I believe the argument goes that Xen hypervisor bare-betal virtualization is a much smaller attack surface than a hypervisor hosted by an operating system reliant upon constant administrative patching  and hardening.

richnost

bitcoin

What is your favourite Linux distribution, and why?

kst_winterhodler

Thanks!

I have not used Qubes but I have used xcp-ng (newest xen) in a production environment. I do know that the nsa has  recommended for gov agencies to not use vms for the most secure systems as the vm guests can potentially attack each other's memory. I'll look into Qubes to see how it protects the guests from each other.