While this post comes off as concern trolling, I still recommend to use full disk encryption (FDE) on your drives, even if you dont keep personal information there, it makes it much harder for someone to plant or tamper data with physical access. Even so, "evil maid" attacks have been demonstrated to sniff FDE passwords and get around that if they can get physical access, but that is much more complex to pull off.
You should have a backup of critical data on a separate storage media (separate HDD/SSD) that is encrypted as well. You should encrypt personal data on cloud storage also.
And always use a VPN to avoid further traffic analysis from your ISP, I prefer PIA because their claim of not keeping logs was proven in court - https://www.privateinternetaccess.com/
The other value of FDE is that nothing touches your hard drive in a form that is readable. So when you delete something it is properly deleted. The reason why planting on a non-FDE disk is an issue is that even if you delete something the second you see what it is it still touched your disk in a way that could match a hash of known illegal material.
view the rest of the comments →
throwaway89209834 ago
While this post comes off as concern trolling, I still recommend to use full disk encryption (FDE) on your drives, even if you dont keep personal information there, it makes it much harder for someone to plant or tamper data with physical access. Even so, "evil maid" attacks have been demonstrated to sniff FDE passwords and get around that if they can get physical access, but that is much more complex to pull off.
For windows I recommend - https://veracrypt.codeplex.com/
If you are on linux, i'd go with LUKS and these steps generally work - http://www.pavelkogan.com/2014/05/23/luks-full-disk-encryption/
You should have a backup of critical data on a separate storage media (separate HDD/SSD) that is encrypted as well. You should encrypt personal data on cloud storage also.
And always use a VPN to avoid further traffic analysis from your ISP, I prefer PIA because their claim of not keeping logs was proven in court - https://www.privateinternetaccess.com/
bikergang_accountant ago
The other value of FDE is that nothing touches your hard drive in a form that is readable. So when you delete something it is properly deleted. The reason why planting on a non-FDE disk is an issue is that even if you delete something the second you see what it is it still touched your disk in a way that could match a hash of known illegal material.