Excellent write-up!
Though, it’s a pity that a great ambassador of OpenBSD has stopped using it.
I find the authors concerns about security to be at odds with their enthusiasm for flatpak and systemd. Personally I don’t think containerised applications get as much attention from package maintainers or security audits. Systemd is also expanding into every area of the OS including recently offering a sudo alternative which is basically creating one massive attack surface.
Even if you’re rightfully concerned, they become non-issues in the author’s platform of choice: Qubes OS.
The reason (I think) they mentioned all of those explicitly Linux things, is because they’ve also stopped using OpenBSD VMs in Qubes OS.
Great blog post, always nice to read about other people’s experiences. I was curious if you’d switch back to NixOS, but that’s not the case. Cubes OS looks interesting, I checked it out a few years ago. I should give it another look.
I believe the author continues to make use of NixOS VMs withing Qubes OS.
QubeOS has quite a bit of issues to , unless it’s better now?
It ain’t perfect. But it’s the best we got when it comes to a secure OS on x86.
The author is even quite explicit when they mentioned to use Fedora Silverblue for gaming.
