58
What laptop do you use/recommend?
(lemmy.org)
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Community icon from opensource.org, but we are not affiliated with them.
It's all about where you draw the abstraction layer in the hardware stack.
For Qubes / Xen its done at the Virtual Machine layer (pretending to be totally independent CPUs/RAM/Networks)
For Nix et al I believe they are using containers which draws the line of abstraction inside the Kernel (pretending to be different clean name spaces, but the same kernel is aware of what is running everywhere).
There are tradeoffs and different efficiencies for every different level of abstraction, for the most security sensitive applications you would want to run them on physically different computers, then the next step would be inside of different virtual machines (Xen/Qubes), then next step would be in different kernel name spaces (Containers/Nix), then process isolation with different virtual memory spaces (standard linux type processes you know and love)
Oh, interesting. Thanks!