No, in my experience most users do not need to install software.
In Debian (at least) GUI software installers are fully functional, as
you should know. (So one command line instance in dom0 to install synaptic.)
Fedora was just horribly broken - I assume it still is.
I never presume to speak for the Qubes team.
When I comment in the Forum or in the mailing lists I speak for myself.
actually, what @sosqubesinstal said, really deeply express my frustration.
although after reading replies, i also think that those are make sense & true.
in my journey, struggling for security, that we can read here.
after Heads Qubes laptop & Graphene OS, even air-gaped laptop, cannot protect my privacy,
somehow this reality i experience, give me a strong assumption,
that maybe actually, all devices in the world have been compromised,
or maybe, there is a hidden backdoor component in all devices, ready to be used anytime,
it is either, the attacker let us sleep peacefully, with a sweet lie,
that we are secure, which is actually not,
or the attacker let us know the bitter truth,
that we have been backdoor-ed / compromised.
either sweet lie or bitter truth,
none of the option are good.
but the reality that confuse me is,
the fact that most activity stay secure,
regardless the fact that we are using unsecured system, ie:
how come people simply make online payment / transaction,
or login into bank account, or using online banking in mobile apps,
or input their credit card number into online form,
regardless the fact that we are using unsecured system,
(which in my case, give me strong feeling that they can live stream my devices)
how writer like JK Rowling, or other director, song writer, journalist, researcher,
using unsecured laptop, to type a long story / research, but nobody steal their work,
regardless the fact that we are using unsecured system