To encrypt or not to encrypt, that is the question

Chat about anything related to Linux Mint
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.

Would you use any encryption ?

Poll ended at Sun Sep 26, 2021 8:36 am

I use home encryption
1
7%
I use full disk encryption
1
7%
I don't use any encryption
11
73%
i do something else
2
13%
 
Total votes: 15

User avatar
Lady Fitzgerald
Level 15
Level 15
Posts: 5731
Joined: Tue Jan 07, 2020 3:12 pm
Location: AZ, SSA (Squabbling States of America)

Re: To encrypt or not to encrypt, that is the question

Post by Lady Fitzgerald »

As usual with internet polls, this one is flawed. The proper third choice should be "Neither" or "None of the Above" since many people do use encryption of some kind, just not /home or full disk encryption. Many of us use encrypted containers or encrypted external drives.

I my case, I use a Veracrypt container on the computer and the computer's external backup drives and have an encrypted USB stick for an additional backup.
Jeannie

To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
User avatar
Pierre
Level 21
Level 21
Posts: 13192
Joined: Fri Sep 05, 2008 5:33 am
Location: Perth, AU.

Re: To encrypt or not to encrypt, that is the question

Post by Pierre »

Lady Fitzgerald wrote: Wed Sep 22, 2021 5:55 pm As usual with internet polls, this one is flawed. The proper third choice should be "Neither" or "None of the Above" since many people do use encryption of some kind, just not /home or full disk encryption.
that means re-starting the Poll . .
thus it is now changed .. it will still run for a few days.
Image
Please edit your original post title to include [SOLVED] - when your problem is solved!
and DO LOOK at those Unanswered Topics - - you may be able to answer some!.
User avatar
MurphCID
Level 15
Level 15
Posts: 5894
Joined: Fri Sep 25, 2015 10:29 pm
Location: Near San Antonio, Texas

Re: To encrypt or not to encrypt, that is the question

Post by MurphCID »

Portreve wrote: Wed Sep 22, 2021 5:39 pm
MurphCID wrote: Wed Sep 22, 2021 7:00 am How many here encrypt their /home folder? I have not done it yet, but I like the thought of the extra security. POP OS allows you to encrypt your HD right off the bat, a feature I appreciate. So how many of us take that extra step? Curious minds want to know.
While I appreciate your having added the poll (these things are really fantastic for crystallizing public opinion rapidly) as a matter of personal policy, I don't discuss what, if any, security arrangements I use.

That said, one good thing about doing some amount of drive encryption is that there's no realistic chance that in the future anyone will be able to recover any of your data, whether you happen to care about it or not.

I'll also second Lady Fitzgerald's comment below about VeraCrypt, which is a successor fork of TrueCrypt. It's multi-platform, which is great if you need to access data on macOS or Windows.

Lady Fitzgerald wrote: Wed Sep 22, 2021 8:43 am Also, if you have to send the computer in for repair, you would have to provide the encryption key to the whomever is doing the repair.
I would never, ever under any circumstances provide anyone with anything having to do with an encryption key that was mine. I'd just as soon lose all the data as risk any of it falling into someone else's hands. That would even include a drive containing just a single piece of mundane data, like a photo of a dandelion shot at random and having no meaning whatsoever.
I understand. I was just curious as to what people thought about encrypting their drive.
t42
Level 11
Level 11
Posts: 3708
Joined: Mon Jan 20, 2014 6:48 pm

Re: To encrypt or not to encrypt, that is the question

Post by t42 »

The results of three encryption-related polls on the Distrowatch.
More than a thousand participants in each.

