this post was submitted on 06 Jul 2024
283 points (94.6% liked)

Privacy

31876 readers
567 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 4 months ago (4 children)

Does encrypting your disks change something for the end user in day to day usage? I'm honest, I've never used encrypted disks in my life.

[–] [email protected] 7 points 4 months ago

Whole disk encryption wouldn't change your daily usage, no. It just means that when you boot your PC you have to enter your passphrase. And if your device becomes unbootable for whatever reason, and you want to access your drive, you'll just have to decrypt it first to be able to read it/write to it, e.g. if you want to rescue files from a bricked computer. But there's no reason not to encrypt your drive. I can't think of any downsides.

[–] [email protected] 5 points 4 months ago* (last edited 4 months ago) (2 children)

No, the average user will never know the difference. I couldn't tell you exactly what the current performance impact is for hardware encryption, but it's likely around 1-4% depending on the platform (I use LUKS under Linux).

For gamers, it's likely a 1-5 FPS loss, depending on your hardware, which is negligible in my experience. I play mostly first and third person shooter-style games at 1440p/120hz, targeting 60-90 FPS, and there's no noticeable impact (Ryzen 5600 / RX 6800XT).

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

For gamers, it’s likely a 1-5 FPS loss

I highly doubt it... would love to see some hard data on that. Most algorithms used for disk encryption these days are already faster than RAM, and most games are not reading gigabytes/sec from the disk every frame during gameplay for this to ever matter.

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago) (1 children)

If it has to go to disk for immediate loading of assets while playing a video game you're losing more than 1-5 fps

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago) (1 children)

Maybe, but not every frame while you're playing. No game is loading gigs of data every frame. That would be the only way most encryption algorithms would slow you down.

[–] [email protected] 1 points 4 months ago

You're more likely going to get stuttering or asset streaming issues which are going to have more impact than losing a few fps.

[–] [email protected] 4 points 4 months ago (1 children)

It's transparent for end user basically, but protects the laptop at least when outside and if someone steals the computer. As long as it was properly shutdown.

[–] [email protected] 0 points 4 months ago (2 children)

Define properly shut down. Do your thieves usually ask first?

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

I think they're just referring to an outdated concept of OSes with non-journaling filesystems that can cause data corruption if the disk is shut off abruptly, which in theory could corrupt the entire disk at once if it was encrypted at a device level. But FDE was never used in the time of such filesystems anyways.

[–] [email protected] 1 points 4 months ago

If you suspend the laptop when moving locations instead of shutting down or hibernating to disk then disk encryption is useless.

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

It depends on how you set it up. I think the default in some cases (like Windows Bitlocker) is to store the key in TPM, so everything becomes transparent to the user at that point, although many disagree with this method for privacy/security reasons.

The other method is to provide a password or keyfile during bootup, which does change something for the end user somewhat.