It’s discussed in my links above. You should continue these discussions, in order to keep this forum readable, if you’re interested.
You must trust everything running in dom0 in order to be able to run Qubes. You can verify and compile the code yourself, or rely on the Community for that. Also, the developers provide a possibility to verify that the code comes from them without any modification on the way.
It’s disabled by default: Admin API | Qubes OS
GPU and window manager will not have full access to dom0 anymore. Also there is audio domain to isolate the Pulseaudio and sound hardware (and Bluetooth).
Yes, but it’s in beta and without a strong hardware virtualization yet.