I think ultimately a completely upgradable blockchain platform is the ideal way to go in the long term. However, in the short term though it is a challenge to foresee all of the attacks and problems. I love Tezos and think they have a fantastic approach.
That said, QTUM is likely to experience less challenges early, because of their more conservative nature, and they can always adopt Tezos more flexible approach later. My only concern is that Tezos approach, which is far more ambitious, will result in the kind of challenges Ethereum saw early, like the DAO robbery, because there is no way to foresee all the attack vectors ahead of time. But don’t get me wrong, they are doing good work.
QTUM’s approach reminds me of the company Red Hat. It takes all the innovation from open source and QA’s it and refines it and hardens it, so that they have more long term stability. You can always go ahead and grab the upstream project and you will end up with more features, but you will also often end up with the wild west, as programmers focus on the shiny and flashy, rather than the boring aspect of maintenance and keeping things consistent.