I just found out about Universal Blue while researching immutable distros and decided to give it a shot and I really enjoy it! I used to run Qubes on my work machine because I liked the segmentation and security by design but it didn’t suit my needs with the GPU passthrough issues.
So I’m wondering if Universal Blue is the closest distro to Qubes in terms of security? Are there ideas in mind for further improvement by the users?
No, our containerized approach is for developer use cases. Container escapes exist and if you’re looking for more robust security then you’d likely use VMs and some other stuff to setup.