Qubes has recently published a release canditate for version 4.0. I’m upgrading my system, and taking some notes as I go… Users of Qubes know that template VMs tend to lag behind the latest release of an OS. As I write, for example, a Qubes template is based on Fedora 26, while Fedora 27 was released almost 3 months ago. I mention this not to fault the Qubes team, who do great work.
I appreciate OpenBSD for being reliable and unbloated. Also I get a warm fuzzy feeling knowing certain things are done correctly. For instance, when a service runs without unneeded priviliges and in a chroot “jail.” OpenBSD services generally run this way. But occasionally I want to run a service that is not yet packaged for the OS. Lately for me, most of those services are written in go. Because golang binaries are statically linked, it’s quite straightfoward to set up a chroot environment for them.