Comment 12 for bug 1773457

Who cares *where* the malware is? Encryption doesn't stop someone from compromising the machine. You can boot the machine from a USB stick, then boot the hard disk in a virtual machine, let it look like it is running normally for you to come put your password in to decrypt the disk, and the malware on the USB stick ( or in the ESP ) can then capture your password and steal your data.