Thank you ever so much for finding my grumble! I can't believe you did. Much appreciated. What a wonderful expeditious work you all are up to. This is a fantastic effort. Thanks for the initiative, all, very well done.
I think this can be better explained by starting with the company (instead of the device) which is lean but still requires development and maintenance, purchasing and manufacturing, billing and accounting, customer support, management, shipment and logistics. Those tasks need to be paid.
Plausible deniability refers to Nitrokey Storage's hidden volumes. They can optionally be setup, but no need to, and without the appropriate password it can't be distinguished. Similiar to VeraCrypt's hidden volumes.
So how long do they interrogate you before deciding there's really no hidden volume? And even if you do reveal a hidden volume, how could they ever know it's the only one? It's pointless, even if they know about the technology.
It really much depends on the individual case. In a constitutional state it should make a difference if obviously an encrypted volume is used or if there is the possibility but no certainty of one, two, three or four hidden volumes.
Measured boot allows to verify the integrity of the installed firmware (which itself verifies the integrity of the Linux boot partition) by a separate Nitrokey. The idea is that you have your Nitrokey nearby and therefore safe against compromise, other than the laptop which may be left unattended.
