How much security will I sacrefy, if I dualboot without AEM?

[Arqwer]

Documentation says, that there is a possibility, that other OS will infect /boot. What if I completely rewrite my hdd during os change, like , boot from usb and do
dd if=windows_image of=/dev/sda
to run windows, and
dd if=qubes_backup_image of=/dev/sda
to return back to Qubes?
What if I will use different drive for windows, and take away qubes hdd, while windows is on?
Documentation says that other OS can infect firmware, how common is this attack? Is it just a possibility, or we know for sure that NSA does that, or that ordinary hackers can do that, or maybe there are viruses that attack everyone and infect firmware? Is it expensive?

[raah...@gmail.com]

Not sure how common firmware attacks are. But I believe they have been around for 20 years. Same goes for bios. And IMO it just keeps getting worse not better. Most public case in recent times is hacking teams malware for uefi bios. Which they are in the business of selling such malware, and we can assume hacking team is just one of many groups like that. We should also assume its possible to inject it remotely.

AEM won't prevent something like that from happening, but it would hopefully let you know it has happened. Which I then guess means you would have to replace your hardware.

[raah...@gmail.com]

unfortunately, especially with modern machines, these things can happen even without any os and there isn't much we can do about it. either by physical access or even remote. But when it comes to doing things through the o/s, qubes would be way more secure.