Quote:
Originally Posted by lifewoutmilk
What's the point of disk encryption, if all the keys for decryption are stored on the disk unencrypted? Sounds like a waste of time.
|
I also don't see use case. Well, maybe if somebody has SSD, after some time he/she could sell it somebody and want to make sure that there would be any traces of useful data. SSDs have relatively large space reserved for relocations, because memory cells can be destroyed by frequently writing to them. There could be relocated data, which can't be destroyed by simply zeroing by dd, but probably can be accessed if somebody would hack SSD's firmware.
I can think about a few use cases where it can by useful if somebody stores it on Pendrive.
1. Somebody steals your laptop. You don't want to disclose your secrets to this person. The thief probably would not bother to steal Pendrive, so your data is safe from disclosure.
2. You are crossing the border. Border agent wants your password to the encrypted partition. You don't want to disclose information. If your secret is a passphrase, you can give it to them, but you won't.
If your secret is on Pendrive stored somewhere else (i.e. your lawyer has it), you can't give it to the border agent.
You have a higher probability of success to make through border when you can't provide this secret compared to when you can but just don't want to.