Qubes OS is a security-oriented operating system which places a strong emphasis on isolating processes and information. The Qubes OS project is experimenting with a new concept with should allow certain virtual machines in the Qubes platform to perform a limited selection of administrative functions. Joanna Rutkowska explains: "The main concept behind the Admin API is to let select VMs preform various select administrative functions over the Qubes OS system. If this idea scares the hell out of you, then, my dear reader, we're on the same side. Indeed, if we're not careful, we can use the Admin API to shoot ourselves in the foot. Moreover, it might look like we're actually adding complexity and enlarging the amount of trusted code (TCB) in Qubes OS. All good intuitions. But below I argue that the opposite actually holds, i.e. that the Admin API allows us to actually shrink the amount of trusted code, simplify trust relationships in the system, and ultimately to improve the overall security at the end of the day. It's a bit like comparing SSH to Telnet. Admittedly, at first sight, the SSH protocol has much more complexity than Telnet, yet no one questions today that SSH is actually significantly more secure than the much simpler Telnet." A complete explanation of the Admin API feature can be found in Rutkowska's news post.