I’ve enabled full hard drive encryption on all of my devices. The only exception
is my homeserver (mainly running Nextcloud), where all of my personal data is
stored. I’m the only user and have chosen a very strong root- and user password.
From what I’ve researched, the only person who can see my data physically is the
super user (aka. me), but if someone else doesn’t have the password, they can’t
read anything critical and my personal data are safe from the eyes of others.
Is that correct? If it is, why does LUKS exist?
If the risk of physical data theft is high, your data is at risk. If the risk of physical access to you machine is rather low, encryption might actually increases the risk of losing your data simply by the chance of losing the means to access your data (forgotten passphrase, lost hardware key…).
If the risk of physical data theft is high, your data is at risk. If the risk of physical access to you machine is rather low, encryption might actually increases the risk of losing your data simply by the chance of losing the means to access your data (forgotten passphrase, lost hardware key…).
It might also be harder to recover picies if the hard drive fail partially. However, many use SSD now, might be a different story there.