I've been reading @kyle Rankin's Hardening Linux book, and the client chapter confirmed what I suspected, since I've started using Linux, that Linux has security issues as a client OS. The Qubes setup was interesting, but sounds very resource intensive. It also reminds me of how the Unix workstation model was setup, when I was lucky enough to work under it.
I think apps were sandboxed better under OS/2, but I'd have to revisit The Design of OS/2 to be sure.
I recommend the Hardening Linux book
@russ it's what you said.
@lwriemen @kyle is that the title? Or is it Linux Hardening in Hostile Networks?