This has probably been asked many times in the past but things change.
I am the only user to my PC with Endeavour on my nvme and all my games on a separate SSD mounted to /home/Games.
Iv seen many people saying you should encrypt your drive others say no point if its a desktop only you use, So I have no idea if I should or just leave it as is.
What are the pros/cons since in today’s world, more things can cause harm to your PC…
If you expect glowing agents near your computer - encrypt
Drive encryption protects you against theft, or accidental physical loss of your device. With modern machines the overhead is fairly minimal so for most people it makes sense to encrypt.
@dalto Well I don’t think anyone will be stealing it since I live in the countryside where crime is basically 0%. But that doesn’t mean It can’t/wont happen.
@keybreak No agents thankfully XD but I do have many external drives one in particular has all my personal photos and files id rather not someone else have access to… so maybe encrypt external drives only ?
If I had a laptop and was using it occasionally outside my apartment, I would encrypt. As it is now… if someone has broken into my home, I have much bigger problems than the loss of my computer (no actual financial information is available without external verification so… )
Yeah, encrypting valuable info especially for backups would make total sense to me
It can also help with forgetting to wipe a drive before you sell or dispose it.
Perhaps a better question would be why would you not encrypt?
@dalto Well from what I have read one thing people seam to say a lot is that encryption makes recovery a pain in the ass. Not sure if that has changed now though, and its not like I would have much to recover anyway.
One thing I am a bit confused on is obviously you encrypt the main drive where Endeavour is installed. Do I also encrypt my SSD who’s mount point is /home/Games also ?
Also I have 2.5" HDD that I move between my laptop and PC if i encrypt the drive with my PC im guess my laptop can’t de-crypt it at all ?
@keybreak @Beardedgeek72 My laptop has 3 drives and a M-Sata drive in it… do I have to encrypt all of them ? And how would the system handle de-crypting them
Trust me. You will want to encrypt anything that has your data on it. A laptop or desktop should be expendable in the sense if it was stolen your data is not accessible or destroyed by fire etc it is recoverable from cloud backup. Expect the worst and plan for it.
If your games and game saves are on a separate drive for /home. I probably would not consider these confidential enough to encrypt. But good practice that every physical drive has full disk encryption.
With today’s SSDs the encryption overhead in terms of performance impact is negligible.
With Linux you will want to encrypt not only root but also swap partition.
A Windows drive or partition with Bitlocker enabled can be accessed by Linux with dislocker package.
@QAP Thanks for the information, although call me old fashioned but I don’t trust the cloud or google for backups. To many companies get hacked so I keep all personal stuff on two external drives, one is 3.5" drive for my Desktop PC and a 2.5" drive for my laptop.
So while my PC might have nothing on it except games… Firefox on the other hand has my Email/usernames and passwords saved. Sadly I don’t think any browser has that kind of security that stops you from seeing such information without a password. Might be wrong but I haven’t looked into it much.
Should look around for a cloud backup that you can trust beside google/dropbox. I’d recommend Datto but those are corporate products.
I mean you could just create an encrypted container before it syncs to cloud, but then any changes it syncs the entire container as an upload instead of incremental changes. Just for personal data i.e. identity documents, bank related, tax documents etc. So even if google/dropbox is hacked. All they got was an encrypted container and no key to open it.
One onsite backup and one offsite/cloud backup in case provider goes bankrupt. 2 different backup locations. You’ll have to trust someone in the cloud as the house can be compromised.
You mentioned you use firefox to save passwords. I use Bitwarden. You can do encypted vault backups locally as well to keep. Excellent LastPass alternative.
In the end I am not trying to scare people by saying the house will get robbed or completely burn down. But encryption is free and “what if”. Have onsite backup and offsite/cloud backup.
It does feel good to know if all my machines were stolen or destroyed.
- I have home insurance, which I update every year to cover contents value
- Noone can access or recover my data
- I can pull it off cloud onto a new machine
Overwhelming majority would agree.
@QAP I just found out Firefox has a primary password so you cant see any passwords without it. Sadly it doesn’t stop you going to sites where you are already logged in. Would have been nice to require a password before a browser open’s at all but I can’t find anything like that.
This might be a dumb question since I don’t 100% understand the way encryption works and the Linux file-system but…
I keep my entire install on my 1tb nvme, no splitting the home directory somewhere else like some people do. Since I game there is a /home/Games directory on my nvme, however because 1tb is not enough I have mounted my 2tb SSD to /home/Games.
So correct me if I am wrong but would my SSD, or the games on it also be encrypted since its mount point is the Games folder on my nvme. Or do I need to encrypt the SSD as well ?
Just wondering if the mounted drive might provide some vulnerability since its mounted to home/Games.
No, the mount points don’t matter. If you encrypt the nvme but not the sata ssd then any data on the nvme will be encrypted and any data on the other ssd won’t be.
It shouldn’t cause a vulnerability but the data on that drive won’t be encrypted.
Ah thanks for the clarification @dalto so I will just encrypt my nvme. the idea of loosing just game files doesn’t matter since most games are digital anyway.
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.