To encrypt or not to encrypt, that is the question
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
- Lady Fitzgerald
- Level 15
- Posts: 5731
- Joined: Tue Jan 07, 2020 3:12 pm
- Location: AZ, SSA (Squabbling States of America)
Re: To encrypt or not to encrypt, that is the question
As usual with internet polls, this one is flawed. The proper third choice should be "Neither" or "None of the Above" since many people do use encryption of some kind, just not /home or full disk encryption. Many of us use encrypted containers or encrypted external drives.
I my case, I use a Veracrypt container on the computer and the computer's external backup drives and have an encrypted USB stick for an additional backup.
I my case, I use a Veracrypt container on the computer and the computer's external backup drives and have an encrypted USB stick for an additional backup.
Jeannie
To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
Re: To encrypt or not to encrypt, that is the question
that means re-starting the Poll . .Lady Fitzgerald wrote: ⤴Wed Sep 22, 2021 5:55 pm As usual with internet polls, this one is flawed. The proper third choice should be "Neither" or "None of the Above" since many people do use encryption of some kind, just not /home or full disk encryption.
thus it is now changed .. it will still run for a few days.
Please edit your original post title to include [SOLVED] - when your problem is solved!
and DO LOOK at those Unanswered Topics - - you may be able to answer some!.
Re: To encrypt or not to encrypt, that is the question
I understand. I was just curious as to what people thought about encrypting their drive.Portreve wrote: ⤴Wed Sep 22, 2021 5:39 pmWhile I appreciate your having added the poll (these things are really fantastic for crystallizing public opinion rapidly) as a matter of personal policy, I don't discuss what, if any, security arrangements I use.MurphCID wrote: ⤴Wed Sep 22, 2021 7:00 am How many here encrypt their /home folder? I have not done it yet, but I like the thought of the extra security. POP OS allows you to encrypt your HD right off the bat, a feature I appreciate. So how many of us take that extra step? Curious minds want to know.
That said, one good thing about doing some amount of drive encryption is that there's no realistic chance that in the future anyone will be able to recover any of your data, whether you happen to care about it or not.
I'll also second Lady Fitzgerald's comment below about VeraCrypt, which is a successor fork of TrueCrypt. It's multi-platform, which is great if you need to access data on macOS or Windows.
I would never, ever under any circumstances provide anyone with anything having to do with an encryption key that was mine. I'd just as soon lose all the data as risk any of it falling into someone else's hands. That would even include a drive containing just a single piece of mundane data, like a photo of a dandelion shot at random and having no meaning whatsoever.Lady Fitzgerald wrote: ⤴Wed Sep 22, 2021 8:43 am Also, if you have to send the computer in for repair, you would have to provide the encryption key to the whomever is doing the repair.
Re: To encrypt or not to encrypt, that is the question
The results of three encryption-related polls on the Distrowatch.
More than a thousand participants in each.
Encrypted home directories
6 July 2020
Poll results:
23 December 2019
Poll results:
21 September 2015
Poll results:
More than a thousand participants in each.
Encrypted home directories
6 July 2020
Poll results:
I encrypt my home directory: 75 (6%)
I encrypt my whole partition/disk: 229 (17%)
I use encrypted file vaults: 108 (8%)
I do not use storage encryption: 921 (69%)
Disk encryption and file vaultsI encrypt my whole partition/disk: 229 (17%)
I use encrypted file vaults: 108 (8%)
I do not use storage encryption: 921 (69%)
23 December 2019
Poll results:
I use disk/partition encryption: 289 (22%)
I use a file vault: 117 (9%)
I use another form of encryption: 68 (5%)
I hide files without encryption: 47 (4%)
I use a combination of the above options: 131 (10%)
I use none of the above options: 663 (50%
Disk encryptionI use a file vault: 117 (9%)
I use another form of encryption: 68 (5%)
I hide files without encryption: 47 (4%)
I use a combination of the above options: 131 (10%)
I use none of the above options: 663 (50%
21 September 2015
Poll results:
I encrypt my home folder: 75 (4%)
I encrypt my /home partition: 97 (5%)
I encrypt /home and swap space: 38 (2%)
I encrypt the whole disk: 345 (19%)
I do not use disk encryption: 1105 (62%)
Other: 126 (7%)
I encrypt my /home partition: 97 (5%)
I encrypt /home and swap space: 38 (2%)
I encrypt the whole disk: 345 (19%)
I do not use disk encryption: 1105 (62%)
Other: 126 (7%)
Block device encryption (partition or disk) was used by
2015 - 24%
2019 - 22%
2020 -17%
2015 - 24%
2019 - 22%
2020 -17%
-=t42=-
Re: To encrypt or not to encrypt, that is the question
Interesting. Thanks for posting that data.
