Paranoia!
If you want to take security seriously, you can’t assume that you will be safe simply by running Qubes. The first thing you’d need to be sure of was that your Qubes download wasn’t compromised. This can be done by checking signatures, but in order to trust this check, you’d really need to know that the OS of the machine you downloaded Qubes onto hadn’t been compromised, which could falsify the results of this check.
So you could use a live medium, but that won’t help if the OS (or even the firmware of the machine) you use to download that live medium had been tampered with. As you can probably fathom, being totally sure about such things is pretty much impossible. But that doesn’t mean you shouldn’t exercise some precautions. The full guide to signature-checking, as well as its shortcomings, is available at http://bit.ly/lxf248sigs. Of course, we diligently checked these signatures before we sent the disc to the replicators, but can you really trust us, and can we really trust them or this voice in your head?
Once Qubes is installed, there are a few things you can keep in mind. The thumbnails generated automatically by the Nautilus (aka
Files) file manager can be an attack vector. They use the PDF and image-rendering libraries, which can be exploited like anything else. So consider disabling these previews in untrusted domains.