wiki/phyllomeos/comparaison.md

58 lines
4.0 KiB
Markdown
Raw Normal View History

2022-01-07 10:39:19 +00:00
---
title: Comparaison
description:
published: true
2022-01-18 10:01:50 +00:00
date: 2022-01-18T10:01:48.564Z
2022-01-07 10:39:19 +00:00
tags:
editor: markdown
dateCreated: 2022-01-07T10:39:15.878Z
---
# Comparaison
2022-01-18 09:59:03 +00:00
Phyllome OS draws inspiration from numerous other projects, including desktop-oriented systems such as [Qubes OS](https://www.qubes-os.org/), [Tails](https://tails.boum.org/), and [Fedora Silverblue](https://silverblue.fedoraproject.org/), as well as others specialized in running container workloads, such as [Fedora CoreOS](https://silverblue.fedoraproject.org/) and [RancherOS](https://rancher.com/).
2022-01-07 10:39:19 +00:00
2022-01-18 09:59:03 +00:00
When it comes to virtualization-friendly, open-source, desktop-oriented operating systems, two projects stand out: Qubes OS and [Spectrum](https://spectrum-os.org/). How do they compare to Phyllome OS?
2022-01-07 10:39:19 +00:00
2022-01-18 09:59:03 +00:00
## Qubes OS
2022-01-07 10:39:19 +00:00
2022-01-18 09:59:03 +00:00
Like Phyllome OS, Qubes OS is based on Fedora but relies on Xen, the other popular open-source hypervisor for Linux.
2022-01-07 10:39:19 +00:00
2022-01-18 09:59:03 +00:00
Xen strongly isolates components of the hardware stack, including the USB and network controllers. By design, it works in parallel rather than alongside Linux, as KVM does. KVMs more tight integration with the Linux Kernel can be considered an advantage or a disadvantage.
2022-01-07 10:39:19 +00:00
2022-01-18 09:59:03 +00:00
Out of security concerns, Qubes OS does not yet support 3D-accelerated virtual machines, even though its parent project Xen does support this functionality. Phyllome OS intends to support 3D acceleration inside virtual machines, even if it means increasing the attack surface.
2022-01-07 10:39:19 +00:00
2022-01-18 09:59:03 +00:00
## Spectrum
2022-01-07 10:39:19 +00:00
2022-01-18 09:59:03 +00:00
Just as with Qubes OS, Spectrums main focus is secure computing. Spectrum uses Nix, a declarative packet manager. It is built atop crosvm and thus doesnt rely on QEMU, largely reducing the attack surface. Through a re-implementation of the virtio-wayland device, which is used in Chrome OS to securely run Linux apps alongside the main OS, Spectrum will eventually allow its guests virtual machines to have a GPU capable of efficiently accelerating 3D applications.
2022-01-07 10:39:19 +00:00
2022-01-18 09:59:03 +00:00
By design, Spectrum won't support operating systems that don't rely on the Wayland protocol.
2022-01-07 10:39:19 +00:00
2022-01-18 09:59:03 +00:00
| | Qubes OS | Spectrum | Phyllome OS 1.0 |
| :- | :-: | :-: |
| *Emulator* | QEMU[^1] | crosvm | Cloud Hypervisor |
| *Hypervisor* | Xen | KVM | KVM |
| *Virtual chipset* | i440fx? / Q35? | ? | virt |
| *Default filesystem* | Ext4? | Ext4? | F2F2 |
| *Non-Linux guests support* | Yes | No | Yes |
2022-01-18 10:01:50 +00:00
| Based on | Fedora | Chromium OS? | Fedora CoreOS |
2022-01-18 09:59:03 +00:00
| Desktop Environment | Xfce | Aura? | GNOME Shell/Headless|
| Package management | RPM | Nix | RPM-ostree |
| Rolling release | No | Yes? | Yes |
| Live edition | No | No | Yes |
| OS as the center of the UX | Yes | Yes | No |
| Security-focused | yes | yes | no |
2022-01-18 10:01:50 +00:00
| Encryption | [dm-crypt](https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/dm-crypt.html) | [dm-crypt](https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/dm-crypt.html) | [fscrypt](https://www.kernel.org/doc/html/v4.18/filesystems/fscrypt.html) |
2022-01-07 10:39:19 +00:00
2022-01-18 09:59:03 +00:00
[^1]: Since 2017, Xen, upon which Qubes OS relies, is also exploring the possibility to [avoid using QEMU](https://wiki.xenproject.org/wiki/Xen_Project_Software_Overview#Guest_Types) for guests using hardware-assisted virtualization. See the diagram on the “Guest Types” section:“Xen Project Software Official Overview.”.
2022-01-07 10:56:50 +00:00
2022-01-18 09:59:03 +00:00
From a design perspective, Qubes OS and Spectrum are end-to-end operating systems, whereas Phyllome OS is only a wrapper around the users preferred operating system. Thanks to nested-virtualization, it could even be used to host those operating systems, but in this configuration, the attack surface would be significantly increased, and the performance would take a significant hit, especially for nested guests.
In Phyllome OS, the main computing activity will happen inside the users virtual machine. In QubesOS, Dom0 (“domain zero”) is at the center of the users experience.
In summary, despite some shared characteristics, Phyllome OS is not meant to be a replacement for Qubes OS or Spectrum, but could become a test bed for these operating systems.
2022-01-07 11:13:33 +00:00
2022-01-07 10:56:50 +00:00
---
2022-01-18 09:59:03 +00:00
*[**Go to parent level**](/phyllomeos/)*