Encryption, sensible or not?
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Encryption, sensible or not?
When you install Linux Mint, you can choose to encrypt, everything, home or nothing. The encryption slows down, your system. Is it necessery or desirable to encrypt your system (partially). Linux has the reputation of being fairly safe and usually your router has a firewall and if not so you can turn on ufw. Isn't it true that a hacker breaks through the encryption anyway? What is the sensible thing to do?
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Encryption, sensible or not?
Either form of encryption is only a protection against people with physical access to your computer. Not against remote attacks.
- If others also use your computer (like family members or roommates) and you're the only user with administrator access you can just change the permissions on your home directory so the other users on your computer can't access it. No encryption needed.
- if there are other users with administrator access this won't suffice. Home directory encryption would be the option in that case; it would keep your files inaccessible to all other users on your computer—whether they have administrator access or not.
- Full disk encryption is faster than home directory encryption and you should prefer this to keep your files inaccessible from all people that can physically get to your computer (like burglars). You can combine it with option 1. It's only not a good option if there are other users on your computer with administrator access that you wouldn't trust with your files.
Re: Encryption, sensible or not?
Encryption does not enhance the security, but the privacy.Duveltje wrote:Linux has the reputation of being fairly safe
As long as your computer is turned off, it does not matter, if the router has a firewall. If the computer is running and you have full encryption, it is unlocked; if you re locked in and you have your home encrypted, this will be unlocked. Unlocked means, the data are for an attacker as well as for yourself reachable (assumed, an attacker would at all be able to break in).Duveltje wrote:usually your router has a firewall and if not so you can turn on ufw.
A firewall helps as you can e.g. block all incoming traffic, but allow outgoing traffic.
Yes, this is true, if you mean with "hackers" attackers from the distance / via web. Out of the above given reasons.Duveltje wrote:Isn't it true that a hacker breaks through the encryption anyway? What is the sensible thing to do?
If the sensibility of your data is a special concern for you it might be worth, to store the especial sensitive in encrypted file or folders, which you unlock only in case, that you actually need them.
Re: Encryption, sensible or not?
I am the only user of my lap. I am connected to the internet, nothing else. I want to be as certain as possible, that I can't be hacked and that I don't get crapware on my lap, especially since I use internet banking. I don't think that encrypting (part of) my computer is of use to me. So I leave it as it is, unless someone can tell me good reasons why I should encrypt (part of) my computer.
Re: Encryption, sensible or not?
You are right.Duveltje wrote:I don't think that encrypting (part of) my computer is of use to me.
Re: Encryption, sensible or not?
Well, you, and the thief or honest finder that gets your "lap" after you. That I would feel is in fact the main reason to use encryption for regular users. If you use the laptop in in fact mobile manner, chances that you at some point will forget it somewhere or that it gets stolen are significant. Without encryption the new owner is going to have access to all of your data.I am the only user of my lap.
I would therefore personally always encrypt my home directory on an actually mobile system. Not the entire system. Admittedly, the system not even booting up when using the latter option makes for some additional peace-of-mind, but I'm just not able to get past the sillyness of encrypting /bin/ls.
Re: Encryption, sensible or not?
Then one you can look at is running your web browser in a security sandbox. Something like firejail (I have a tutorial viewtopic.php?t=202735). That limits what the web browser can do so if you end up on a web page with some malware at most it can try and mess up your web browser configuration. With default configuration of firejail your web browser can only write files in its user configuration and cache directories and in your Downloads directory. It can't access your Documents and Pictures directory for example. Your web browser is the most exposed part of your computer. You can also look into extensions for Firefox like uBlock Origin (to block ads; as most malware is distributed through ad networks) or NoScript (to block untrusted websites from running code on your computer).
Re: Encryption, sensible or not?
I always leave my computer at home and is not very likely that someone breaks into my house. So I feel safe about that.rene wrote:Well, you, and the thief or honest finder that gets your "lap" after you. That I would feel is in fact the main reason to use encryption for regular users. If you use the laptop in in fact mobile manner, chances that you at some point will forget it somewhere or that it gets stolen are significant. Without encryption the new owner is going to have access to all of your data.I am the only user of my lap.
I would therefore personally always encrypt my home directory on an actually mobile system. Not the entire system. Admittedly, the system not even booting up when using the latter option makes for some additional peace-of-mind, but I'm just not able to get past the sillyness of encrypting /bin/ls.
Re: Encryption, sensible or not?
I often use a VPN and also I sometimes use the tor-browser, to be anonymous. I'll try firejail and firejail-tools to investigate it. Thnx.xenopeek wrote:Then one you can look at is running your web browser in a security sandbox. Something like firejail (I have a tutorial viewtopic.php?t=202735). That limits what the web browser can do so if you end up on a web page with some malware at most it can try and mess up your web browser configuration. With default configuration of firejail your web browser can only write files in its user configuration and cache directories and in your Downloads directory. It can't access your Documents and Pictures directory for example. Your web browser is the most exposed part of your computer. You can also look into extensions for Firefox like uBlock Origin (to block ads; as most malware is distributed through ad networks) or NoScript (to block untrusted websites from running code on your computer).
Re: Encryption, sensible or not?
Then I would certainly feel free to not encrypt. As long as you are aware that your password will not keep your data safe: anyone with physical access to the machine gets your data.