Yes. In many cases a “threat model” is those recreational hackers in a basement, crooks like ransomware pukes, and of course all those sites that love to mine data and make money selling obtrusive ads. Not a government.
I just returned from a few days in Russia. I’ve been many times but the first time since the war started. It was very hostile at customs. I had my GrapheneOS phone taken off me, forced to unlock and let them take IMEIs. We were held for 3.5 hrs whilst they checked all details. I wouldn’t of felt comfortable with my laptop and QubesOS even if it was hidden in some way.
I’m sorry about your experience at the border, but how is this relevant to the topic at hand?
You do not always have a choice whether to take a laptop with Qubes with you or not. The OP is asking for plausible deniability, i.e., it should be impossible to prove that you have certain data on it, even if they take a full copy of your hard drive. To me, your story proves once again, that such feature is getting more and more relevant as time goes.
Sorry if i wasnt clear. I’m far from an expert in computers but i have travelled regularly to work in many parts of Russia and China. I often take devices with me; laptops, phones, tails on usb credit card. Ive used vpns to be able to use these properly.
My point was after what i went through in Russia i wouldn’t be comfortable relying on plausible deniability and wouldn’t even want to explain why i choose QubesOS or anything else which would have me detained longer.
Make dual-boot with some usual operation system, like GNU/Linux or even Windows (less secure).
Copy the first 1-10 GiB (let’s call it header) of Qubes OS LVM partition and replace if with Fat32/Exfat partition to make it look like an empty storage. Maybe, put a Movie or TV Show there. (Note: Do not use NTFS, it stores its data in the middle or partition and will corrupt LVM).
The copied header should be additionally encrypted and either hidden using any other ways supporting plausible deniability or even moved online without storing on laptop to be downloaded after crossing the border.
I am skipping some technical details, about partition tables, EFI or grub partition, just follow the idea.
Why not travel with a freshly installed OS of your choice with no data on it. Once you arrive to your destination download your data from online data storage sites. When you leave your destination upload your data to an online storage site then delete and re-install a fresh OS of your choice. Deleting could include encrypting the whole drive which would overwrite any previous important data. If you need a phone buy a second hand phone or a new one according to your budget. The idea is you have 2 phones or more, a travel phone and a local phone. Travel phone would contain no information and every new destination would mean a factory reset. Again use online storage facilties to transfer data as needed.
This can be very tricky, depending on the mood of the border agents. With the plausible deniability, I would be able to simply take my own, original Qubes OS installation wih me anywhere, with real traces of usage, but all sensitive information would be untedetectable.
Leaving devices at home is straightforward but inconvenient.
The phone part is a completely different story and not relevant to Qubes, therefore offtopic on this forum.
Theoretically it is possibly now. Run Windows or Ubuntu qube fullscreen and execute a script that changes xfce shortcuts in dom0 so that Alt+Tab and other key combinations will not change the active qube.
Nice idea, not plausible deniability, but still really interesting and easy.
Keep one complicated shortcut like Ctrl+Shift+Alt+Meta+S to run script reverting your shortcuts back and allowing to change the qube. Or reset the laptop after crossing the border.