[SECURITY] Actually solvable physical attack scenarios

Install media images produced by Archiso can be made safe against a certain number of physical attacks.

I am grouping physical attacks scenarios ad discussed and implemented mitigations on this issue on my now almost archiso fork.

I say fork because more than a silly solvable security issues got a 'wont fix' tag from team members.

Related issues

• The fact images on writable drives produce standard writable file system partitions is currently ignored
• GRUB should not auto-guess the root file system image drive without performing a signature/sum check on the image
• Producing (and distributing) encrypted ISOs

Notes

• 22/09/03: I'm not concerned on backporting my changes back upstream anymore. If no one else is interested and it is an issue I'm publishing them in my namespace I will move them somewhere elsewhere if needed.
• 23/07/27: I just lost 6 hours of editing on this issue because I keep trusting web editors instead of treating these posts as something different as any other markdown file. Jeez.
• 23/07/27: I think we should really do something about this because most of upstream codebase is deprecated on my branch and most approved new changes are not exactly making the code more readable.