On Fri, August 24, 2018 12:25 pm, Daniil .Travnikov wrote: > On Thursday, August 23, 2018 at 10:30:17 AM UTC-4, Jonathan Seefelder > wrote: > >> If you keep wear-leveling in mind, and encrypt the ssd before you fill >> it with sensitive data, id suggest an ssd. Ideally, you should encrypt >> /boot also. >> >> >> >> cheers >> >> >> On 08/23/18 16:15, [email protected] wrote: >> >>> I know the most secure way of using Qubes 4.0 is using full disk >>> encryption but should I use a regular HD or is an SSD better without >>> losing security? >>> > > Qubes 4.0 encrypts /boot by default or I must do something for that?
It does not, but since there is no data stored there, it's not a concern for many people. If you have reason to suspect someone may tamper with it without your knowledge, options include AEM, SED, Coreboot with GRUB payload, off-device /boot, and possibly others. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5f077118f6b9e73d71a013142ed12ac6.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
