I installed Qubes on an external drive and I had to install Super Grub2 Disk on a USB stick to be able to boot into Qubes. Should I repair Grub with the grub-customizer or does it violate the Qubes security?
Just throwing a security warning: My Qubes broke again. Can't see network - #3 by BEBF738VD
@BEBF738VD As long as I keep the qubes drive disconnected whenever I boot with Windows, the only risk I know about is when the UEFI is hacked. Is that really such a big risk?
The main point is to prevent Windows from interfering with Qubes OS
/boot the main encrypted partition. If those (or at least
/boot) are on a separate drive that you detach when Windows is running, you should be alright.
Every choice may be a trade-off so it’s up to you to decide which matters most, security or convenience. Bear in mind that most uses of Windows can be carried out from wtihin Qubes in a Windows VM.
And poisoning controllers firmware?