this post was submitted on 16 Jan 2025

146 points (98.7% liked)

Linux

49045 readers

590 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r

146

Do you encrypt your drives and why or why not? (lemmy.ml)

submitted 1 day ago by monovergent@lemmy.ml to c/linux@lemmy.ml

209 comments fedilink hide all child comments

I was recently intrigued to learn that only half of the respondents to a survey said that they used disk encryption. Android, iOS, macOS, and Windows have been increasingly using encryption by default. On the other hand, while most Linux installers I've encountered include the option to encrypt, it is not selected by default.

Whether it's a test bench, beater laptop, NAS, or daily driver, I encrypt for peace of mind. Whatever I end up doing on my machines, I can be pretty confident my data won't end up in the wrong hands if the drive is stolen or lost and can be erased by simply overwriting the LUKS header. Recovering from an unbootable state or copying files out from an encrypted boot drive only takes a couple more commands compared to an unencrypted setup.

But that's just me and I'm curious to hear what other reasons to encrypt or not to encrypt are out there.

(page 2) 50 comments

sorted by: hot top controversial new old

[–] ShortN0te@lemmy.ml 5 points 18 hours ago

Full disk encryption on everything. My Servers, PCs etc. Gives me peace of mind that my data is safe even when the device is no longer in my control.

[–] MonkderVierte@lemmy.ml 15 points 23 hours ago

No. I break my system occasionally and then it's a hassle.

[–] Feathercrown@lemmy.world 1 points 13 hours ago

I have no significant private data on my disks. They can be wiped whether encrypted or not if they're stolen. And I like that in theory if my pc explodes I can recover the data with only the drive.

[–] twinnie@feddit.uk 16 points 1 day ago

I don’t really see the point. If someone’s trying to access my data it’s most likely to be from kind of remote exploit so encryption won’t help me. If someone’s breaks into my house and steals my computer I doubt they’ll be clever enough to do anything with it. I guess there’s the chance that they might sell it online and it gets grabbed by someone who might do something, but most of my important stuff is protected with two factor authentication. It’s getting pretty far fetched that someone might be able to crack all my passwords and access things that way.

It’s far more likely that it’s me trying to recover data and I’ve forgotten my password for the drive.

[–] thebardingreen@lemmy.starlightkel.xyz 1 points 13 hours ago

I encrypt everything, with unique complex passwords, that I have a safe mnemonic system for remembering and retrieving.

[–] netvor@lemmy.world 1 points 13 hours ago

I do, laptops and workstations.

It's just too easy not to, and there's almost no downsides to it. (I only need to reboot, once a month or two.)

Well, unless you consider the possibility of forgetting the password a downside, so for that reason I keep the password in a password manager.

In case my laptop was stolen, there would quite a couple fewer things to worry about. Especially things like client's data which could be under NDA's, etc...

[–] SitD@lemy.lol 1 points 13 hours ago (5 children)

are you guys using the bios ssd encryption option or a software solution?

load more comments (5 replies)

[–] LiamMayfair@lemmy.sdf.org 1 points 13 hours ago (1 children)

Yes. Encrypting your entire hard drive has basically been a tickbox in the Fedora installer for a long time now. No reason why I wouldn't do it. It's, easy, doesn't give me any problems and improves my devices security with defence-in-depth. No brainer.

load more comments (1 replies)

[–] cmnybo@discuss.tchncs.de 36 points 1 day ago

I encrypt everything that leaves my house since it could be easily lost or stolen, but it is rather inconvenient.

If someone breaks into my house, I've got bigger problems than someone getting their hands on my media collection. I think it would be more likely for me to mess something up and loose access to my data than for someone to steal it.

[–] Bananable@feddit.nl 12 points 1 day ago

My laptops are encrypted in case they get stolen or someone gets access to them at uni.

[–] eager_eagle@lemmy.world 81 points 1 day ago* (last edited 1 day ago) (10 children)

I don't https://xkcd.com/538/

I'm convinced the chances of me losing access to the data are higher than encryption protecting it from a bad actor.

Let's be real, full disk encryption won't protect a running system and if someone has physical access and really wants it, encryption won't protect you from the $5 wrench either.

I do encrypt my phone data though, as someone running away with my phone is more realistic.

[–] patatahooligan@lemmy.world 51 points 1 day ago (1 children)

Who's gonna come at me with a $5 wrench because they really want my data, though? The attack I'm most likely to experience is someone stealing my laptop while I'm out traveling. That's what full filesystem encryption solves best.

[–] Valmond@lemmy.world 24 points 1 day ago (3 children)

Or per XKCD, where are they finding a wrench for $5??

[–] timroerstroem@feddit.dk 9 points 1 day ago (1 children)

Here's one for less than 4 USD. I imagine 150 mm in length would be sufficient.

[–] Valmond@lemmy.world 4 points 23 hours ago* (last edited 12 hours ago) (1 children)

Wow that's cheap!

Watch out crypt nerds!

Edit: crypto, not crypt! Leaving it 🧟‍♀️

load more comments (1 replies)

load more comments (2 replies)

[–] AnAmericanPotato@programming.dev 27 points 1 day ago

I'm not worried about getting raided by the KGB or anything like that, but break-ins happen and my computer equipment would be a prime target for theft.

I occasionally cycle my backup drives off-site, so I want those encrypted as well.

The cost of encryption is very close to zero, so I don't even entertain the question of whether I should encrypt or not. I just encrypt by default.

load more comments (8 replies)

[–] ReakDuck@lemmy.ml 6 points 23 hours ago* (last edited 23 hours ago)

Its that simple.

I can expand my own creativity and store every thought and creative Art, without anybody being able to find out after my death or while someone raids me.

Maybe I stored an opinion against some president, and maybe the government changed its working, which allows police to raid someone for little suspection.

You never know if you ever have something to hide. While things are okay now and today, it might be highly illegal tomorrow.

Those are ideas. But generally its only about the feeling of privacy.

[–] Mwa@lemm.ee 9 points 1 day ago (11 children)

I don't wanna risk losing anything on the drive thats important .

[–] gandalf_der_12te@discuss.tchncs.de 4 points 23 hours ago (2 children)

May i suggest a technique for remembering the password?

write it down

but instead of writing down the password, write down questions that only you can reasonably answer. For example:

what was the name of the first girl i kissed?
where did i go to on summer camp?
which special event happened there?

and the answer would be: "mary beach rodeo" or idk what. this way, you construct a password out of multiple words that each are an answer to a simple question.

[–] Mwa@lemm.ee 3 points 20 hours ago

Maybe I might try this, and am open to advice :)

load more comments (1 replies)

load more comments (10 replies)

[–] giacomo@lemm.ee 35 points 1 day ago* (last edited 1 day ago) (2 children)

laptop yeah

desktop nah

load more comments (2 replies)

[–] communism@lemmy.ml 19 points 1 day ago (5 children)

I encrypt all my drives. Me and the people I know get occasionally raided by the police. Plus I guess also provides protection for nosy civilians who get their hands on my devices. Unlike most security measures, there is hardly any downside to encrypting your drives—a minor performance hit, not noticeable on modern hardware, and having to type in a password upon boot, which you normally have to do anyway.

load more comments (5 replies)

[–] hubobes@sh.itjust.works 9 points 1 day ago

My Laptop and Phone have encrypted drives, my Desktop doesn't.

[–] dbkblk@lemmy.world 5 points 1 day ago* (last edited 1 day ago)

I use encryption on laptops, because they can be stolen in the train, bus, etc. On work desktop, I do so as well, because there are many people around. However, on everything that stay at home, I prefer not to use it to simplifiy things and get more performance.

load more comments