AnarSec is a new project of tech guides for anarchist threat models, intended for an anarchist audience. Our experience with non-technical users is that they will not read documentation, which is why we are motivated to distill what they need to know in a more approachable format.
You can find the guide for Qubes OS / Qubes-Whonix here:
Firstly, distilling security is a complicated topic. That said, the guide is very long. I commend the work, but think much more distillation could take place…infographics, videos, etc.
If the audience is nontechnical, then IMO qubes is not a good choice. Qubes is clunky, and takes time to learn.
A very simple solution is a kicksecure VM only running whonix. Do not use kicksecure for anything on the internet, and only use the whonix VM.
Qubes are somewhat easy to mess up. “Oops I just visited this site in my debian qube…now my IP is associated”
Tails is enough for most non technical users
Kicksecure with Whonix is good if you need to spend lots of time on the computer and need more powerful OS features. You could even dualboot if you need a clearnet machine.
Qubes is for technical users, which is why this guide is incredibly long and detailed.
Thanks for the feedback Mycobee, and the kind words! I’ve noticed your contributions to automated testing, great work on that
I agree that the Qubes guide is only relevant to quite motivated users, and the Tails guide is more appropriate for most people. It may be too subtle, but we tagged the Qubes OS guide “intermediate”, whereas all the others are “easy”. In the section on choosing whether Tails or Qubes OS should be used, it advises to use Tails “If the learning curve for Qubes OS is too steep”. I personally know a good handful of Qubes users who are non-technical, but use it as their daily driver after (and only after) they have been given an extensive tutorial that they can understand.
In regards to mentioning Kicksecure/Whonix outside of the context of Qubes, we decided to wait for Whonix-Host. When Whonix-Host is available, we will have another guide dedicated to it, and advise it as more secure than Tails but with the same live-mode anti-forensic properties.
