>>77>All these things about Whonix, and Qubes and Tails seems kinda idiot to me
Yes, it's kinda idiotic to put the system/applications in a virtual machine, rather than actually harden them.
In fact, we do have underlying groundwork, such as the famed PaX/Grsecurity kernel, and recent plagiarism
adoption by KSPP is a great improvement of security; userspace/compiler hardening is essential also, we already have NX, stack-protector-strong, RELRO, D_FORTIFY_SOURCE, PIC/PIE. A sandbox/virtual machine can't provide these protections, we need more of them, and we need to adopt them to systems. And systemic audits are always needed.
But please understand, even with these hardening, sandboxing/virtual machine is a requirement if higher degree of security is needed, in order to restrict the damage of an exploit if it has happened. Instead of a single point of defense, we need defense in depth.
Also, a PDF reader code execution can do everything a user can. Given how our operating systems, applications are designed, there is really no better way to achieve privilege separation and reasonable level of security, especially on the desktop system.
Yes, if the applications and operating systems adopt a different approach to security, it will be the elegant the completely solution, but we still need FireFox to browser the web and use a Unix-like system in a foreseeable future, that is what virtualization is coming for.
This xkcd comic #1200 elaborates this problem well.
Also, an attacker can do a lot of things, as everyone knows, it can implant a rootkit, but what less known is, they can also insert a permanent hardware (firmware-level) malware that almost nobody can detected because it starts before any OS kernels or even bootloaders. And all of these can be done remotely, by software exploits alone. So once you have been hacked, booting from Tails CD could still gives you a compromised system. There is no effectively countermeasures, at least on x86, besides virtualization.
You really need to check the "x86 considered harmful" article by a main Qube dev.