Has Theo never heard of IOMMU? From Wikipedia: I know Qubes uses IOMMU and that it is supported by Xen, not sure if it works with virtual box or full hardware virtualization though. I think this should offer isolation on the layer that Theo is currently bitching about. Also lack of IOMMU with SEL4 is one reason the Qubes dev gave with why they went with Xen instead of SEL4, even though SEL4 is provably correct at what it does. This is really fairly cutting edge computer science / computer security shit and I can't claim to be an expert on these matters, but it is the stuff I am currently researching and trying to understand. In the past few months I have come to one conclusion though and it is that I was wrong to suggest Virtual Box be used for isolation, I should have suggested Xen and I will personally be switching from Virtualbox to Xen. Last I checked Xen is much more difficult to configure and use than Virtualbox is, for the average user. If this is still the case, if you decide to go with virtualbox or nothing, I would still suggest virtualbox and isolating network facing applications away from Tor with it. The feds are not the caliber of attacker that Theo is worried about when he discusses security issues, and I am not convinced of his apparent claims that using virtualization is not only worthless but also a huge security threat in and of itself (I would really love for him to explain this in deep technical detail).