as for myself, i think the attack vector is NSA-tier.
i remember, one day i created new appVM + firefox + gmail + evernote
evernote is a simple cloud storage for notes.
because i forget my evernote password, so i need to reset, and get the temporary password from gmail.
i use a combination, of human readable words, to create no meaning sentence, for password.
then the targeter troll me, by posting my password, exactly the same, somewhere they sure I can see.
it happened 2 times, but the second time, i reset microsoft password, on my macbook.
Macbook + chrome + gmail + microsoft. Then they troll me the same way.
I read somewhere, that actually a website, can read password, we input, on another website, on next tab of our browser.
So, maybe the gap is also the next tab website.
Or also, since I have experienced NSA-tier backdoor many times, also I can assume it is NSA-tier.
My suggestion, the secure login, would be:
- disable ME
- vpn
- always create new app VM, before login
- always strong password + 2 factor authentication
- don’t open another website at the same login VM
also, maybe another suggestion, i think that, most people, who decide to use Qubes, mostly are being targeted, or also stalking victim, since he is being targeted digitally, it means, the targeter also can see, whatever he posts in Qubes forum, so the targeter maybe dislike, and polluting the thread, but i worry, they also dislike and target the expert here. so if I can suggest, really we should focus on blocking the NSA-tier backdoor.