[Poll] How often do you restart your Qubes?

Sven · July 18, 2021, 2:06am

someone needs extended physical access to your laptop.

AKA when it’s taken from you.

If your installation doesn’t/can’t have Anti Evil Maid, like most
people, your risk won’t be significantly higher or lower than
before.

That’s a different threat scenario. With attestation (Heads, AEM) you
detect modifications to your boot code. With encryption you want to
guarantee the confidentiality of your data.

fiftyfourthparallel · July 18, 2021, 11:13am

Indeed it’s different, but largely the same IMHO. I think anyone who has the opportunity, skill, and motivation to extract data from a suspended laptop or modify your boot code would likely be able to exfiltrate unencrypted data one way or another–either immediately (suspend) or via whatever mechanism they installed (boot tampering).