Full Disk Encryption
Discussions focus on the effectiveness of full disk encryption (FDE) in protecting data from physical access attacks, theft, and tampering like evil maid or cold boot exploits on laptops and drives.
Activity Over Time
Top Contributors
Keywords
Sample Comments
this sounds like a good argument for using whole disk encryption to prevent tampering if nothing else
Physical-access always means "game over" unless full-disk encryption is used.
Not if you have full disk encryption. Of course they could try a cold boot attack if the computer was found on, but normal criminals don't have that expertise.
Would this still work if full-disk encryption were enabled on the victim machine?
A powered-down machine with full disk encryption is reasonably safe against physical access, I still hope?
your usb key might get stolen. Full disk encryption and regular backups probably buy better assurance.
They are not secure at all. Full disk encryption is the only way to protect your data in case a stranger has physical access to your device.
My guess: if you didn't set a password for the disk encryption, you have no protection for that scenario.
If you use full disk encryption, all you have to do is throw away the key. Works for solid state and hard drives.
Not my hard drive, the disk itself is fully encrypted and won't work in other laptops without that bios password (I also use a truecrypt-like thing at the filesystem level). The main attack I need to worry about is someone replacing the keyboard, etc.