futurefillernow on Nostr: The point of isolating VMs is to isolate compromise. It makes no sense to have VMs ...

The point of isolating VMs is to isolate compromise. It makes no sense to have VMs that are easily identifiable and unencrypted. If a running machine is compromised FDE doesn't help. But isolated encrypted machines with correctly configured permissions do.

quoting nevent1q…akvy

Plausible deniability is a feature you want if you’re worried about the authorities seizing your machine. It’s not the first-line-of-defense if you’re trying to defend against compromise.