I was recently intrigued to learn that only half of the respondents to a survey said that they used disk encryption. Android, iOS, macOS, and Windows have been increasingly using encryption by default. On the other hand, while most Linux installers I’ve encountered include the option to encrypt, it is not selected by default.
Whether it’s a test bench, beater laptop, NAS, or daily driver, I encrypt for peace of mind. Whatever I end up doing on my machines, I can be pretty confident my data won’t end up in the wrong hands if the drive is stolen or lost and can be erased by simply overwriting the LUKS header. Recovering from an unbootable state or copying files out from an encrypted boot drive only takes a couple more commands compared to an unencrypted setup.
But that’s just me and I’m curious to hear what other reasons to encrypt or not to encrypt are out there.
I don’t think I encrypt my drives and the main reason is it’s usually not a one-click process. I’m also not sure of the benefits from a personal perspective. If the government gets my drives I assume they’ll crack it in no time. If a hacker gets into my PC or a virus I’m assuming it will run while the drive is in an unencrypted state anyway. So I’m assuming it really only protects me from an unsophisticated attacker stealing my drive or machine.
Please educate me if I got this wrong.
Edit: Thanks for the counter points. I’ll look into activating encryption on my machines if they don’t already have it.
GNOME disks is a nice GUI that lets you setup disks with ease. Encryption can be easily setup with it.
It is a one click process if you use user friendly distros
A big benefit of encryption is that if your stuff is stolen, it adds a lot of time for you to change passwords and invalidate any signed in accounts, email credentials, login sessions, etc.
This is true even if a sophisticated person steals the computer. If you leave it wide open then they can go right in and copy your cookies, logins, and passwords way faster. But if it’s encrypted, they need to plug your drive into their system and try to crack your stuff, which takes decent time to set up. And the cracking itself, even if it takes only hours, would be even more time you can use to secure your online accounts.
On Linux, my installs always had a checkbox plus a password form for the encryption.
I think this is true for computers that are in danger of being stolen. Laptops or PCs in dorms or other shared living spaces. But I live in a relatively secure area, burglaries are very rare and my PC never leaves the building. So the benefits of encryption are pretty much negligible.
What are the downsides to encryption? Though you may have negligible benefits, if there are also negligible downsides then the more secure option should be chosen.
- The LUKS encryption can get corrupted
- The password may be forgotten
- harddrives can be corrupted, too. That’s where backups come in
- True, though one could use a security key or password manager to overcome that, or setup secure boot/TPM to where a password isn’t actually needed. If all else fails, again, backups.
So when the laptop dies, the disk cannot be read anywhere because the tpm is lost?
Correct, the hard disk in the laptop can not be read. This is where having a good backup strategy is important. Similar to how if your hard disk dies you’re no longer able to access the material on the hard disk. For me, the downsides of encryption do not outweigh the benefits of having my data secure.
I enabled full disk encryption during OS installation, set up a secure passphrase, and then set up automated encrypted backups to my home server, which are automatically backed up to a remote server.
I gain peace of mind in knowing that if my laptop is stolen I’m only out the cost of the laptop, the data within is still safe and secure.
is it’s usually not a one-click process
It is, these days. Ubuntu and Fedora, for example. But you still have to select it or it won’t happen. PopOS, being explicitly designed for laptops, has it by default.
If the government gets my drives I assume they’ll crack it in no time.
Depends on your passphrase. If you follow best practice and go with, say, a 25-character passphrase made up of obscure dictionary words, then no, even a state will not be cracking it quickly at all.
If a hacker gets into my PC or a virus I’m assuming it will run while the drive is in an unencrypted state anyway.
Exactly. This is the weak link of disk encryption. You usually need to turn off the machine, i.e. lose the key from memory, in order to get the full benefits. A couple of consolations: (1) In an emergency, you at least have the option of locking it down; just turn it off - even a hard shutdown will do. (2) As you say, only a sophisticated attacker, like the police, will have the skills to break open your screenlocked machine while avoiding any shutdown or reboot.
