice that the Tor page is not a value judgment (on the face of it).

We actually don't want to be listing like five categories of "types of people/users" if that means that some potential users (or current users) are not listed/captured. So that is one reason with the Tor page has "normal users", "high/low profile users", etc. So if we go this route we do want catch-all categories like that, and a mix of current users and desired users (just as Tor does implicitly).

I think more useful would be focusing on why someone would be interested in using Qubes -- malware protection, identity management, safely using Windows applications, etc. There is still no place that describes these things.

[bnvk]

yah @axon-qubes this is an effort to bring who that audience is into focus- it's not going to happen by not discussing it and not experimenting with our marketing and outreach 😄

Sounds good on the framing @mfc I updated the title. Feel free to help create content you think is best. I've found much mileage in the "persona" style explanations. So perhaps mixing...

why someone would be interested in using Qubes -- malware protection, identity management, safely using Windows applications, etc.

...with some user persona's of real (and non-real) people from the categories I mentioned, and by no means being exhaustive about this. An example would be:

---

Name: Isis Agora Lovecruft
Job: Cypherpunk, Tor Project Core Developer
Website: https://patternsinthevoid.net
Quote: "With QubesOS, I feel more comfortable accessing Tor Project infrastructure from the same laptop as I use to execute random GameBoy ROMs that I downloaded from the internet."
Setup: To do what Ms. Lovecruft is talking about, one simply makes a clone of their normal Debian or Fedora Template and then installs various emulators in that cloned Template. With this setup, if one plays a video game ROM, which happens to be infected with malware, no serious work, encryption keys, or server passwords get compromised, as the emulator and the game ROM are both isolated.

does this sound right @isislovecruft ?

[isislovecruft]

@bnvk Sounds pretty good! Maybe change my title somehow, because the first two things are things which I am, but I'm certainly not the entire Tor Project. :)

Also I'm not sure which readers this is targeted at, but maybe some basic Qubes explanation of "things are run in VMs based off of separate templateVMs" or something similar, in order to make it more clear that I'm not SSHing to bridges.torproject.org from my GameBoy emulator VM.

[isislovecruft]

Also, I'm not sure if I am a cypherpunk. Those people are cool.

[bnvk]

@isislovecruft thanks. Updated. Silly coma. You totes are a cypherpunk!

[bnvk]

adding as per @andrewdavidwong suggestion and @mfc feedback in QubesOS/qubesos.github.io#42

---

Name: Edward Snowden
Job: Whistleblower and privacy advocate
Website: https://edwardsnowden.com
Quote: "Remember the 'I Hunt Sysadmins' presentation by @NSAGov? Make it hard for them. Use @QubesOS."
Setup: ...to be written, but perhaps a "Sys Admin" configuration of Qubes with Split GPG, VPN, Standlone VMs, SSH keys in different VMs etc...

• tweet

[andrewdavidwong]

Related (possibly duplicate): #1947

[mfc]

so i think this should be framed in terms of types of people/professions who use Qubes (like the Tor website has), rather than the people themselves. if we want to highlight people, either should be a quote on the main page or a "case study" that we promote (on the blog?).

I think I was a bit too harsh above about the differences between "use" and "should use", the Tor Project page actually says:

"Here are some of the specific uses we've seen or recommend."

and I think ours will likely also have some userbase projection to it.

below is a basic draft of one approach, that uses professions to frame different Qubes functionalities that may be relevant to them (#1947 could potentially be a source for some of these).

---

• developers
  • splitgpg (for email, git signing)
  • malware protection / isolation for build environment
• system administrators
  • fine-grained networking control: have multiple firewalls, VPNs, Tor connections running in parallel
  • Qubes OS considered the highest level of security practices for sys-admins according to Linux Foundation IT
• businesses
  • use legacy Windows applications within a secure environment
  • integrate Windows, Debian, Fedora and more applications within a single desktop environment
  • protect confidential information while still interacting with less secure environments
  • boot integrity (anti-evil-maid) to ensure the security of your laptop while you travel
• researchers
  • malware protection, safely interact with email attachments
  • visit government or corporate websites without them knowing it is you
  • use Martus to gather information more securely
• activists
  • easily create and maintain multiple identities online depending on the risks you face
  • visit media, whistleblowing, government, or corporate websites without them knowing it is you
• LGBTIQ communities
  • easily create and maintain multiple identities online depending on the risks you face
• journalists
  • splitgpg
  • communicate with anonymous sources in a secure way
  • visit government or corporate websites without them knowing it is you
  • handle untrusted PDF and DOC files
  • convert untrusted PDF into trusted PDFs
• everyday users
  • integrate Windows, Debian, Fedora and more applications within a single desktop environment
  • safely interact with the web, whether visiting websites or opening files
  • easy backup and restore functionality