Which operating system is more secure: Qubes OS, INTEGRITY-178B OS, or LynxSecure OS? [closed]
I have some questions about the security of virtualization. I've often heard that Qubes OS is the most secure operating system available because it uses a small Xen hypervisor (only 150 kB). It also incorporates Whonix-Qubes to help prevent IP address or geolocation data leaks from browser exploits. However, even Qubes OS is vulnerable to side-channel attacks, such as the Spectre vulnerability or potential exploits targeting Xen.
Fortunately, there are some impressive operating systems designed to mitigate these types of exploits.
INTEGRITY-178B, which uses a separation kernel, can prevent the Spectre vulnerability. It has been certified by the NSA as EAL6+ and SKPP (though the SKPP certification was abolished in 2011).
LynxSecure OS has an extremely small codebase, just 15 kB in size, and aims to provide a mathematically proven unhackable separation kernel. It is also certified as EAL7 and MILS by the NSA.
I am considering using these operating systems instead of Qubes OS. Could you explain the disadvantages of INTEGRITY-178B and LynxSecure compared to Qubes? Additionally, can these systems effectively prevent attacks, such as covert channel attacks?
For context, here’s my threat model and use case:
Threat Model:
- Sophisticated hackers attempting to steal financial or healthcare information.
- Hackers trying to discover my IP address or geolocation by exploiting browser vulnerabilities or other vulnerabilities, including zero-day exploits.
Use Case:
- I use online banking and gather healthcare information.
- I occasionally use the Tor browser to protect my privacy.