logoalt Hacker News

bluebarbetyesterday at 10:26 PM0 repliesview on HN

Yes I understand all that. I don't have secure boot, so I'm not protected against the evil-maid attack either. I know that too.

It's why I used the word "technically", by which I meant "in the absolute". What word do you propose instead? Encryption that can be worked around by anyone with skills and commonly available equipment is technically useless. It offers some protection (the thief will probably reboot or unplug) but ultimately it's null and void.

>Most people expect

This would need to be sourced. I say most people expect "encryption" to be as secure as the encryption password. In the case of an unattended sleeping computer using Linux with FDE enabled and the screen locked, it's not. I'm not sure most people know that. I believe things are different on, say, iOS. All of this was the rationale for Debian's (buggy) feature.