Posted Apr 13, 2011 19:38 UTC (Wed) by alvieboy (subscriber, #51617)
Parent article: Qubes beta 1 released
Applications already run in an isolated context (meaning they cannot interfere with each other, except on some specific scenarios, like SHM).
As long as system calls are properly protected, I don't actually see how this gives an overall benefit. Can't other layers give the required amount of protection, without having to run an hypervisor and a domain controller, whose impose a *huge* performance hit ?
This looks like obsession to me. It's like having my car to break automatically whenever it spots an obstacle, in the eventuality of it being a living being. And triggering airbags because it was actually only a piece of paper.