There’s also PXE boot, secure boot, carrying around a live image on a flash drive, etc.
But any attacker advanced enough to tamper with your EFI partition in an evil-maid scenario has plenty of other options to log and steal your encryption passphrase, so it’s generally a moot point.
There’s also PXE boot, secure boot, carrying around a live image on a flash drive, etc.
But any attacker advanced enough to tamper with your EFI partition in an evil-maid scenario has plenty of other options to log and steal your encryption passphrase, so it’s generally a moot point.
With that logic there’s no need to even encrypt your partitions 🤷