I’ll rephrase the question: Patrick, since you are now working full-time on developing Qubes + Whonix and are no longer actively developing VirtualBox + Whonix, it seems at some point you will recommend that Whonix users transition away from VirtualBox to Qubes. Has that time arrived yet? Although there may not be a decisive winner in the virtualizer debate, VirtualBox has been the declared winner (whether for non-security related reasons, ie usability) since it has been the default Whonix setup.
Does this mean that the Whonix portion of both solutions are identically stable/secure? In other words, the risk of both systems now resides with the virtualizer only?
edit: Another major motivation for wanting to use Qubes is the secure clipboard and file transfer. So all else equal, I’m looking for permission to make the transition.
With regards to Physical Isolation with Qubes + Whonix: Is it correct to assume that it would be more secure since an attacker would have to compromise (using Rutkowska’s terminology from http://theinvisiblethings.blogspot.com/2014/08/physical-separation-vs-software.html) 2 sets of Xen net front/back ends + the networking drivers/stack, as opposed to just 1 set of Xen net front/back ends?
Also, should Gateway be installed on hardware per the VirtualBox setup? Or combined with Qubes? It isn’t obvious to me which is more secure.