Qubes OS 3.2 released with integrated management infrastructure

The Qubes OS team has announced release of Qubes OS 3.2, and iterative update for Qubes OS 3.1 released earlier this year. This release of Qubes OS ships several updates to offer a more polished, easy to use and stable operating system.

The most important highlight of Qubes OS 3.2 is improved integrated management infrastructure. This will allow the operating system to control what is happening inside VMs, along with managing whole VM. The major challenge in implementing such an infrastructure was, allowing a tight integration of management engine software with potentially untrusted VMs without making it prone to attacks. The team believes that, they were able to find an elegant solution for this problem and is implemented in Qubes OS 3.2.

One major feature that we’ve improved upon in this release is our integrated management infrastructure, which was introduced in Qubes 3.1. Whereas before it was only possible to manage whole VMs, it is now possible to manage the insides of VMs as well.

The principal challenge we faced was how to allow such a tight integration of the management engine software (for which we use Salt) with potentially untrusted VMs without opening a large attack surface on the (complex) management code. We believe we found an elegant solution to this problem, which we’ve implemented in Qubes 3.2.

We now use this management functionality for basic system setup during installation, for preparing our automatic tests, and for applying various custom configurations.
For more information, you can read release announcement published in projects blog.

Download Qubes OS 3.2

