← Back to context

Comment by acdha

5 hours ago

Anyone with physical access, significant tools, and experience. The FBI has people who can pull data out of memory after freezing the RAM but the average laptop thief doesn’t so how serious this is depends significantly on your threat model. If you’re not a major criminal, bitcoin whale, or intelligence target this is almost certainly academic.

> If you’re not a major criminal, bitcoin whale, or intelligence target this is almost certainly academic.

Thanks, that's what I thought.

While that is true, the fact is that encryption is technically useless for anyone who is not constantly powering off and on, which is surely a bunch of people. That this is not widely understood is IMO a problem. And excellent reason for Debian's feature.

PS: Downvoting is not a rebuttal. Disk encryption is not effective security on a suspended (sleeping) system. That is a fact.

  • You’re being downvoted because you’re taking a narrow edge case and saying it invalidates all usage. Disk encryption is not “technically useless” when it works for 99.999+% of the people using it who aren’t targeted by professional attackers. Most people expect it to protect them against an unskilled thief or when they resell the device, and it works for that.

    People in those high risk categories already need more than disk encryption anyway, so this isn’t even the critical piece for them! (Consider how likely it is that I would have the resources and access to freeze and extract your RAM but not, say, the ability to record you entering your password using the same access. Yes, you can come up with scenarios where that makes a difference but it really underscores that you have many additional things to worry about if this is your threat model.)