im using Windows OS and i wish to switch to Linux with GUI, i dont have any distribution in mind (i know Ubuntu has huge community, so maybe xubuntu). Before i do the Win/Linux switch, i want to ask for a link to tutorial or advice regarding HDD encryption.
Im looking for quick & secure way to encrypt whole filesystem (including /boot) so i have peace of mind that nobody will read any data. I also want easy of use, im linux noob in command line so i prefer GUI tool. Can you please give an advice on solution?
Thank You, as per this article i have an impression that all disk encryptions (including yours linked) where /boot stays unencrypted & stored at same computer is vulnerable. So any way how to bypass that mentioned hack and still not carrying an removable device with /boot partition please?
There is no way (with any OS) to fully encrypt a whole disk against someone with local access and still have it bootable (and that article explains why), but then why encrypt everything anyway … an encrypted home and swap partitions should be enough (who cares if they can access the system files as long as your home partition with your docs are encrypted and require a password to access), with enough work they’ll end up with a bootable OS but still can’t unlock your home.
There’s nothing stopping you layering these things … full disk encryption, with a separate encrypted home, with an encrypted folder … but at the end of the day, ALL encryption (including carrying /boot on a USB stick) is only about making access as DIFFICULT as possible … it will never be 100% proof against a determined attacker with local access and enough time
