IIRC she gave some indication that guest VMs shouldn't be defenseless
internally.
My own philosophy (which prompted me to create Qubes-VM-hardening) is
that if we're going to have these VMs running regular OSes, they should
at least have their normal security or some equivalent intact. And also
that the combination of normal security and Qubes security should yield
extra benefits, which I think Qubes-VM-hardening does.
--
Chris Laprise,
tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886