In my opinion it would probably be using Qubes certified hardware with Qubes on it and then routing everything through whonix VM.
Curious to know if anyone has anything else that is more secure than Qubes - I mean like does anyone know what darknet vendors use opsec wise?
Also I heard Snowden used Tails OS when blowing the whistle - so perhaps using tails would be up there.
This is all down to your threat model and use case.
the most “secure” desktop would be an airgapped system, no connection to the internet, and no storage.
Qubes is great, but its not magic, you have to be clear about what you are protecting yourself against. If your using Qubes and someone steals your running laptop, your data is typically unencrypted, etc.
Qubes + always on vpn VM + tails disposable VM… is pretty good
I’m running Qubes now, its great, but its just a toolbox, you still have to build up your own usage model, how you want to separate identities and use cases and network stacks.