Another, less obvious, reason for encrypting: it means you can sell the drive, or laptop, without having to wipe it. Encrypted data is inaccessible, by definition.
Encryption of personal data should be the default everywhere. Period.
Well said. LUKS implements AES-256, which is also entrusted by the U.S. government and various other governments to protect data from state and non-state adversaries.
I don’t https://xkcd.com/538/
I’m convinced the chances of me losing access to the data are higher than encryption protecting it from a bad actor.
Let’s be real, full disk encryption won’t protect a running system and if someone has physical access and really wants it, encryption won’t protect you from the $5 wrench either.
I do encrypt my phone data though, as someone running away with my phone is more realistic.
Who’s gonna come at me with a $5 wrench because they really want my data, though? The attack I’m most likely to experience is someone stealing my laptop while I’m out traveling. That’s what full filesystem encryption solves best.
Or per XKCD, where are they finding a wrench for $5??
I’d imagine you could get a decent bludgeoning wrench for around that at a pawn shop. Doesn’t need to be super functional. A pipe wrench in need of some rehabilitation would work nicely.
Or just a pipe.
Here’s one for less than 4 USD. I imagine 150 mm in length would be sufficient.
Wow that’s cheap!
Watch out crypt nerds!
Edit: crypto, not crypt! Leaving it 🧟♀️
It’s much worse: They can re-use the same wrench.
(Disgusting, I know… 😝 )
Possibly overestimating the value of the data entrusted to me, but whenever I see that xkcd, I like to think that I at least have the option to remain silent and die with dignity if I really don’t want the contents of my disk out there.
If I remember correctly, some USA agency said torture is ineffective because you will talk, you like it or not. When you are asking someone for a thing they don’t know they will say a lie just to stop the pain. So I guess anyone will give their password with enough time
Tackling the real issues right here!
Nothing I have is worth dying over. I’d give up on the first threat.
Drives in server are not encrypted but backups to the cloud are. Laptop used to but causes to many issues and it doesn’t really leave the house much.
It should be encrypted by default because most people don’t take care to dispose of their machines responsibly. I picked up a few machines destined for ewaste and the hard drives were full of tax returns.
Lol police doesnt just use a hammer
I’m not worried about getting raided by the KGB or anything like that, but break-ins happen and my computer equipment would be a prime target for theft.
I occasionally cycle my backup drives off-site, so I want those encrypted as well.
The cost of encryption is very close to zero, so I don’t even entertain the question of whether I should encrypt or not. I just encrypt by default.
Absolutely. LUKS full disk encryption. Comes as an opt-in checkbox on Ubuntu, for example.
And I too cannot understand why this is not opt-out rather than opt-in. Apparently we’ve decided that only normies on corporate spyware OSs need security, and we don’t.
There is a major downside to encryption: If you forget your password or your tpm fails and you’ve not backed things up, then that data is gone forever. If someone doesn’t have anything incriminating or useful to theives on their device, the easier reparability might justify not enabling it.
Why is this a problem for us and not for ordinary dummies on Android? It’s been the default there for years already.
Android has storage encryption by default?
Why do I only need to enter 1 password?
Why would you need to enter 2?
Well, usually you don’t need to enter any password.
I’m referring to a password to unlock the screen.
That’s because you’re probably using biometrics instead.
How would I know? I don’t have to use biometrics when I restart the phone.
Phones make the encryption invisible to the user.
That’s not the case on Linux unless you’re willing to put in a bit of work to set up TPM unlocking yourself or use one of the few distros that use TPM by default, like Aeon.
And even then Aeon’s not perfect. Sooner or later the TPM will fail and you’ll have to enter your long backup password and reenroll the TPM.