Encrypted home directories
6 July 2020
Poll results:
I encrypt my home directory: 75 (6%)
I encrypt my whole partition/disk: 229 (17%)
I use encrypted file vaults: 108 (8%)
I do not use storage encryption: 921 (69%)
Disk encryption and file vaults
23 December 2019
Poll results:
I use disk/partition encryption: 289 (22%)
I use a file vault: 117 (9%)
I use another form of encryption: 68 (5%)
I hide files without encryption: 47 (4%)
I use a combination of the above options: 131 (10%)
I use none of the above options: 663 (50%
Disk encryption
21 September 2015
Poll results:
I encrypt my home folder: 75 (4%)
I encrypt my /home partition: 97 (5%)
I encrypt /home and swap space: 38 (2%)
I encrypt the whole disk: 345 (19%)
I do not use disk encryption: 1105 (62%)
Other: 126 (7%)
Block device encryption (partition or disk) was used by
2015 - 24%
2019 - 22%
2020 -17%
-=t42=-
User avatar
MurphCID
Level 15
Level 15
Posts: 5894
Joined: Fri Sep 25, 2015 10:29 pm
Location: Near San Antonio, Texas

Re: To encrypt or not to encrypt, that is the question

Post by MurphCID »

Interesting. Thanks for posting that data.
jjp2145-oldtimer
Level 3
Level 3
Posts: 157
Joined: Wed Oct 02, 2019 11:43 am

Re: To encrypt or not to encrypt, that is the question

Post by jjp2145-oldtimer »

Encryption is on my mind so I will chime in.

I am that one guy that uses home encryption. It provides some protection against "Evil Maid" attacks. Please note that the computer has to be turned off for this to work due to that "systemd regression."

Please note, that this is not the only thing that I do. I would never use home encryption as my only line of defence. For one thing, that would require a very long and very strong user password.
If you need sudo to edit it, back it up first. If I tell you to edit something with sudo and forgot to tell you to back it up, back it up anyway. sudo cp backup or cat > backup.txt.
User avatar
chavic
Level 1
Level 1
Posts: 47
Joined: Thu Sep 25, 2014 12:22 am
Location: Facing the moon

Re: To encrypt or not to encrypt, that is the question

Post by chavic »

I don't have the need of using encrypt I prefer this way. I think brings more problems, never need it after all this time
Desktop: MATE 1.26.0
Distro: Linux Mint 21.1 Vera

Image
User avatar
AZgl1800
Level 20
Level 20
Posts: 11145
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes Sweeping down the Plains
Contact:

Re: To encrypt or not to encrypt, that is the question

Post by AZgl1800 »

The major thing that I got from my counseling sessions were:

You cannot correct past mistakes, move on and go from here.
If you can repair them, do it.

I lost my first family for 19 years,

but regained them with a lot of hard work these past 12 years.
damn good thing too, my wife passed 2/17 and my daughter stayed with me to make sure I eat right.

she never found any boyfriends that were were getting permanent with.

my son is a joy now, it was harder to get him back, than my daughter
LM21.3 Cinnamon ASUS FX705GM | Donate to Mint https://www.patreon.com/linux_mint
Image
User avatar
MurphCID
Level 15
Level 15
Posts: 5894
Joined: Fri Sep 25, 2015 10:29 pm
Location: Near San Antonio, Texas

Re: To encrypt or not to encrypt, that is the question

Post by MurphCID »

AZgl1500 wrote: Fri Sep 24, 2021 5:31 pm The major thing that I got from my counseling sessions were:

You cannot correct past mistakes, move on and go from here.
If you can repair them, do it.

I lost my first family for 19 years,

but regained them with a lot of hard work these past 12 years.
damn good thing too, my wife passed 2/17 and my daughter stayed with me to make sure I eat right.

she never found any boyfriends that were were getting permanent with.

my son is a joy now, it was harder to get him back, than my daughter
Wise words.
User avatar
absque fenestris
Level 12
Level 12
Posts: 4124
Joined: Sat Nov 12, 2016 8:42 pm
Location: Confoederatio Helvetica

Re: To encrypt or not to encrypt, that is the question

Post by absque fenestris »

Oh goodness, me and my encrypted disc - obviously a rare species. Is there a right to minority protection?
User avatar
Lady Fitzgerald
Level 15
Level 15
Posts: 5731
Joined: Tue Jan 07, 2020 3:12 pm
Location: AZ, SSA (Squabbling States of America)

