Someone who doesn’t need much experience can access the hard drive / SSD and replace the bootloader.
…
I probably sound paranoid af right?
Well, all your points are fair but IMHO the intersection does not exist.
Namely, yes, some people living with you might want to access your files somehow… but able to change the bootloader? Even knowing what a bootloader is? I don’t know if your friends or parents are ICT professionals but otherwise, I would be that’s not plausible.
Consequently I do recommend you protect yourself, yes, but IMHO the threats are much MUCH lower than that. Namely… maybe checking the last open files or even “just” your browser history is what a typical person might consider, not changing a bootloader.
So… I would personally start with that, e.g. encrypted disk yes, with strong password or even physical token login, e.g. NitroKey or YubiKey. They should never have access to your unlocked computer but once it’s locked, in theory there should be no practical way to access files. I insist on the practical word because… I wouldn’t imagine parents or flatmates to have access to a cluster of machines to crack encryption.
Well, all your points are fair but IMHO the intersection does not exist.
Namely, yes, some people living with you might want to access your files somehow… but able to change the bootloader? Even knowing what a bootloader is? I don’t know if your friends or parents are ICT professionals but otherwise, I would be that’s not plausible.
Consequently I do recommend you protect yourself, yes, but IMHO the threats are much MUCH lower than that. Namely… maybe checking the last open files or even “just” your browser history is what a typical person might consider, not changing a bootloader.
So… I would personally start with that, e.g. encrypted disk yes, with strong password or even physical token login, e.g. NitroKey or YubiKey. They should never have access to your unlocked computer but once it’s locked, in theory there should be no practical way to access files. I insist on the practical word because… I wouldn’t imagine parents or flatmates to have access to a cluster of machines to crack encryption.