Too many people think full disk encryption solves everything. It doesn't.
Even possessing unencrypted VMs is a huge attack vector. Plausible deniability should be the first line of defense.
If a VM can't be run in an isolated, encrypted container, it loses 99% of its security.
For my needs and my level of trust, Qubes does the job. What would you suggest as an alternative?
I'm interested in this convo, please continue!
Plausible deniability is a feature you want if you’re worried about the authorities seizing your machine. It’s not the first-line-of-defense if you’re trying to defend against compromise.
