>It's a good reminder that if you have a security requirement, use full disk encryption
If someone can gain repeated access to your hotel room, full disk encryption is vulnerable to the so-called "evil maid attack". Basically, someone comes to your room, boots from a thumb drive, and installs their own bootloader on the machine. When you return, everything will appear normal to you, but the bootloader can do any amount of mischief. For example, it can log the password you enter to log in and store it. Or they can have the spyware mentioned in the article install once you log in.
Later, they come back, wipe the bootloader, and leave your system apparently in its original state (but with spyware installed). The only difference now is that you may think you've foiled their attack because of the full disk encryption, and fail to investigate further.
If someone can gain repeated access to your hotel room, full disk encryption is vulnerable to the so-called "evil maid attack". Basically, someone comes to your room, boots from a thumb drive, and installs their own bootloader on the machine. When you return, everything will appear normal to you, but the bootloader can do any amount of mischief. For example, it can log the password you enter to log in and store it. Or they can have the spyware mentioned in the article install once you log in.
Later, they come back, wipe the bootloader, and leave your system apparently in its original state (but with spyware installed). The only difference now is that you may think you've foiled their attack because of the full disk encryption, and fail to investigate further.