This is their recommended hardware list, very suspicious.
It is not suspicious. I see just a list of easy available hardware where coreboot could be installed.
AMD have more secrets in hardware initialization than Intel, so AMD is much less researched and rare AMD hardware have coreboot ported to it.
Qubes is very unique in that the entire os is a virtual machine, and every application is run in its own virtual machine container with very strict conduits between them
You could easily do it with any other distro. Just start your application within qemu, or, if you are satisfied with privilege separation of namespaces, use firejail. You could also use lxc containers on your own. And do it only for programs you do not trust.
Containerisation of virtualisation have overhead, sometimes significant over running program natively. You don't need to run calculator of CAD in container/VM.
Network access is just an additional option for qemu/firejail. You also could allow only specific hosts for selected program using regular linux tools.
And most imoirtant thing - if you are not aware of how to do all that things in linux and how they work, no special distro where all that things tuned for you by some third-party will help you at all.
Again - privacy is in your head, in your understanding how your computer work, not in some magic distro.
It is not suspicious. I see just a list of easy available hardware where coreboot could be installed.
AMD have more secrets in hardware initialization than Intel, so AMD is much less researched and rare AMD hardware have coreboot ported to it.
You could easily do it with any other distro. Just start your application within qemu, or, if you are satisfied with privilege separation of namespaces, use firejail. You could also use lxc containers on your own. And do it only for programs you do not trust.
Containerisation of virtualisation have overhead, sometimes significant over running program natively. You don't need to run calculator of CAD in container/VM.
Network access is just an additional option for qemu/firejail. You also could allow only specific hosts for selected program using regular linux tools.
And most imoirtant thing - if you are not aware of how to do all that things in linux and how they work, no special distro where all that things tuned for you by some third-party will help you at all.
Again - privacy is in your head, in your understanding how your computer work, not in some magic distro.