Yes, but it also make everything much less secure. Consider the attacks on the WiFi stack, with CVEs every other month. Only Qubes OS defends from such attacks (by having a separate networking VM).
But if I am using a Purism laptop, I cannot securely update my Coreboot. The Purism’s approach to Coreboot updates makes my whole system vulnerable. Moreover, I have to use a liveUSB, which is not frequently updated, with known old vulnerabilities, and connect it to the Internet. This turns articles like this into a lie.
If Purism does not have resources to support such use case, I can understand this. Purism is already doing a lot of great stuff, which I appreciate. But you should accept that people who value security have such problem and think whether something can be done, or ask for a help of the community.
Edit: Actually, users of any other OS will have such problem with the vulnerable liveUSB, not just users of Qubes OS. However, in the latter such threat model is explicitly in the design.