I’m setting up FDE and wonders which one is better. “LVM over LUKS” or “LUKS over LVM”? Or something else? Does one is definitely better then the other? What are your preference?
Thanks.
I’m setting up FDE and wonders which one is better. “LVM over LUKS” or “LUKS over LVM”? Or something else? Does one is definitely better then the other? What are your preference?
Thanks.
The most common physical attacks will be you misplacing your device or some friend/burglar/cop taking it. FDE works great in those scenarios.
Not really, rewriting the boot sector with your malware can be scripted so even the average burglar could use it. Using a previously stolen laptop without reflashing the firmware or something similar isn’t worth the risk imo.