On Mon, Dec 16, 2019 at 19:24:33 CET, Chris Murphy wrote: [...] > But consider that as a direct consequence of the burden to > backup->luksFormat>restore, quite a lot of users opt out of encryption > entirely. The point of in-place conversion isn't perfect security. > It's to get more users to opt in, by reducing the penalty of opting > in. But why would you _want_ users to "opt in"? It seems like entirely the wrong thing to do to me. First consider that the users you are talking about do not have backups. Hence their data must be basically worthless anyways! Second, their data is so little in need of protection that something as simple and as a backup already makes them do without encryption. Hence their data must actually not be sensitive in any way! Given these two things, why on earth do you want these people to use encryption? Security comes at a price. That price has to be paid. No price - no security. There is _no_ way to fix this and trying to do so only does damage to the user by making things too complex for them to handle. Regards, Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt