I could use gvisor inside distrobox inside an appVM in Qubes, couldn't I?
Many CVE's for Xen were discovered and patched by the Qubes folks, so that's a good thing...
As for OpenBSD, I thought I mentioned in the blog post that I'm intending to use it as sys-net VM inside Qubes if not as HVM alongside my Linux appVMs, for when I need Linux. The best of both worlds, so to say.
Well, I'm not sure why they didn't include Secureblue qubes...
I don't do gaming or intensive development, so it's fine for me.
Server-side API? I was talking about avoiding to get one's entire OS hijacked. The qube with the browser might get compromised, but dom0 would stay safely offline, that's my ideal, not the utopic notion of never possibly getting attacked and hacked.
As long as you don't explain what concepts am I mixing up, I don't see the respect, but as a random person on the Internet, feel free to troll, I'll move on.
AppVMs are isolated in Qubes even without the help of Wayland
Thanks, Ironclad and Gloire look interesting for a RISC-V system, gonna try out at some point alongside CheriBSD
I'm all for a better Flatpak, but I'm on the fence with full-on usage of Rust, I'd wait for there to be a second Rust compiler. Otherwise, sandboxing might be enough for some users, but not exactly for me.
I actually forgot to mention it, but I was going to say anyway that sandboxing I deem less ideal than paravirtualization
GNOME is just the default, there's also KDE and no-GUI options if I'm not mistaken
Chimera is a nice alternative to Alpine, have you thought of sending this feedback to Chimera's dev?
It works decently with just 8 GB RAM, and I'm going to upgrade the RAM.
Secureblue is based on sandboxing rather than paravirtualization, and I'm not sure that's secure enough for me.
Oh, good to know... In other words, sandboxing is not the best practice on Linux... So I'm better off with Qubes than with Secureblue