I’ve enabled full hard drive encryption on all of my devices. The only exception
is my homeserver (mainly running Nextcloud), where all of my personal data is
stored. I’m the only user and have chosen a very strong root- and user password.
From what I’ve researched, the only person who can see my data physically is the
super user (aka. me), but if someone else doesn’t have the password, they can’t
read anything critical and my personal data are safe from the eyes of others.
Is that correct? If it is, why does LUKS exist?
Not that other means of accessing the passwords aren’t worth considering, but in the real world, it takes a lot more for someone to actually coerce your password from you than to use unencrypted storage.
I generally like xkcd, but this is a harmful trivialization of the value of encryption. In the real world, anything that isn’t encrypted is negligent as hell. There’s no valid reason not to do it, with maybe the exception of a thumb drive you’re sharing across a computers you don’t control and are clearly aware is not secure.
Not that other means of accessing the passwords aren’t worth considering, but in the real world, it takes a lot more for someone to actually coerce your password from you than to use unencrypted storage.
I generally like xkcd, but this is a harmful trivialization of the value of encryption. In the real world, anything that isn’t encrypted is negligent as hell. There’s no valid reason not to do it, with maybe the exception of a thumb drive you’re sharing across a computers you don’t control and are clearly aware is not secure.