As I recently realized this, I now see it as a major source of confusion as I go about learning all this. I come from a political inclination onto this OS simply because I don’t see issues of security being treated seriously by the mainstream press, political activists, politicians and generally the whole superstructure of our society. So I understand that there are often many hands in the pie, so to speak e.g. Intel and TPM’s, Flash technology and HTML, and so on.
Qubes is composed of various components organized around coding a specific task on a specific set of hardware, although generally as wide a net as possible. From a security perspective, it is impossible to ignore that to organize people to organize information so efficiently as what is required to run this code, with all its complexity, money exchanges hands often. Open source is not free because at the very least, even in the case of volunteer work, you are still adding value if the code is used. It simply means that 100% of the value of labor has been used, although it is worth considering if volunteer work has use value but no exchange value, is there work that has exchange value but no use value?
I am trying to tie all this in to the specific question because it was originally what motivated me to post this. But there is a lot to learn about computers and I am merely starting out. It seems to me relevant that the GUI domain uses one desktop framework, KDE, what is generally described as a “Desktop Environment,” hence the “DE” in KDE, and the Virtual Machines in default mode use Gnome, its competitor “Desktop Environment.” There are specific programs written for each which if one desktop environment is installed, components of the other must be installed in order to run that program. So personally, I usually try to maintain consistency to avoid this sort of cross pollination of desktop environment code, unless the application in question provides a function that is unique.
Being a novice self taught computer technician, although very much aware of systems structure and to a certain extent, systems theories and philosophies, I may be unable to fully appreciate why a decision would have been made such as with the KDE, Gnome default installation. My understanding is that both the GUI domain and VM domains use fedora, something I have not modified because part of my decision with Qubes was to implement a strategy that would established the most security, in the fastest most efficient way possible, which could then be tweaked and fine tuned and hardened as I learn more.
But it seems to me that a persistent level of security is even beyond the scope of the hardware itself and it is certainly relevant to suggest whether this could be improved given only what we know now in terms not only of systems integrations into larger/other/different systems (an example would be use of API with lower and higher level code), but also in terms of the way these systems will behave in the future, up to and including understanding the manner in which things like human error and espionage work to manage a relational security complex.
Any thoughts? I am just ruminating but input is appreciated. Some of this information is derived from the Invisible Things Lab blog.