Obviously "physical access is full access", but it's shockingly easy to break into a Windows box if you have access to the unencrypted drive. I learned with I was a teenager how to use the recovery partition to mount the C: drive, then copy "cmd.exe" to "utilman.exe" or "sethc.exe" and get an instant root shell on the login page. Takes about 2-3 minutes, can be done in the time somebody leaves their laptop to go to the bathroom at Starbucks.

To me that's the main thing about disk encryption, it's to stop a nasty rootkit from being installed trivially as much as it is about stopping the guy at the pawn shop from getting your tax info. Whether you're on macos, linux, or windows, it's really quite easy to fully compromise a machine if you have hands on it.

▲

hellojesus 7 hours ago | parent [-]

Agreed, specifically about the tax info concerns. All my drives are encrypted with either luks, veracrypt, or native zfs encryption if my server data.

My primary concern is a robbery while I'm not home. It's trivial to break in, steal hard drives, and then go pop them into another machine on your own time to scan the files looking for tax or other sensitive docs.

While encryption keys are a risk, you can always save the random key file or passphrase in cloud storage (using symmetric encryption) and/or in your password manager.

▲

ryandrake 6 hours ago | parent [-]

Curious: Are you specifically worried about a robber who is targeting your tax information in particular? Home breakins are relatively rare, and when they do happen, for the vast majority of them, the robber grabs whatever cash, jewelry, and other small, easy-to-pawn valuables, and are probably not going to care about computers. And for those rare robbers who actually grab your computer, what percentage of them are really going to bother going through the hard drive looking for tax returns of all things?

This attack concern sounds like a small fraction of a small fraction of a small fraction!

Unless you are a celebrity or billionaire business mogul where your tax returns or other sensitive documents might be worth something...

▲

Terr_ 2 hours ago | parent | next [-]

I think it's a mistake to assume that just because the initial burglar is technically unsophisticated, that's the end of the story. Crime can become surprisingly complicated, with its own supply chains, service providers and tool vendors, specializations, middlemen, etc. (Credit card fraud is a good example.)

Imagine how your threat-model can change if the thief—still incurious and unsophisticated—just happens to "know a guy":

1. A thief steals your computer, with no thought to who you are or what you might have on it.

2. The computer is passed to a fence for a predictable immediate cut.

3. The fence sees a lot of these computers (or phones), and knows that there are ways to extract more profit.

4. The fence has a relationship with a data extractor, and runs a provided program that gleans as much exploitable data as possible before reselling the hardware.

5. The data-extractor sees those tax files pop up, and sells those details to another criminal group that specializes in tax fraud.

If a system exists to "use every part of the buffalo", then pretty much anything can cause you damage. I'm sure somebody is already developing tools to scan a drive trying to determine likely names of your first-pet for those stupid account recovery questions.

▲

hellojesus 6 hours ago | parent | prev [-]

Maybe I am the fool. :) I think about crime in the way I would do it, which is to grab the valuables police are unlikely to care about (hard drives) that allow me to quickly clone and encrypt myself, so I can destroy the tangible evidence, and then I have unlimited time to crack and review the information, and then even more time to execute my malicious attack against identities or whatever other I information I do find.

Only slightly better than this would be to break in, install a root kit, and then leave everything else untouched so as to try and minimize the knowledge that I was there, but I'd still be concerned that my c2 server would eventually point to me.

Maybe I should read about these actual crimes or get meds. The first couple years of my first kid's life were full of anxiety that someone would break in and steal my kid while I was sleeping at night.

	▲	Sohcahtoa82 4 hours ago \| parent [-]
		Thieves are typically not technical people. If they were, they'd be using their technical skills at a legitimate job, not relying on burglarizing to make a quick buck. They also are interested in getting in and out as quickly as possible. They're not going to take the time to disassemble a computer to remove just the hard drive, they're gonna steal the entire computer. > Maybe I should read about these actual crimes You should, especially on the kidnapping front. The extreme majority of kidnappings are from a relative or someone the child knows who will run off with them during the day, not break in at night. ... Not sure that actually will make you feel better, tbh.