Just complete and total nonsense. You must have a very creative imagination or have been seriously misinformed. FIDO2/Webauthn tokens are meant to remain plugged in to computers at all times, that is why Yubico makes a slim form factor.
What? I mean, just what? This is such a silly unqualified statement which honestly does not even logically follow this conversation. And it is also wrong, because a computer turned off with full volume encryption is much more secure than one powered on.
Exactly. You got it. LUKS prevents adversaries from accessing data at rest. That's it - that problem is solved. Move on to other security risks.
No, you can't. That requires networking, which does not exist in preboot environment, nor in fadaday bags professional criminals use.
You've just created a risk of a user forgetting their PIN and their disk becoming worthless, which is tenfold greater than an attacker trying to decrypt the same.
What on earth does this bizarre social commentary have to do with ANYTHING?
Seriously, stop the FUD.
Sit down and make a threat model. You are allowing yourself to be carried away by silly ideas which are not based in objective reality, and actually may have negative impacts on your security and privacy in spite of your stated goals. Come back down to the earth, clearly and objectively state what data you are trying to protect, from whom, and what the adveraries capabilities are to justify particular defenses.
Bookmarks