There is an up front investment in figuring out how to partition your computer use/apps into VMs and then setting up the VMs. If you’re not already a Linux user there is also the usual learning curve of switching to Linux (most qubes users use mostly Linux vms, windows takes more work to get going, I have windows 10 working but it took some effort).
I absolutely love the disposable VM model. I do all my web surfing (except some financial sites) in disposable VMs and cannot fathom going back to downloading and executing untrusted code (JavaScript) outside a dispVM. Similarly, I cannot imagine opening documents from untrusted third parties outside a vm of some sort. Even software I don’t fully trust (e.g. Zoom, bluRay ripping software) I like to run in disposable VMs or at least their own dedicated vm.
Qubes is like any other specialized tool - it’s worth investing the time if what it offers (security and privacy) is something you especially value. Having seen supposedly exotic and advanced threats become more commonplace over the last 20 years I think we all will end up using systems to some extent similar to Qubes, at least inspired by Qubes. Some of what’s not in your threat model today will be, eventually. The only question is how much.
In practical terms, it is in some ways like going from having one computer to having a network of computers. You do become something of a sysadmin. There is some pain there especially up front but I am at the point where I am expert enough that the ongoing time and pain investment is quite minimal.
More than anything, I feel completely exposed on other OSes. I wish other operating systems (like macOS) would steal the best ideas from qubes. For example, let people open files in disposable VMs when they want to, and cause this to happen by default for downloaded files, and by default have people surf the web in the rough, more seamless equivalent of a disposable VM, possibly with some carve outs for ease of use (like make it almost transparent, with some red flag, to move downloads out of the browser vm, and do likewise with uploads). Also, Qubes has “vaults,” which are just VMs with no internet where you put your most sensitive files; I put basically all my files there because they really don’t need live internet. You could translate this on a “regular” OS into some kind of area that’s extra protected from other processes somehow. For example unprompted access to files in the vault would require explicit authorization, and files in the vault could not cause network connections by default. Something along those lines.
We helped push technical adoption through skeuomorphic design patterns, but left engineers to figure out how to educate users on permissibility. That's a failure on us as an industry. We should be building to keep people safe from the dangers we all know about FIRST, then and only then should we build the access controls to allow access to other resources and interoperability.
I feel like chromiumos is the closest we have to a mainstream solution for this, but a combination of Nix and Qubes would be even better.