Linux

I encrypt all my filesystems, boot partitions excluded. I started with my work laptop. It made the most sense because there is a real possibility that it gets lost or stolen at some point. But once I learned how simple encryption is, I just started doing it everywhere. It's probably not gonna come into play ever for my desktop, but it also doesn't really cost me anything to be extra safe.

Full disk encryption on everything. My Servers, PCs etc. Gives me peace of mind that my data is safe even when the device is no longer in my control.

Its that simple.

I can expand my own creativity and store every thought and creative Art, without anybody being able to find out after my death or while someone raids me.

Maybe I stored an opinion against some president, and maybe the government changed its working, which allows police to raid someone for little suspection.

You never know if you ever have something to hide. While things are okay now and today, it might be highly illegal tomorrow.

Those are ideas. But generally its only about the feeling of privacy.

I don't for a pretty simple reason. I have a wife, if something ever happened to me then she could end up a creek without a paddle. So by not having it encrypted then, anyone kinda technical can just pull data off the drive.

I use encryption on laptops, because they can be stolen in the train, bus, etc. On work desktop, I do so as well, because there are many people around. However, on everything that stay at home, I prefer not to use it to simplifiy things and get more performance.

I do on all my devices that can as a matter of practice, not for any real threat. I'm interested to learn about how to set it up and use it on a daily basis including how to do system recoveries. I guess it's largely academic.

Once I switched to linux as my daily driver, I didn't have a need to do piracy anymore since all the software I need is FOSS.

I would strongly encourage people to encrypt their on site data storage drives even if they never leave the house and theft isn’t a realistic thing that can happen.

The issue is hard drive malfunction. If a drive has sensitive data on it and malfunctions. It becomes very hard to destroy that data.

If that malfunctioning hard drive was encrypted you can simply toss it into an e-waste bin worry free. If that malfunctioning drive was not encrypted you need to break out some heavy tools tool ensure that data is destroyed.

I have stopped encrypting my drives, because if anything goes wrong and the system won't boot it makes recovery more difficult. It's a dual boot machine with Windows 11, and I had a lot of awkwardness with Bitlocker that led to me deciding to abandon encryption in both OSs. I save sensitive files to encrypted volumes in VeraCrypt.

Yes, and for the life of me I don't understand why there isn't a default LUKS with hibernate partition in the Debian installer.

Yeah, on my laptop - because I travel with it and confidential data (like from my customers) could land in hands its not supposed to

No, in case of my desktop, because it's easier to access it in case of failure

I don't encrypt because it's too much effort to learn about it.

Id rather keep my filesystem unencrypted so that I can easily recover from problems and encrypt important files as needed, but let's be real I don't do that either.

Every endpoint device I use is using full disk encryption, yes.

I encrypted my professional laptop's drive in order to prevent access to company data and code in case of theft. And I'll probably encrypt my personal laptop as well because the SSH key can access company code.

As for the desktop, I didn't and probably never will, because theft is less likely and that would be a pain to handle for nightly backups (it is turned on with Wake-on-LAN and then a cron backs up my home directory to my NAS).

Finally, I won't encrypt my NAS as well for the same reason: it would quickly become a hassle as I would have to manually decrypt the drives every time it boots after a power outage.

I encrypt my laptop and desktops and I think it’s worth it. I regret encrypting my servers because they need passwords to turn on.

Depends on the use case. Definitely for my laptop though. In fact the decryption keys only exist in two places:

1. Inside my TPM
2. In a safe deposit box at a bank.

I used to, but then I nuked my install accidentally and I couldn't recover the encrypted data. I nuke my installs fairly regularly. I just did again this past week while trying to resize my / and my /home partitions. I've resigned myself to only encrypting specific files and directories on demand.

My phone is fully encrypted though.

I don't encrypt my entire drive, but I do have encrypted directories for my sensitive data. If I did encrypt an entire drive, it would only be the drive containing my data not the system drive.

No, I don't encrypt. I am a grown ass man and I rarely take my laptop out of my home. I don't have any sensitive data on my various machines. I do use secure and encrypted cloud services to store things that I consider a security risk. Everything else is useless to a potential intruder.

I do encrypt my drives, and it’s not as transparent in Linux as it is in the others. I’m sure I could get a TPM setup for seamless boots, but I haven’t done that yet.

For mobile drivers, I still encrypt, but that locks them to one OS since LUKS isn’t cross platform. There is VeraCrypt for cross-platform encryption, but that’s one more thing to manage and install.

Doesn't Pop have that by default? I think others have too.

Anyway, yes for basically everything. Except my servers main partition, because otherwise recovering from crashes would be horribly annoying or unsafe if I'd use cryptssh. And if the dns+dhcp/gateway/VPN server crashes I'd definitely need 22 open.

Yep. Everything except my server, which needs to be able to boot without my help. Because why not? I rarely ever reboot anything, so it doesn’t really hurt, and if anyone steals my shit they won’t get my wife’s noods.