Re: To encrypt or not to encrypt, that is the question

Post by Lady Fitzgerald »

absque fenestris wrote: Sat Sep 25, 2021 12:39 pm Oh goodness, me and my encrypted disc - obviously a rare species. Is there a right to minority protection?
So? It's your computer; you can use whatever works for you. That's one of the major benefits of Linux.
Jeannie

To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
User avatar
MurphCID
Level 15
Level 15
Posts: 5894
Joined: Fri Sep 25, 2015 10:29 pm
Location: Near San Antonio, Texas

Re: To encrypt or not to encrypt, that is the question

Post by MurphCID »

I am thinking of installing POP OS back on the old Darter Pro, and doing full disk encryption at the beginning just so I can play with it. Not that I keep anything on this system worth stealing. My Windows machine... well I don't trust Microsquishes encryption and its long term stability or their ability to read it despite what I chose or don't chose to encrypt.
t42
Level 11
Level 11
Posts: 3708
Joined: Mon Jan 20, 2014 6:48 pm

Re: To encrypt or not to encrypt, that is the question

Post by t42 »

MurphCID wrote: Wed Sep 29, 2021 9:47 am doing full disk encryption at the beginning just so I can play with it
Probably there is so little to play with during installation and nothing at all after that. Installer probably doesn't allow to strengthen the encryption process.
-=t42=-
User avatar
MurphCID
Level 15
Level 15
Posts: 5894
Joined: Fri Sep 25, 2015 10:29 pm
Location: Near San Antonio, Texas

Re: To encrypt or not to encrypt, that is the question

Post by MurphCID »

t42 wrote: Wed Sep 29, 2021 10:41 am
MurphCID wrote: Wed Sep 29, 2021 9:47 am doing full disk encryption at the beginning just so I can play with it
Probably there is so little to play with during installation and nothing at all after that. Installer probably doesn't allow to strengthen the encryption process.
Good point, but I am bored, and when I get bored I tinker and break things.....
t42
Level 11
Level 11
Posts: 3708
Joined: Mon Jan 20, 2014 6:48 pm

Re: To encrypt or not to encrypt, that is the question

Post by t42 »

MurphCID wrote: Wed Sep 29, 2021 10:44 am and break things.....
...so please backup the headers of encrypted partition :)
-=t42=-
User avatar
absque fenestris
Level 12
Level 12
Posts: 4124
Joined: Sat Nov 12, 2016 8:42 pm
Location: Confoederatio Helvetica

Re: To encrypt or not to encrypt, that is the question

Post by absque fenestris »

Please do not encrypt your disc. I would like to preserve my minority status.

If you do encrypt, you run the high risk that your disc and the system on it will run for at least five years without any problems, and that would be very boring.
Completely encrypted ext4 USB sticks are also extremely boring.

I can't help myself, this entire thread is tickling my sarcasm epicenter.
User avatar
Lady Fitzgerald
Level 15
Level 15
Posts: 5731
Joined: Tue Jan 07, 2020 3:12 pm
Location: AZ, SSA (Squabbling States of America)

Re: To encrypt or not to encrypt, that is the question

Post by Lady Fitzgerald »

t42 wrote: Wed Sep 29, 2021 10:59 am
MurphCID wrote: Wed Sep 29, 2021 10:44 am and break things.....
...so please backup the headers of encrypted partition :)
I so totally agree. I'm also lazy and making, maintaining, and restoring backups are so much easier and faster than starting all over again.

I use Rescuezilla to image and restore my boot drive because of the idiot NVIDIA graphics card in my computer but AndyMH's Foxclone is just as good, if not better, and his website has detailed directions on how to use it (something rare in the software community so a million points to Andy for that) making it easy to adopt.

