The thing that stood out for me was the use of ngram hashes as an additional feature set. My understanding of this is that its typically used as a positional feature.

Is this a limitation of the byte patches in that the positional information needs to be augmented?

What percentage of the new code was written by an LLM?

And cooler magic to colour code your window borders. Effectively gives you a VM running Firefox and you only see the Firefox window.

This will let you run your email in one window, and click on a link to open it in another VM.

Runs Windows pretty well! I find that very convenient.

https://www.qubes-os.org/doc/templates/windows/

Qubes is great as a development platform. The simple integration of VM's into a desktop is surprisingly useful and seamless for day to day development, testing and work.

I've used it for a number of years.

How about Heads?

https://osresearch.net/

https://forum.qubes-os.org/t/what-makes-heads-so-great-when-...

AEM is a little sketchy though, you need to trust a flash drive to hold it, and make sure that drive doesn’t get overridden by a malicious attacker. Your link goes more into depth about the disadvantages

In some threat models, it's more feasible to protect a portable flash/SSD drive than an entire laptop.

In other threat models, laptops/tablets/phones could be physically secured in a safe, or kept under direct physical supervision.

Yeah, that’s what I was alluding to. I think the OPs point still holds here- both of those are quite a bit harder than the built in Mac solution