Yup. You'll need to tkinker with Linux too if you want disk encryption. At the very least, set a BIOS password.
this post was submitted on 26 Apr 2025
127 points (92.6% liked)
Linux
53624 readers
1319 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
Good practice is putting anything important on an encrypted USB drive (as that stuff usually isn't very big), and just treating the machine as "kinda insecure"
If you set up a BIOS password, someone at least needs to unscrew your computer to get stuff. But this is generally not setup because people, well, forget their passwords...
I still remember years ago one time windows fucked itself and god knows why I couldn't fix it even with USB recovery or stuff like that (long time ago, I don't remember).
Since I couldn't boot into recovery mode the easiest way to backup my stuff to a connected external drive was "open notepad from the command line -> use the GUI send to.. command to send the files to the external drive -> wait and profit" lol.
Previous versions of Windows only permitted drive encryption in their premium tiers, and it seems like the current one possibly requires a TPM chip for it, so a lot of hardware won't even support it. So basically greed or greed.
For what it's worth it's not always a default with Linux installations either. There's a usually minor performance hit, though I can't say it ever bothered me. Personally I have less fear of bad actors obtaining physical access than I do myself breaking something catastrophically and losing my access, so I don't use it now.
Are you saying the performance hit is from running off an encrypted drive?
There will be some additional time and resources required to read and write encrypted data, even if minor.
Given that AES instructions have been implemented directly in the CPU since 2008, any performance penalty should be negligible.
Thank you for the info! I like your username.
I think on laptops Windows i trying to encrypt the drives. Maybe online if you are logged in to a Microsoft account for bitlocker to save the encryption key. Encrypting the drives should be your decision to take.
Yes, my sister bought a laptop it had windows and bitlocker installed.
She doesn't know what any of those things are nor does she have an encryption key.
So she was not able to resize her partition to try to dual boot linux - she'd have to totally kill windows (which I suggested, of course, but you know. . . ).
It stops her doing what she wants because she was given something she doesn't understand by people who didn't explain it. At least she is "safe" though according to someone else's definition. I guess coud've just said "Basically, microsoft" for short.
Microsoft makes all the decisions for you.
Try using a virtual machine before doing a full switch