Nope, when it comes to technology, it makes sense to rely on facts grounded on the solid technical/scientific proofs like those listed above and I’m afraid that I don’t have anything to support the thesis of honeypot existence at this point.
Everyone respects your opinion and intuition which is useful as it creates doubt, doubt drives the research and research improves people’s lives… But, from the technical perspective, we must recognize the effort that Qubes dev team made in combining xen with additional software as a brilliant and complex concept that provides a fully functional product which finds practical use in corporate environment, it resolves real technical problems in production, it drastically improves productivity and these are the facts. This solution, however, fails at those basic levels I’ve wrote above.
My fends are using Qubes, I educate them to do so in their daily life and work, but it’s not fun to spend the afternoon in hardening and patching the templates or commonly used software such as web browser (manually). That’s why I’ve brought this subject and yes, I’ll share my findings/ideas with the dev team hoping that someday, we might have a standardized baseline checklist in place to help automate security profile configuration so that the basic or advanced user needs could be met more easily.
You know what, this even goes beyond basic recommendations provided by the Protection Profile for General Purpose Operating Systems, so thank you for that!
Many thanks for this!
Amen! 