CPU vulnerability mitigations would typically be distributed with the intel-microcode package for Intel processors on Debian-based distributions, for example.
And QubesOS isnt based on linux kernel. It uses Xen. Linux is used in the Qubes aka VMs.
The dom0 is very much running a Linux kernel, the same way your domU:s are typically running Linux kernels (although you could probably run any kernel in hvm mode).
As an example, here is the documentation on how to manage updates for the dom0 kernel:
https://www.qubes-os.org/doc/how-to-install-software-in-dom0/#kernel-upgrade
The colloquial term for adult-themed comic magazines is, or are least used to be, Comix, I think. Not the porn ones, that is.
Hadn't heard about deSec until now, seems to be run by some cool privacy minded folks in Germany:
I guess you already know about the options, but for others:
Find the cheapest VPS out there and have a Wireguard tunnel between it and your home network. Run ddclient or similar on the VPS in case the public IP changes.
And a trampoline!
Comments aren't normally accessible unless you (independently) open and read the source code file as you would with any arbitrary file.
For the same price and power usage as the Pi?
If you're looking for single people, Tinder or Grindr is probably a better place
+1 for Voyager! Writing this comment using it :-)
Security. The more popular a piece of software gets (including operating systems), it becomes a bigger attack surface for malicious actors to use.
Fundamentally, Windows security is not really that much of a swiss cheese people usually say it is. It's just that more people (researchers and malicious actors alike) are actively looking for vulnerabilities in it.