It’s mentioned at Frequently asked questions (FAQ) | Qubes OS, in the section “How does Qubes OS compare to using a “live CD” OS”:
Booting your computer from a live CD (or DVD) when you need to perform sensitive activities can certainly be more secure
than simply using your main OS, but this method still preserves many of the risks of conventional OSes. For example, popular
live OSes (such as Tails and other Linux distributions) are still monolithic in the sense that all software is still running
in the same OS. This means, once again, that if your session is compromised, then all the data and activities performed
within that same session are also potentially compromised.
It’s said: “Booting your computer from a live CD (or DVD) when you need to perform sensitive activities can certainly be more
secure than simply using your main OS”. This doesn’t make sense to me. Please read my current understanding and help me know
what I am wrong at.
My understanding is that the only special benefit provided by a live OS like Tails is the no writing to disks, i.e. it
works using the RAM only. This is explained by the saying of Tails OS that it works like a tent
(Tails - How Tails works): “Tails always starts from the same clean state and everything you do disappears
automatically when you shut down Tails.\n Without Tails, almost everything you do can leave traces on the computer”.
My understanding is: If we get a new disk from factory, or a disk with all sectors written zeros or random, then do nothing
with it except installing Qubes OS on it while using Full Disk Encryption with a strong passphrase, then there is no problem
at all with sensitive data being written to the disk as long as the passphrase is strong and secure. In this way, Tails does
not provide anything special, and thus using Qubes OS is better (unless resources are not available, because Tails is more
lightweight) because you can simply use disposables for what you want to disappear after using.
Perhaps you should only tell me what’s the problem of writing information on disk, or what could be a benefit of a RAM-based
disposable in Qubes OS, and I’ll know what I’m wrong at. The disk is encrypted, so what’s the problem with all sensitive
being written to it? If you tell me: “They can get all the sensitive if they caught the computer while it’s running, because
disk is decrypted”, then I’ll tell you this is exactly what can happen to Tails users: Tails will do nothing if the laptop
was caught while it’s running or if the person was caught while the desktop computer is running and the adversaries had
access to the running computer. The only difference (I see) is that with Tails the sensitive data available will be of only
one session, while with Qubes it will be since first use. Is this the only difference?