11-25-2019, 06:11 AM
@e-minguez, Lets make it clear to others, full disk encryption is "at rest". Meaning if an attacker / cracker gets in via network while the Pinebook Pro is booted, the full disk encryption does nothing to stop them from copying / damaging any file they can. (What I mean by any file they can, is if they got in as a normal user, they can only copy / damage files a normal user has access to.)
While I intend to use root OS encryption as well as swap encryption, normal hardening attempts to prevent remote access. Far more common loss of data compared to physical theft today.
Last, full disk encryption does not stop someone with physical access to the computer, (even if powered off), if they have the password. Or can guess it. (And in the case of hostile govenment agents, beat it out of the owner.)
While I intend to use root OS encryption as well as swap encryption, normal hardening attempts to prevent remote access. Far more common loss of data compared to physical theft today.
Last, full disk encryption does not stop someone with physical access to the computer, (even if powered off), if they have the password. Or can guess it. (And in the case of hostile govenment agents, beat it out of the owner.)
--
Arwen Evenstar
Princess of Rivendale
Arwen Evenstar
Princess of Rivendale