Why does QUBES recommend SSD drives..?

568 views
Skip to first unread message

neilh...@gmail.com

unread,
Aug 16, 2016, 10:45:43 PM8/16/16
to qubes-users
The Qubes website recommends SSD drives.

Is there any particular reason..?

Does Qubes use read/write to the hard drive any more than Windows... to the point where it's going to cause drive failure a lot earlier..?

Or is it simply a speed thing..?

Or what.?

Robin Schneider

unread,
Aug 17, 2016, 3:47:38 AM8/17/16
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi

I am pretty sure the main reason is speed. Also depending on your setup
(snapshots/btrfs) there might be alot of random read operations.

But when you look at the recently published paper [DiskFiltration: Data
Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive
Noise][1] there might also be another good reason to use SSDs ;)

[1]: https://arxiv.org/pdf/1608.03431v1.pdf

- --
Live long and prosper
Robin `ypid` Schneider
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXtBaXAAoJEIb9mAu/GkD4ZlcQANTjVBR2MbYidSzgOv4Di/GZ
EQZnqUwFhGtbvoZ623z7ZDxl8Vn4BpohAx4kUU/stmA0nm7nJcd3y8/j43quUUYy
L4jJQmVk6pd6p1i1I9N24Ra0TkteQHPn0bJ7r+U5p8xVPYdDz0iseQMCHHLKSPc5
L8/VoMIqYFFcmDccbu7oHKaCU3nqCTpYsO89bu0RjhLlAE2+EiXc3c8jK/R0+xuC
os7OV05ltMjhS1LH3SRgYWHPvvihDr9kcR+REhKVJ0NNmAFnsevZ0zgsPTGHqJrs
JZ7Rm4s4782Q80sTDOeMqQZfU2RbWn8Hm0+GEVio4XFbA882AW1cpJd7juOus3M6
m34LHl5s+2E8fWttbqNjlXCsI7gU0MfB1rwVNCK2MVObpjgAZyudJ+ArI9THGMXz
eAwQ6v7scHuBjI+ufrbNnGdtnRNkEhCjYKXCyr+NTWj+nCM3+xgBmQscAg+50eU8
Wl5IueIwkawzUoNCs+1oTOZyyW+SRPZhrfL8Jt9ftw7I5MqneobceH8k/YX9kYnp
HLmSQZ+170ZoW7LVvSnyiKUgYnhWI5JdKPlyX1CiOLVcP3gPCYtJ6kMKPOW+fhZl
RCh3uMzDr1nb7TCN2dOJ33gt9df7M1eraEjYQztuzOi9BfSq0rhx701hhjS9md7c
JKPUwVrj+YGlhJ/kvT5K
=3I7z
-----END PGP SIGNATURE-----

Robin Schneider

unread,
Aug 17, 2016, 3:56:33 AM8/17/16
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 17.08.2016 09:47, Robin Schneider wrote:
> On 17.08.2016 04:45, neilh...@gmail.com wrote:
>> The Qubes website recommends SSD drives.
>
>> Is there any particular reason..?
>
>> Does Qubes use read/write to the hard drive any more than Windows... to
>> the point where it's going to cause drive failure a lot earlier..?
>
>> Or is it simply a speed thing..?
>
>> Or what.?
>
>
> Hi
>
> I am pretty sure the main reason is speed. Also depending on your setup
> (snapshots/btrfs) there might be alot of random read operations.
>
> But when you look at the recently published paper [DiskFiltration: Data
> Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive
> Noise][1] there might also be another good reason to use SSDs ;)
>
> [1]: https://arxiv.org/pdf/1608.03431v1.pdf

To bring the paper into perspective in regards to Qubes OS: Qubes OS does
mitigate such an possibility already in that only the VM which controls a
(S)ATA controller with an HDD attached could do that. So the impact of such a
side-channel data leak should be pretty low for Qubes OS users when you keep
that in mind.

- --
Live long and prosper
Robin `ypid` Schneider
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXtBi8AAoJEIb9mAu/GkD4s5kP/3Qh3fgGEcsi/Jrt8+74lDQN
qQzJjWYusNfPy7jwR+P5R7zJjkPXkU79/P77d5kVGYN3UQULU0DpvsIgVw3V3fTI
vQzbj33hlOXCsAjG6V/FfE1TL5QWKpZV7I2Q2oQoUfe8HNNhvmu/QoSNlDFRIoj3
KMso2iqQPCMLzjUESWM95i9HBmNfzfH4fZyDKF1stqTIm9POr3k26excqV+WfOoi
RV7l7j87Ejn+yI/BhMGTI8VbdfV1e+8Yfl4tJmb06PfqKpDCn6gUi9Bp1+RcjGHC
JYzdEQ0y2tbZMvh1V4JJpvhu4OTT35BK7ML2hTLxdd3HKkAaFfK0+fD++pPeQI28
Cg/mQeUhitUhu12m7Qi1ilGRSekGUknt4pmBWJaISWzKjUwld9sN0or01swq/1qs
mQIQ0+BGMwMsuFb7356QMyNjSa60cu4i9ehxR905zH2ZDseiNVYBMpKZb7NvIOgM
eKy7HES0MdxNzEPn+LgMa3mliR9t2qdQ0JDeJUfd8xLtfBVe+rcZx/GTRoP817RZ
71Q4n3/Jkh0NVwEiNilFvz4N4j94kW0Lpymv6Je4gBjzaXEcbTOrmG4R3RVK1btB
N44SPjOVE8dhKIjQrv3nsEeCtjkVip79gecinjqeZ4wE8Xvo/Fi1ppYu0fQaSy3X
pu93R1Z/aS/Rm1e9JOIQ
=4iX2
-----END PGP SIGNATURE-----

