throwaway888abc

There is also Qubes for security sensitive work

https://www.qubes-os.org/ https://www.whonix.org/

Still, I like the point/aim author is taking.

mirimir

Right. Or where it matters less, VirtualBox or KVM.

And where it matters more, hardware compartmentalization.

infokiller

> And where it matters more, hardware compartmentalization.

With the caveat that you need to use secure air-gapped communication, and you probably want to use Qubes on each of the separate machines as well [1].

[1] https://www.qubes-os.org/faq/#how-does-qubes-os-compare-to-u...

mirimir
Right.

The Tinfoil Chat setup uses optocouplers to enforce one-way data transmission.[0] And one can use inexpensive CD-R and micro SD cards for single-use data transfer. But transferring anything but plain text is dangerous.

0) https://github.com/maqp/tfc