Good point, but it is not the exactly same risk. First, the qrexec goes directly (maybe trusted dom0), while network gores typically through sys-firewall. Maybe a minor difference for some, but still worth noting. The VM can not only sniff the traffic, but it can also modify it, maybe in order to attack some other VM.
Second, the Windows implementation does not look to be updated, so there can be unpatched known vulnerabilities. Moreover, it might be easier to find unknown vulnerabilities for such unmaintained software. Both of them might be justifiable, but it is good to know when considering it. Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ba15183e-6f4b-4656-97cd-0ee4c50ecdaa%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.