-
- Level 3
- Posts: 157
- Joined: Wed Oct 02, 2019 11:43 am
Re: To encrypt or not to encrypt, that is the question
Encryption is on my mind so I will chime in.
I am that one guy that uses home encryption. It provides some protection against "Evil Maid" attacks. Please note that the computer has to be turned off for this to work due to that "systemd regression."
Please note, that this is not the only thing that I do. I would never use home encryption as my only line of defence. For one thing, that would require a very long and very strong user password.
I am that one guy that uses home encryption. It provides some protection against "Evil Maid" attacks. Please note that the computer has to be turned off for this to work due to that "systemd regression."
Please note, that this is not the only thing that I do. I would never use home encryption as my only line of defence. For one thing, that would require a very long and very strong user password.
If you need sudo to edit it, back it up first. If I tell you to edit something with sudo and forgot to tell you to back it up, back it up anyway. sudo cp backup or cat > backup.txt.
Re: To encrypt or not to encrypt, that is the question
I don't have the need of using encrypt I prefer this way. I think brings more problems, never need it after all this time
Desktop: MATE 1.26.0
Distro: Linux Mint 21.1 Vera
Distro: Linux Mint 21.1 Vera
- AZgl1800
- Level 20
- Posts: 11145
- Joined: Thu Dec 31, 2015 3:20 am
- Location: Oklahoma where the wind comes Sweeping down the Plains
- Contact:
Re: To encrypt or not to encrypt, that is the question
The major thing that I got from my counseling sessions were:
You cannot correct past mistakes, move on and go from here.
If you can repair them, do it.
I lost my first family for 19 years,
but regained them with a lot of hard work these past 12 years.
damn good thing too, my wife passed 2/17 and my daughter stayed with me to make sure I eat right.
she never found any boyfriends that were were getting permanent with.
my son is a joy now, it was harder to get him back, than my daughter
You cannot correct past mistakes, move on and go from here.
If you can repair them, do it.
I lost my first family for 19 years,
but regained them with a lot of hard work these past 12 years.
damn good thing too, my wife passed 2/17 and my daughter stayed with me to make sure I eat right.
she never found any boyfriends that were were getting permanent with.
my son is a joy now, it was harder to get him back, than my daughter
Re: To encrypt or not to encrypt, that is the question
Wise words.AZgl1500 wrote: ⤴Fri Sep 24, 2021 5:31 pm The major thing that I got from my counseling sessions were:
You cannot correct past mistakes, move on and go from here.
If you can repair them, do it.
I lost my first family for 19 years,
but regained them with a lot of hard work these past 12 years.
damn good thing too, my wife passed 2/17 and my daughter stayed with me to make sure I eat right.
she never found any boyfriends that were were getting permanent with.
my son is a joy now, it was harder to get him back, than my daughter
- absque fenestris
- Level 12
- Posts: 4124
- Joined: Sat Nov 12, 2016 8:42 pm
- Location: Confoederatio Helvetica
Re: To encrypt or not to encrypt, that is the question
Oh goodness, me and my encrypted disc - obviously a rare species. Is there a right to minority protection?
- Lady Fitzgerald
- Level 15
- Posts: 5731
- Joined: Tue Jan 07, 2020 3:12 pm
- Location: AZ, SSA (Squabbling States of America)
Re: To encrypt or not to encrypt, that is the question
So? It's your computer; you can use whatever works for you. That's one of the major benefits of Linux.absque fenestris wrote: ⤴Sat Sep 25, 2021 12:39 pm Oh goodness, me and my encrypted disc - obviously a rare species. Is there a right to minority protection?
Jeannie
To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
Re: To encrypt or not to encrypt, that is the question
I am thinking of installing POP OS back on the old Darter Pro, and doing full disk encryption at the beginning just so I can play with it. Not that I keep anything on this system worth stealing. My Windows machine... well I don't trust Microsquishes encryption and its long term stability or their ability to read it despite what I chose or don't chose to encrypt.
Re: To encrypt or not to encrypt, that is the question
Probably there is so little to play with during installation and nothing at all after that. Installer probably doesn't allow to strengthen the encryption process.
-=t42=-
Re: To encrypt or not to encrypt, that is the question
- absque fenestris
- Level 12
- Posts: 4124
- Joined: Sat Nov 12, 2016 8:42 pm
- Location: Confoederatio Helvetica
Re: To encrypt or not to encrypt, that is the question
Please do not encrypt your disc. I would like to preserve my minority status.
If you do encrypt, you run the high risk that your disc and the system on it will run for at least five years without any problems, and that would be very boring.
Completely encrypted ext4 USB sticks are also extremely boring.
I can't help myself, this entire thread is tickling my sarcasm epicenter.
If you do encrypt, you run the high risk that your disc and the system on it will run for at least five years without any problems, and that would be very boring.
Completely encrypted ext4 USB sticks are also extremely boring.
