2 Replies to “Brief conversation about disk encryption”

  1. Isn’t disk encryption rather pointless when the most crucial part of an OS, the kernel + modules are unencrypted somewhere on the disk?

    Unless you have verified exec or signed kmods or smth like that…

  2. This depends on your thread model. If you just want to protect a powered down lost/stolen computer than it works. If $spyAgency sends a evil maid to change your bootloader into keylogger than you’re screwed.

Comments are closed.