In my opinion it would probably be using Qubes certified hardware with Qubes on it and then routing everything through whonix VM.
Curious to know if anyone has anything else that is more secure than Qubes - I mean like does anyone know what darknet vendors use opsec wise?
Also I heard Snowden used Tails OS when blowing the whistle - so perhaps using tails would be up there.
Unpopular opinion but… First privacy and security is not the same, one relays on the other tho. So find your treat model when it comes to privacy. If its about security as you mentioems qubes is also great, yet needs a lot of knowledge. Your computer is only as secure as you made it and make it! Keep it up to date etc. For a normal user who don’t have the knowledge or used qubes or even Linux in the past it is probably a jump to high. Macos is secure, not very private. Consider all of this find out yout treat model find out what you use your computer for. Separate business and private accounts etc…
I agree with most of what you said. But I won’t consider Mac a secure os. Yes it may be more secure than a vanilla Linux distro but with few minutes you can make a vanilla Linux and Mac os equally secure.
But then the problem is if someone is able to gain access maybe chaining 2-3 Zero days. They will get access to everything. But in qubes with hardened templates they will have access to single qube. And if you were being care full only a disposable qube.
The power of Qubes is in its ability to compartmentalize everything. You still need to harden all templates use minimal template for vault VM. I’ve more than 30 separate appVM. And still use disp VM with most of the time.