I can't help myself, this entire thread is tickling my sarcasm epicenter.
- Lady Fitzgerald
- Level 15
- Posts: 5731
- Joined: Tue Jan 07, 2020 3:12 pm
- Location: AZ, SSA (Squabbling States of America)
Re: To encrypt or not to encrypt, that is the question
I so totally agree. I'm also lazy and making, maintaining, and restoring backups are so much easier and faster than starting all over again.
I use Rescuezilla to image and restore my boot drive because of the idiot NVIDIA graphics card in my computer but AndyMH's Foxclone is just as good, if not better, and his website has detailed directions on how to use it (something rare in the software community so a million points to Andy for that) making it easy to adopt.
There are two ways to back up the OS. One is to image it, then use the image to restore the OS if ever necessary (the way I break things, restoring is inevitable). The other way is to make a clone of the OS drive (Foxclone, Rescuezilla, and Clonezilla can do both), then, if things go south on the OS drive, slap in the clone or clone the clone back to the original drive or its replacement (the latter is inefficient but it will work). In the past, I limited cloning to transferring data to a new drive when upgrading the drive but I never clone anymore, finding imaging superior for OS drives with no data, and folder/file syncing for data only drives (or partitions).
I prefer imaging to back up the OS since I can easily keep multiple images and make copies of each image to back them up (yeah, I know, I'm paranoid). I make an image each Saturday morning (being the absent minded old broad I am, I have calendar entries to remind me to do so). On the first Saturday of the month, I put a spare boot drive in an external enclosure, do a quickie reformat it to make it easier to find in Rescuezilla, restore the image I just made to the drive in the external enclosure, then swap out that drive with the one in the computer to make sure it will boot. I keep the original as a backup. I keep three OS drives in rotation that way.
I keep my images in a folder in one of my data drives in my computer and that folder gets backed up with the rest of my data when I backup that drive.
Jeannie
To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
Re: To encrypt or not to encrypt, that is the question
LOL!absque fenestris wrote: ⤴Wed Sep 29, 2021 11:19 am Please do not encrypt your disc. I would like to preserve my minority status.
If you do encrypt, you run the high risk that your disc and the system on it will run for at least five years without any problems, and that would be very boring.
Completely encrypted ext4 USB sticks are also extremely boring.
I can't help myself, this entire thread is tickling my sarcasm epicenter.
- AZgl1800
- Level 20
- Posts: 11145
- Joined: Thu Dec 31, 2015 3:20 am
- Location: Oklahoma where the wind comes Sweeping down the Plains
- Contact:
Re: To encrypt or not to encrypt, that is the question
Keeping spare, or backup SSDs in a Laptop is impossible.....
It takes me 3 hours just to get down to where they have the SSD hidden beneath the largest piece of Mass you have ever seen.
gave up on that idea, I never found the SSD, much less change it out.
lucky this laptop has a 2nd SSD bay, which is where I put MINT.
the OEM SSD is that wonderful stuff called the BlueScreenOfDeath
It takes me 3 hours just to get down to where they have the SSD hidden beneath the largest piece of Mass you have ever seen.
gave up on that idea, I never found the SSD, much less change it out.
lucky this laptop has a 2nd SSD bay, which is where I put MINT.
the OEM SSD is that wonderful stuff called the BlueScreenOfDeath
- Lady Fitzgerald
- Level 15
- Posts: 5731
- Joined: Tue Jan 07, 2020 3:12 pm
- Location: AZ, SSA (Squabbling States of America)
Re: To encrypt or not to encrypt, that is the question
It depends on the laptop. I had three netbooks, two Acer and one Asus, that were impossible to get to the drive without performing major surgery.
Then I had three Lenovo notebooks and getting to their drives was a joy; just open the back and there its drive was staring back at me.
Even my current System 76 machine has fairly easy access to its drives. I just remove two screws from the small back cover and the three data drives are laid out before me. The M.2 NVMe drive is easy to get to; take out one screw and it's out. Both of the 2.5" SDDs are held in with one screw each going through an attached bracket but the screw for one drive is tucked underneath the other drive so the other drive has to be removed first to get to that screw. Both 2.5" drives have brackets and pads screwed to them, for a total of eight screws per drive but that still not that big of a deal if I ever have to replace one of those drives (which I plan on doing later this year to get more storage capacity).
The NVMe boot drive is under the other cover. Remove five screws to get the other cover off, then remove the one screw holding the boot drive in place and the drive rises up on one end to greet me. It's that simple.
Since my netbooks, one of the first things I check is how easy is it to get to the drives inside. Some are as easy as my current System 76 machine and my Lenovos. Others are real stinkers. If I can't find out about how the drives are accessed. I will pass that machine up.
Jeannie
To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!
To ensure the safety of your data, you have to be proactive, not reactive, so, back it up!