Qubes OS 30 Published by

Qubes OS 4.1.0 has been released. Qubes OS is a free and open-source, security-oriented operating system for single-user desktop computing based on Xen-based virtualization to allow for the creation and management of isolated compartments called qubes.

Qubes OS 4.1.0 has been released!

At long last, the Qubes 4.1.0 stable release has arrived! The culmination of years of development, this release brings a host of new features, major improvements, and numerous bug fixes. Read on to find out what’s new, how to install or upgrade to the new release, and all the noteworthy changes it includes.

What’s new in Qubes 4.1.0?

In case you still haven’t heard, Qubes 4.1.0 includes several major new features, each of which is explained in depth in its own article.

Qubes Architecture Next Steps: The GUI Domain

The GUI domain is a qube separate from dom0 that handles all display-related tasks and some system management. This separation allows us to more securely isolate dom0 while granting the user more flexibility with respect to graphical interfaces. (Note: The GUI domain is still experimental, so it’s an  opt-in feature in Qubes 4.1.0.)

Qubes Architecture Next Steps: The New Qrexec Policy System

Qrexec is is an RPC (remote procedure call) mechanism that allows one qube to do something inside another qube. The qrexec policy system enforces “who can do what and where.” Qubes 4.1 brings a new qrexec policy format, significant performance improvements, support for socket services, and policy notifications that make it easier to detect problems.

New Gentoo templates and maintenance infrastructure

There are three new flavors of Gentoo templates, as well as an advanced infrastructure for automated building and testing, which also supports Linux kernel and Arch Linux building and testing.

Improvements in testing and building: GitLab CI and reproducible builds

This article explains our work on continuous integration (CI), which automates and improves several aspects of the development process, and reproducible builds, which improves the security of the build and verification process.

Reproducible builds for Debian: a big step forward

This article explains the tools and infrastructure we’ve built to verify official package builds by rebuilding them. While this was supposed to be possible in theory, making it a reality required significant work, including rewriting certain components from scratch.

More improvements, bug fixes, and updated components

In addition to the articles above, there are also numerous other improvements and bug fixes listed in the  release notes and in the  issue tracker.

Finally, Qubes 4.1.0 features the following updated default components:

  • Xen 4.14
  • Fedora 32 in dom0
  • Fedora 34 template
  • Debian 11 template
  • Whonix 16 Gateway and Workstation templates
  • Linux kernel 5.10

Qubes OS 4.1.0 has been released!