← Back to context

Comment by acdha

2 hours ago

You’re being downvoted because you’re taking a narrow edge case and saying it invalidates all usage. Disk encryption is not “technically useless” when it works for 99.999+% of the people using it who aren’t targeted by professional attackers. Most people expect it to protect them against an unskilled thief or when they resell the device, and it works for that.

People in those high risk categories already need more than disk encryption anyway, so this isn’t even the critical piece for them! (Consider how likely it is that I would have the resources and access to freeze and extract your RAM but not, say, the ability to record you entering your password using the same access. Yes, you can come up with scenarios where that makes a difference but it really underscores that you have many additional things to worry about if this is your threat model.)

Yes I understand all that. I don't have secure boot, so I'm not protected against the evil-maid attack either. I know that too.

It's why I used the word "technically", by which I meant "in the absolute". What word do you propose instead? Encryption that can be worked around by anyone with skills and commonly available equipment is technically useless. It offers some protection (the thief will probably reboot or unplug) but ultimately it's null and void.

>Most people expect

This would need to be sourced. I say most people expect "encryption" to be as secure as the encryption password. In the case of an unattended sleeping computer using Linux with FDE enabled and the screen locked, it's not. I'm not sure most people know that. I believe things are different on, say, iOS. All of this was the rationale for Debian's (buggy) feature.