It sounds a lot like Qubes, which also uses Xen and seems to do the same thing, but is free. You can certainly use isolation techniques to your advantage. Qubes even has secure copy paste between virtual machines, so you could implement a virtualization based 'air gap' with it by running GPG in one VM and firefox in another. Then you could copy ciphertexts from the GPG vm to the firefox VM. That way if firefox is pwnt the attacker will have more trouble to get to your plaintexts. It is also the easiest way to get x level isolation between apps, the lack of which is a truly enormous attack vector that all current window managers have. You could have it automatically open .pdf files in virtual machines that don't have access to the internet, so you would worry less about opening pdfs or docs or anything that phones home. You could make temporary sandboxes to run applications in pretty quickly. You could have Tor running in a different vm than firefox or pidgin, so even if those applications are pwnt the attacker can not easily deanonymize you. You can also isolate an attackers ability to spread through your system, if you do sensitive things in pidgin and firefox the compromise of one will not essentially ensure the compromise of the other. Virtualization based security has its own andvantages and disadvantages, it seems that paravirtualization solutions like xen offer the best ratioed trade off between security of applications/environments and isolation between applications/environments, but they are not without some serious drawbacks. For example currently xen does not support ASLR so you lose that security advantage, it also is not as secure to use virtual machines as it is to run directly on hardware so it could additionally hurt your security some here. Virtualization is from the isolation school of computer security, and isolation is widely recognized as a legitimate way of obtaining security, although some people like it a lot more than others and it isn't without its critics.