[surteen]

Thinkpads have a little switch under the bottom cover that will get flipped up when the cover is removed. There is a BIOS setting to require a password whenever this switch is toggled. When combined with signed BIOS updates it seems like it would be hard to bypass on a short term (like an actual "evil maid" attack).

[mr_mitm]

In the most extreme case, the evil maid replaces your laptop with an exact replica that does nothing more than somehow bridge USB devices via radio to the original to take care of keyboard input and the smart card. Sounds like paranoid scifi, sure, and you can debate how unlikely that is and then go ahead and accept that risk, but the random mosaic actually protects against that, while all other suggestions I have heard so far do not.

Edit: Also, even though we have been discussing only computers so far, the random mosaic method can protect anything. The top level comment shows how a similar approach can be used in pharmacology.