This makes a world of difference. I know many people may know of it but may not actually do it. It Protects your files in case your computer is ever stolen and prevents alphabet agencies from just brute forcing into your Laptop or whatever.

I found that Limine (bootloader) has the fastest decryption when paired with LUKS at least for my laptop.

If your computer isn’t encrypted I could make a live USB of a distro, plug it into your computer, boot, and view your files on your hard drive. Completely bypassing your Login manager. If your computer is encrypted I could not. Use a strong password and different from your login

Benefits of Using LUKS with GRUB Enhanced Security

  • Data Protection: LUKS (Linux Unified Key Setup) encrypts disk partitions, ensuring that data remains secure even if the physical device is stolen.
  • Full Disk Encryption: It can encrypt the entire disk, including sensitive files and swap space, preventing unauthorized access to confidential information.

Compatibility with GRUB

  • Unlocking from Bootloader: GRUB can unlock LUKS-encrypted partitions using the cryptomount command, allowing the system to boot securely without exposing sensitive data.
  • Support for LVM: When combined with Logical Volume Management (LVM), LUKS allows for flexible partition management while maintaining encryption.
  • Nalivai@lemmy.world
    1·
    30 days ago

    Yeah, but the thing is, I’m not really afraid about anyone else. If someone steals my laptop or finds it or whatever, I don’t really care about what they do with my docker cache. And I’m not a target of any particular hacker group. I just feel dirty when corpos train their LLM on my data to sell me useless shit back, so that’s kind of the only thing that I would like to avoid.

    • Pup Biru@aussie.zoneEnglish
      1·
      29 days ago

      i think they’re 2 different, but equally important things to protect against

      shit companies using your information is almost guaranteed so you want to protect against that, but FDE does nothing for that

      but losing your laptop with an unprotected disk can be catastrophic for your life… your entire browser session (so probably your email, and therefor password resets and confirmations), any cloud (or self hosted storage with saved credentials) storage that you have… idk about you, but the contents of my disk are plenty to steal my identity even without needing to social engineer, and with my email and other bits of info that’s plenty to social engineer probably anything up to and including a passport

      training an LLM on chats might make you feel dirty, but an unencrypted disk can ruin your life for years and cause problems potentially forever