Hello fellow Qubes OS wizards,
I find myself in a challenging situation and would greatly appreciate your insights and suggestions regarding protecting Qubes OS on a laptop with a compromised BIOS. Due to certain circumstances involving national security services, I am unable to replace or acquire a new laptop at this time.
It has come to my knowledge that the laptop’s BIOS has been penetrated. It seems that one of the BIOS updates was tampered with, leading to downloads from a compromised address that appeared legitimate. This has raised concerns about the privacy and security of my system. While I have been relatively indifferent to casual information being monitored for quite some time, the ongoing nature of this situation has become overwhelming.
Considering the circumstances, I am contemplating the use of Qubes OS as a potential solution. With its virtualization capabilities, I am curious to know if it can provide a defense against prying eyes, even with a compromised BIOS. Specifically, I am interested in implementing a dual-boot setup where I can utilize Qubes OS as a separate operating system for my own activities.
Another area of concern is email privacy. I have noticed that my ISP typically shows Budapest as the location. However, there are instances where they create tunnels to different cities within Hungary, constantly changing their apparent location. It appears that through these tunnels, they are able to monitor activities. The location is changing without VPNs for various cities of Hungary. The issue is persisting for years. As the police, prosecutor and other branch of the Hungarian goverment use the job’s of national security services to give jobs and softwares to each others and their relatives or give access to politicians or other decesion makers - so they can tap down each other - so they can benefit from this.
In light of these circumstances, I am considering utilizing Qubes OS on this compromised computer to enhance my privacy and security. My understanding is that Qubes OS leverages virtualization to isolate tasks and applications into separate virtual machines (VMs). By setting up a dual-boot configuration, where I can use the compromised BIOS on the primary boot for regular tasks, and Qubes OS on the secondary boot for sensitive activities, I hope to achieve a more secure environment.
Specifically, I would like to know if Qubes OS, with its virtualization capabilities, can effectively defend against potential surveillance by adversaries with access to the compromised BIOS. Would running Qubes OS in a separate VM on this same computer provide a sufficient level of isolation and protection for my sensitive activities? They are more like business activies other things they can see maybe the prosecutor start working but I do not give a shot to them once again.
Furthermore, I have concerns about my email communications. My ISP consistently shows Budapest as my location as I live here, and I suspect that they employ tunnels through various cities in Hungary, rapidly changing and virtualizing their origins. For instances, the FB shows first Budapest, then it shows Kiskunhalas then it shows an another city again over a 20 minutes period. I fear that this setup allows them to monitor my activities and potentially grant access to their associates but personally a pre-installed VPN punch out this activities - they are not hackers but a specific softwares. Can Qubes OS help mitigate these concerns, especially with respect to email privacy and protection from such surveillance techniques? So if the VPN tunnel is established then from them if they can not monitor the base system, can it be secure again?
I greatly appreciate any insights, suggestions, or experiences you can share regarding this complex situation. Your expertise and guidance will be invaluable in helping me navigate these privacy challenges within the limitations I currently face.
Thank you all for your time and support!
Greetings from Hungary!