There are two ways to back up the OS. One is to image it, then use the image to restore the OS if ever necessary (the way I break things, restoring is inevitable). The other way is to make a clone of the OS drive (Foxclone, Rescuezilla, and Clonezilla can do both), then, if things go south on the OS drive, slap in the clone or clone the clone back to the original drive or its replacement (the latter is inefficient but it will work). In the past, I limited cloning to transferring data to a new drive when upgrading the drive but I never clone anymore, finding imaging superior for OS drives with no data, and folder/file syncing for data only drives (or partitions).

I prefer imaging to back up the OS since I can easily keep multiple images and make copies of each image to back them up (yeah, I know, I'm paranoid). I make an image each Saturday morning (being the absent minded old broad I am, I have calendar entries to remind me to do so). On the first Saturday of the month, I put a spare boot drive in an external enclosure, do a quickie reformat it to make it easier to find in Rescuezilla, restore the image I just made to the drive in the external enclosure, then swap out that drive with the one in the computer to make sure it will boot. I keep the original as a backup. I keep three OS drives in rotation that way.

I keep my images in a folder in one of my data drives in my computer and that folder gets backed up with the rest of my data when I backup that drive.
Jeannie

To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
User avatar
MurphCID
Level 15
Level 15
Posts: 5894
Joined: Fri Sep 25, 2015 10:29 pm
Location: Near San Antonio, Texas

Re: To encrypt or not to encrypt, that is the question

Post by MurphCID »

absque fenestris wrote: Wed Sep 29, 2021 11:19 am Please do not encrypt your disc. I would like to preserve my minority status.

If you do encrypt, you run the high risk that your disc and the system on it will run for at least five years without any problems, and that would be very boring.
Completely encrypted ext4 USB sticks are also extremely boring.

I can't help myself, this entire thread is tickling my sarcasm epicenter.
LOL!
User avatar
AZgl1800
Level 20
Level 20
Posts: 11145
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes Sweeping down the Plains
Contact:

Re: To encrypt or not to encrypt, that is the question

Post by AZgl1800 »

Keeping spare, or backup SSDs in a Laptop is impossible.....
It takes me 3 hours just to get down to where they have the SSD hidden beneath the largest piece of Mass you have ever seen.

gave up on that idea, I never found the SSD, much less change it out.

lucky this laptop has a 2nd SSD bay, which is where I put MINT.

the OEM SSD is that wonderful stuff called the BlueScreenOfDeath
LM21.3 Cinnamon ASUS FX705GM | Donate to Mint https://www.patreon.com/linux_mint
Image
User avatar
Lady Fitzgerald
Level 15
Level 15
Posts: 5731
Joined: Tue Jan 07, 2020 3:12 pm
Location: AZ, SSA (Squabbling States of America)

Re: To encrypt or not to encrypt, that is the question

Post by Lady Fitzgerald »

AZgl1500 wrote: Wed Sep 29, 2021 1:38 pm Keeping spare, or backup SSDs in a Laptop is impossible...
It depends on the laptop. I had three netbooks, two Acer and one Asus, that were impossible to get to the drive without performing major surgery.

Then I had three Lenovo notebooks and getting to their drives was a joy; just open the back and there its drive was staring back at me.

Even my current System 76 machine has fairly easy access to its drives. I just remove two screws from the small back cover and the three data drives are laid out before me. The M.2 NVMe drive is easy to get to; take out one screw and it's out. Both of the 2.5" SDDs are held in with one screw each going through an attached bracket but the screw for one drive is tucked underneath the other drive so the other drive has to be removed first to get to that screw. Both 2.5" drives have brackets and pads screwed to them, for a total of eight screws per drive but that still not that big of a deal if I ever have to replace one of those drives (which I plan on doing later this year to get more storage capacity).

The NVMe boot drive is under the other cover. Remove five screws to get the other cover off, then remove the one screw holding the boot drive in place and the drive rises up on one end to greet me. It's that simple.

Since my netbooks, one of the first things I check is how easy is it to get to the drives inside. Some are as easy as my current System 76 machine and my Lenovos. Others are real stinkers. If I can't find out about how the drives are accessed. I will pass that machine up.
Jeannie

To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
Locked

Return to “Chat about Linux Mint”