I am concerned about physical attacks (e.g. evil maid, grabbing the laptop and bruteforcing the password, or exploiting the OS while the encryption key is in RAM) and remote attacks (e.g. exploiting the web browser to RAT the computer)
The adversary is a corrupt government that has the money to pay for hacking tools
From my understanding macs are really good compared to other PCs at preventing physical attacks (and I plan on buying a macbook to prevent keyloggers) but I’m unsure of how good they are at preventing remote attacks
I would appreciate someone confirming that it will hold up against remote and physical attacks and how it compares to grapheneos which is what I’m currently using for my only secure device
This is some of the highest levels of threat model you can have. And if such is the case, I only suggest using TailsOS. Be as ephemeral as possible with your computing/digital work.
You can also keep using GOS in their desktop mode. It doesn’t get better than that.
Physical attacks have various degrees of mitigation coverage, as you already understand:
I cannot provide any reassurance that Apple silicon is secure against remote attacks, especially against an adversary with the resources to acquire specialized hacking solutions.
Compared to GrapheneOS macOS is pretty bad. If you want something much closer but more of a laptop then you can get an iPad with a Magic Keyboard, they’re obviously going to be more limited though.
I hope Asahi Linux gets better in the near future as an alternative to Macos on apple hardware. Especially over emulating x86 software, security and out of the box LUKS.