Does Anti-Evil Maid features is no longer available?

Hello

IF Anti-Evil Maid features is no longer available? What is the alternative for that?

AEM as it used to be documented is not really the main path now, especially on newer UEFI hardware. There is not a perfect drop-in replacement. The closest practical alternatives are measured/verified boot setups such as Heads on supported laptops, ideally with an external token like a Nitrokey/Librem Key, or a carefully managed Secure Boot setup if your hardware and threat model fit it. Full-disk encryption still protects the disk contents, but it does not by itself tell you whether the boot chain was modified while the machine was unattended.

2 Likes

Setting an additional SMART disk encryption password in the BIOS that must be entered on startup is reasonable protection for me against (some) attacks AEM would have protected against theoretically (AEM never worked for me in practice).

1 Like