Conclusion

It has been an exciting week-long journey!

I want to commend the Qubes Team for their accomplishments and the Fedora Team for their progress made since the Fedora Core releases. I for one am excited to see what Qubes OS 4 will bring, early 2017.

That said it does not seem workable to use Qubes during offensive engagements.

New clients become repeat customers, knowing I do my job efficiently within their available time and budget. Running Qubes OS would slow me down.​

For example, during an internal network penetration test:

I want to be able to quickly lower the security of my system

Bridge together several (wireless) network interfaces

Enable IP forwarding to complete my MiTM attack, or

Serve up an exploit or a malicious login portal

This is cumbersome when your network devices, firewall, and attack tools are so separated. I would need more time to explore this, which is a precious commodity nowadays.

Next, I am likely to take at SmartOS, pre-eliminated for its current lack of USB3 support. Brian Cantrill’s hilarious talk on it piqued my interest.

Then dd my copy of Windows 10 Pro onto my SSD and setup a multi-boot system. Likely hosting my attack tools under VMWare/VirtualBox alongside a variant of BSD and Linux.

Qubes will likely serve as a more portable version of my hacker lab.