baseless_discourse,

If the device is stolen, your disk is still encrypted at all time. If you believe your OS’s login system is reasonably secure, then the attacker should have no way to access your data: they cannot access the data from software because it is blocked by login screen, they cannot access the data from hardware because it is protected by FDE.

One of the misconceptions I had before is that I assumed that the disk will be decrypted when you enter the LUKS password. This is not true, the password is loaded into the ram, and only decrypts necessary parts to RAM. All the data on the disk is never decrypted, even when you are working in your OS.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • linux@lemmy.ml
  • localhost
  • All magazines
  • Loading…
    Loading the web debug toolbar…
    Attempt #