Is there any reason to do full disk encryption, vs encrypting a single partiton or a folder with eCryptfs? It’s not like your /usr/bin, etc… needs to be encrypted, but encrypting it reduces performance.
Suppose you’re in some hypothetical country where torrenting is illegal. The presence of /usr/bin/qbittorrent on your disk could be enough to face charges. Unencrypted /var/log? Maybe they can see you’ve been running a cryptocurrency miner. There could be plenty of data outside of $HOME on your computer which a cop might try to use against you.
In the most paranoid hypothetical scenario, someone could mount your unencrypted /usr/bin and replace openssl with a compromised version.
/var/log and the likes aren’t really issues, I just have mine as a link to the real one in an eCryptfs folder. Though I guess you’d be right about qbittorrent, this is something pretty rare.
In the most paranoid hypothetical scenario, someone could mount your unencrypted /usr/bin and replace openssl with a compromised version.
I suppose if you’re in this situation, you have way more important things to deal with. That would imply someone has physical access to your computer, at that point if they really want to know what you’re doing they might as well setup a camera.
Is there any reason to do full disk encryption, vs encrypting a single partiton or a folder with eCryptfs? It’s not like your /usr/bin, etc… needs to be encrypted, but encrypting it reduces performance.
Suppose you’re in some hypothetical country where torrenting is illegal. The presence of
/usr/bin/qbittorrenton your disk could be enough to face charges. Unencrypted/var/log? Maybe they can see you’ve been running a cryptocurrency miner. There could be plenty of data outside of$HOMEon your computer which a cop might try to use against you.In the most paranoid hypothetical scenario, someone could mount your unencrypted
/usr/binand replaceopensslwith a compromised version./var/log and the likes aren’t really issues, I just have mine as a link to the real one in an eCryptfs folder. Though I guess you’d be right about qbittorrent, this is something pretty rare.
I suppose if you’re in this situation, you have way more important things to deal with. That would imply someone has physical access to your computer, at that point if they really want to know what you’re doing they might as well setup a camera.
One obvious reason is that it just is very simple to encrypt the entire disk and be done with it.