Qubes cannot protect you from this but neither can anything else.
Hardware vulnerabilities will always beat any software. This is also true for Qubes.
But this, https://github.com/QubesOS/qubes-antievilmaid/blob/master/anti-evil-maid/README, suggests to have Intel vPro.
I confuse.
Please update. Is vPro good or not?
That GitHub page does not recommend vPro. It states that AEM uses a feature
of vPro to detect if vPro software (BIOS) has been tampered with while you
were away. Then you can throw your computer in the trash when AEM throws up
a red flag.
I searched 'vPro' on the GitHub page. It appears only in this sentence: "In short, AEM relies on TPM and a feature found in Intel's vPro CPUs (TXT) to
detect tampering of various boot components."
Does the author mean Intel TXT -- not vPro? So, it is a typo in the page?
And the GitHub page also says "http://blog.invisiblethings.org/2011/09/07/anti-evil-maid.html
(Note that this article is somewhat outdated, e.g. AEM uses Intel TXT now.)"
So, does AEM use Intel TXT, but not vPro?