Sandy Harris

unread,
Aug 17, 2016, 8:13:15 AM8/17/16
to qubes...@googlegroups.com
On Tue, Aug 16, 2016 at 10:45 PM, <neilh...@gmail.com> wrote:

> The Qubes website recommends SSD drives.
>
> Is there any particular reason..?

The main one is speed. For the boot drive in workstations or
laptops, I've been using SSDs for years. The performance
gain was large enough to justify them for me at 2005 prices.
At today's prices, I'd say it is a no-brainer for almost anyone.

SSDs are also quieter, use less power, produce less
heat, and are more likely to survive being bumped or
dropped.

On the other hand, mechanical disks are still much
cheaper if you need large storage.

Drew White

unread,
Aug 18, 2016, 2:00:10 AM8/18/16
to qubes-users, neilh...@gmail.com
If you are after the best performance, use an SSD.
If you have many guests and they are primarily parent/child, one thing you can do is get an SSD and an HDD.

The following is more for desktops, rather than SSDs.

This is something you will have to perform AFTER install onto the SSD, due to
the fact that Qubes installer is not advanced enough to allow multi-drive install...

1. Boot into Linux Rescue mode from a DVD/CD
2. use fdisk or parted to create the HDD partitions.
- I recommend 2 partitions, 1 for Qubes Logs folders and the other for AppVMs.

3. Set up the mount points and move the data for Qubes AppVMs and the Logs to the correct locations on the HDD.

The setup I stated here is more beneficial because of the many writes to the SDD are not beneficial for it and wear it out quickly, so having the logs on an HDD makes more sense.
The AppVMs that have their templates on the SSD are mainly reading the SSD, with very small amounts of data on the HDD.

This is something I queried them on, but they said it already did it, but I told them it didn't and told them everything how and why it DID NOT do it, and I have not heard anything further, nor have they changed the installer to allow for this.

They may have it scheduled for the future, so I will leave it at that.

Chris Laprise

unread,
Aug 18, 2016, 8:16:10 AM8/18/16
to Drew White, qubes-users, neilh...@gmail.com
On 08/18/2016 02:00 AM, Drew White wrote:
> If you are after the best performance, use an SSD.
> If you have many guests and they are primarily parent/child, one thing you can do is get an SSD and an HDD.
>
> The following is more for desktops, rather than SSDs.
>
> This is something you will have to perform AFTER install onto the SSD, due to
> the fact that Qubes installer is not advanced enough to allow multi-drive install...
>
> 1. Boot into Linux Rescue mode from a DVD/CD
> 2. use fdisk or parted to create the HDD partitions.
> - I recommend 2 partitions, 1 for Qubes Logs folders and the other for AppVMs.
>
> 3. Set up the mount points and move the data for Qubes AppVMs and the Logs to the correct locations on the HDD.
>
> The setup I stated here is more beneficial because of the many writes to the SDD are not beneficial for it and wear it out quickly, so having the logs on an HDD makes more sense.
> The AppVMs that have their templates on the SSD are mainly reading the SSD, with very small amounts of data on the HDD.

SSDs, circa 2012 or later, wear out at a rate equal to or slower than
HDDs. Even so, the older consumer grade SSDs used to fail largely
because their controller chips overheated and croaked (especially
Sandforce-based models, of which there were many).


> This is something I queried them on, but they said it already did it, but I told them it didn't and told them everything how and why it DID NOT do it, and I have not heard anything further, nor have they changed the installer to allow for this.
>
> They may have it scheduled for the future, so I will leave it at that.

The main concern with Qubes drive performance is read operations,
because starting apps can seem irritatingly slow when they come wrapped
in an entire virtual machine. Its definitely about UX when booting and
starting apps.

Qubes' write profile is still in the same ballpark as a typical desktop
PC, even with multiple OS updates.... The only exception to this is the
writing habits of qvm-backup, a separate issue which could be easily
addressed.

Chris
Reply all
Reply to author
Forward
0 new messages