Yep. But typing in a password at boot is no big deal and you do then get some of the benefits of encryption. The problem, as you seem to be hinting, is the lockscreen issue. A screenlocked OS without the hardware encryption module is not actually locked down whereas Android, for instance, is. Is that right? I’ve wanted to ask how Android does this - basically, it loses the key and then regenerates it based on biometrics or whatever, each time you unlock, is that it?
Android backs up data to the cloud. If the phone breaks or gets stolen, you don’t need to recover data from it - you can just pull it from Google’s servers.
In addition, people tend to not treat their phones as “permanent storage”. The concept of losing or breaking their phone is probably more clear, so they make sure to back it up in some way to the cloud or their desktop.
Also, it’s much more likely for a phone to be stolen than a laptop or desktop.
Because when shit breaks nobody wants to hear that their data is gone forever
People, listen to Juvenile and “back that thang up!” That man understand the importance of data redundancy.
And yet somehow on mobile, where most personal computing is now done, this is not a problem.
Because most of that data is synced to the cloud, icloud or Google photos.
Really? It’s not because users don’t have to remember another password?
Yep. Unfortunately that’s where we are.
Oh, never met anyone that despises their own data. Hell yeah, dude. Lose that data!
I encrypt all my drives. Me and the people I know get occasionally raided by the police. Plus I guess also provides protection for nosy civilians who get their hands on my devices. Unlike most security measures, there is hardly any downside to encrypting your drives—a minor performance hit, not noticeable on modern hardware, and having to type in a password upon boot, which you normally have to do anyway.
Where do you live that you’re getting raided by the police? This sounds like one of those situations where they might use the wrench technique.
I don’t want to say where I live for anonymity reasons, but I will note that it’s fairly standard for political dissidents to be raided by any government so it doesn’t actually particularly narrow down my location.
What’s the wrench technique?
I don’t but admittedly I don’t do much stuff on my laptop that’s super secure. it’s mainly for gaming and the odd programming project.
My issue is that I can never remember “a couple more commands” for the life of me. And I use Arch BTW, so the likelihood of me needing those is a bit higher than usual.
I encrypt my desktop and laptop but not my servers. On desktop, that excludes drives that aren’t my OS/boot drive.
No. I break my system occasionally and then it’s a hassle.
Yes. I encrypt because theft. I know PopOS and Mint make it 1-click ez. …unless of course you want home and root on a separate drives. That scales difficulty real fast. There’s plenty of tutorials, and I managed, but I had to patch together different ones to get a basic setup-- Never mind understanding exactly what I did and repeating it (the latest challenge I’ve been dragging my feet on). I do hope this is an area that sees more development in the near future.
That does make encryption was less appealing to me. On one of my machines / and /home are on different drives and parts of ~ are on yet another one.
I consider the ability to mount file systems in random folders or to replace directories with symlinks at will to be absolutely core features of unixoid systems. If the current encryption toolset can’t easily facilitate that then it’s not quite RTM for my use case.
Because it requires generating, memorizing and entering a secure password. Because Linux typically doesn’t support fingerprint readers or other biometrics.
You can just store the key in your TPM and then you don’t have to memorize anything.
Is that near the TPS reports?
My drives are not encrypted because it’s a hassle if things start going wrong. My NAS is software raid so the individual disks mean nothing anyway. The only drive that is encrypted is my backup disk and I’m not really sure if it was needed.
I don’t encrypt my entire drive, but I do have encrypted directories for my sensitive data. If I did encrypt an entire drive, it would only be the drive containing my data not the system drive.
Every endpoint device I use is using full disk encryption, yes.
Depends. On external drives yes. On internal boot drive no. I had performance issues and thermal issues with it so stopped on boot drives.
Yes absolutely, it is the building block of my security posture. I encrypt because I don’t want thieves to have access to my personal data, nor do I want law enforcement or the state to have access if they were to raid my house. I’m politically active and a dissident so I find it vital to keep my data secure and private, but frankly everybody should be doing it for their own protection and peace of mind
