This is correct.
This is not yet the case, so saying “previously referred to” would be wrong here.
OK, this is a misunderstanding caused by a large number of the underlying context here.
-
Someone must have a full access to dom0/admin part of Qubes OS in order to manage the Qubes OS installation. Otherwise the OS would be useless for everyone, including any “evil corporation”, if it ever might seize the control. Conclusion: the controlling part (however it’s called) will always be a part of the OS.
-
If you have the full source code, including the “dom0/admin tools”, you can always install it such that you have the full control, cloud or not. Qubes OS license is GPLv2. Conclusion: You will always have the access to the source code and full control over the OS.
Rest assured that we will also discuss other solutions not involving the cloud. The beauty of Qubes Air, we believe, lies in the fact that all these solutions are largely isomorphic, from both an architecture and code point of view.
Isomorphic in this context means that, from the point of view of Qubes architecture, it does not matter whether your qubes run in RAM on this machine or they are completely different devices connected over a network. You design Qubes Air around the “cloud” but you can still use it in the same way on a single machine. It how you deploy that defines whether it’s a cloud or not, not the architecture. The linked article is about the architecture. To me, it has always been clear from the above wording.
This looks really scary indeed, because you forgot to make the other relevant part bold too:
it’s possible … without the user having to notice
doesn’t mean it’s the only possibility. You quote just says the same: “it will open many new applications” (which doesn’t imply that it will close existing applications).
I think you misunderstand what is said here. Indeed, it’s not expressed so clearly in this case, although in the context of other discussions, it’s clear to me. This is about a special use case: corporate deployment (see below).
No! Look, what do you think the main problem of Qubes OS right now is? Let me tell you: it’s the money! How do you get it? From the companies using Qubes OS and asking for support/development of new features. Many of them are really interested in secure computing, defense against ransomware, peace of mind when opening files from clients and so on. They are not interested in a local machine, where the user has full admin access. This is useless for them and also useless for the people working there who don’t want to administer the computers and only want to perform their own tasks. So in some sense you are right: the reason for Qubes Air is to make it possible to restrict the user access. Ordinary workers will not need dedicated machines from the Community-recommended list to run Qubes in this case. But please see above about the source code license and isomorphism.
This is exactly about the corporate use case. It does sound scary in the context of ordinary users and reminds the approach Windows has taken. However, there is no single example when free software with GPL was turned into such evil software as far as I’m aware. This is the whole point of the four freedoms! By the way, you ignored my question above about about it.