Harddisk Encryption

[Karoliina Salminen]

Hi,

On 11/26/06, Andreas Jellinghaus <aj at ciphirelabs.com> wrote:
> > But to have the option to encrypt the root partition by default during
> > the installation is a very good feature request !
>
> encrypting root by default would be a bad idea, as the encryption takes
> away a lot of performance and usability (not so much because of
> stressing the cpu, more because of additional latency and design issues).
>
> Also I prefer a non-luks setup with rsa keys and passphrases on them,
> so I can replace that with smart cards and pin if I prefer.

It shouldn't be default of course, but the installer could offer choices like
1. standard desktop with non-encrypted drives
2. encrypted system

I never encrypt my home computers (it would be pretty stupid thing to
do so when the performance isn't that good even with unencrypted hard
drive) but in corporate world, the encryption is often a requirement
for being able to take laptops anywhere outside the company premises.
Big companies often don't have very open ideology, everything is
confidential, secret etc. by default and to get install base on
corporate laptop users, the encryption should be there as a possible
installation choice, but _not as the only default_

Best wishes,
Karoliina