[SOLVED] is encrypting hdd/partition a common security measure?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
is encrypting hdd/partition a common security measure?
I am aware that if a computer/laptop is lost or stolen, it is easy to remove the hdd and access its contents from another machine. Is it a common security measure to encrypt a hard didk drive or its partitions in order to protect the confidentiality of the data. Is this method transparent to the user and the programs accessing the data or is there more complications that I cannot foresee, knowing nothing about encryption except its existence (like a need to decrypt before accessing data).
Is it a common security measure to encrypt a hard didk drive or its partitions in order to protect the confidentiality of the data.
I do understand the question and the answer is 'yes'.
What I do not understand is, in which way my answer could help anybody. “Many people encrypt their hard drives”, its implicitness being so obvious, that they do not bother to talk about it. Question: Would that be a case of something “common”? I am struggling with the English word “Implicitness” but cannot find better expressions in my online-dictionaries.
Quote:
Is this method transparent to the user and the programs accessing the data or is there more complications that I cannot foresee, knowing nothing about encryption except its existence (like a need to decrypt before accessing data).
The usual way with cryptfs is to mount an encrypted drive in the presence of a key or keyfile, or several keys and/or keyfiles. From then on, what you write to the drive “is encrypted” and what you read from the drive “is decrypted”. Unmount your encrypted drive to be safe.
Thank you for the answer which help someone like myself who knows nothing about the usefulness of encryption in everyday computing. "Implicitness" more or less means "cela va sans dire" in French meaning that, in theory, one thing automatically follows another. By "common" I meant "generally applied". I only mention this because when I was learning a second language within its native speakers, nobody dared correcting my mistakes which I found very frustrating although in your case there is no mistake.
Most people do not encrypt their drives.
It is only those who are paranoid or actually have real secrets that bother.
It is pretty common knowledge amongst computer repairers that they are far more likely to see encrypted drives than they should.
That is usually because encryption is far more common amongst those who actually don't look after their machines.
Distribution: Currently: OpenMandriva. Previously: openSUSE, PCLinuxOS, CentOS, among others over the years.
Posts: 3,881
Rep:
Quote:
Originally Posted by dave@burn-it.co.uk
Most people do not encrypt their drives.
Big statement; some of us do.
Quote:
It is only those who are paranoid or actually have real secrets that bother.
It's not just for those who might be "paranoid" and/or have "secrets" to hide. If your PC is physically stolen, and you have encrypted your drive(s), without knowing your decryption key/password (or a lot of time and maybe a supercomputer), you data is as safe at it can be, from being read. That would obviously apply a lot to the business environment, but can also include documents about thinks like, your identity related documents, passports, birth certificate, etc.
It is a good idea these days to be as safe as you can.
Quote:
It is pretty common knowledge amongst computer repairers that they are far more likely to see encrypted drives than they should.
That is usually because encryption is far more common amongst those who actually don't look after their machines.
We are history. I am. Or I have never been here, in the first place.
Quote:
Most people do not encrypt their drives.
It is only those who are paranoid or actually have real secrets that bother.
It is pretty common knowledge amongst computer repairers that they are far more likely to see encrypted drives than they should.
That is usually because encryption is far more common amongst those who actually don't look after their machines.
Things change retroactively for us. The new generation knows that all we did once, we never did and things that were have never been... maybe the essence of getting old.
Most people do not encrypt their drives.
It is only those who are paranoid or actually have real secrets that bother.
It is pretty common knowledge amongst computer repairers that they are far more likely to see encrypted drives than they should.
That is usually because encryption is far more common amongst those who actually don't look after their machines.
oh, the good old "i have nothing to hide" argument.
i believe it is my right to do things behind closed doors.
i know the probability that someone steals/takes my machine and gathers data from it is very low, but still i wouldn't want it to happen.
it's one of those typical once-in-a-lifetime situations.
you wear a safety belt not because you have a car accident every day, but on the extremely unlikely off-chance that it might happen one day, and would be fatal without it.
no, i don't think encryption is only for spies and other intelligence or IT professionals.
Most people do not encrypt their drives. It is only those who are paranoid or actually have real secrets that bother.
I wouldn't let you ransack my house either.
Quote:
Originally Posted by Ed Snowden
«Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say»
Now I'll bring further evidence in support of Godwin's law, by observing that the «nothing to hide» argument is often (mis)attributed to Joseph Goebbels, though it seems that a US government official might have been the first one to use it, with respect to Upton Sinclair's complaint about his mail – and his friend's and family's – having been opened.
Quote:
Originally Posted by Upton Sinclair
«Not merely was my own mail opened, but the mail of all my relatives and friends – people residing in places as far apart as California and Florida. I recall the bland smile of a government official to whom I complained about this matter: "If you have nothing to hide you have nothing to fear."»
"The Profits of Religion", 1918
Anyway, I do encrypt my data. And Eric Hameleers wrote a fine README about doing it on Slackware: README_CRYPT.TXT
Last edited by Philip Lacroix; 10-23-2017 at 02:41 AM.
I didn't say I had nothing to hide or anything like that.
I don't bother encrypting my drive because no one has access to it - unless my house is broken into and then I would be far moree worried about other things.
Distribution: Currently: OpenMandriva. Previously: openSUSE, PCLinuxOS, CentOS, among others over the years.
Posts: 3,881
Rep:
Quote:
Originally Posted by dave@burn-it.co.uk
I didn't say I had nothing to hide or anything like that.
I don't bother encrypting my drive because no one has access to it - unless my house is broken into and then I would be far moree worried about other things.
No, you didn't say you had something to "hide", but you did say "It is only those who are paranoid or actually have real secrets that bother.", which implies that anyone who HAS encrypted their drive(s), has something to "hide and/or is "paranoid".
When there are very legitimate reasons for protecting one's drives with encryption. If someone breaks into your house on the other-hand (and you do not have your drives encrypted), well it's as easy as getting a live CD/DVD/USB and your documents; here they come... or should I say.. go... sold to the highest bidder!
I've got the piece of mind that, even if someone does physically steal my PC, they are probably going to need a supercomputer, to have any real hope of reading any of my documents (or even starting my system).
As I said, you are paranoid or something else that am too polite to suggest.
your previous post (the one i replied to) was mildly derogative.
fine.
but it was clearly mildly derogative towards other people.
now you are getting mildly abusive towards one poster.
is that all you can think of when arguments fail you?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.