It's really about personal privacy. Your computer is likely to be stolen and sold. If you don't want others reading your email, viewing your pictures, seeing your tax returns, etc. then you should encrypt the drive.
I call this "The Pawn Shop Threat Model" ;)
And, IME it is likely to happen.
I have purchased 6 multi Tb external drives at estate sales. My son brought home a few from a summer working as a mover. In his experience it was divorcing spouses throwing out each others stuff.
All of these drives had Pii and personal photos. Some of the estate sale drives included pii of children and grandchildren.
I've found a few cheap hard drives at thrift stores. I used to buy them just in case someone had left a crypto wallet on them.
They're usually formatted but not wiped, so even recuva was typically able to claw back all of the missing data and restore the whole drive.
Family photos, nudes, sex videos (homemade and professional), downloaded movies, pirated games, I've found them all.
If you're dumping a drive and you don't DBAN it first, other people getting to see your shit is 100% on you.
You left out the most interesting part - did you find any BTC?
No, I would have included that otherwise, lol.
I feel like there's other solutions to protecting your and your family's PII than encryption by default.
Could you share them?
Not selling drives without securely wiping the data, for starters.
"What about unhappy exes?" Well if they really care about the kid and know the exact spouse is techy enough, they'll put their ego aside for the kid and ask their ex to do it.
> Your computer is likely to be stolen and sold.
Likely? How likely is it? I've never had a computer stolen, nor has anybody I personally know. So it doesn't seem to me like it's all that likely.
Personally, I find whole disk encryption to be more risky than it's worth. I much prefer encrypting things on a file-level instead.
OP might mean "laptop" instead of computer. Or more specifically, laptop that is regularly taken out of the home.
I'm with you. If someone wanted to steal any of my computers, they'd have to break into my house. Possible, but also statistically unlikely, as I live in a reasonably safe community and lock my doors. I don't see the benefit of full disk encryption on a bunch of computers I keep in my home. For the special case of a laptop that is frequently taken out of the home and used in public, where thieves might be? Sure, encrypt it.
I knew a guy whose laptop was stolen and it had a major companies game engine source on it - which was not open source (he had done some contract work for them).
Personally I used LUKS encryption on a system76 laptop for 7 years and it worked fine - still going in fact. I was always worried about it failing especially after an update, but that never happened.
For backups to offline media I still do use file-level encryption though.
That's why I understand businesses requiring full disk encryption on their devices and on contractor devices, because in their case they are fine with losing data as they have many copies of it elsewhere.
In a small business, I've been responsible for buying laptops for a while.
In about 300 person-years, we've had two laptops stolen. Both were stolen while the staff were on trips abroad, and the staff were both rather careless IMO.
> It's really about personal privacy. Your computer is likely to be stolen and sold. If you don't want others reading your email, viewing your pictures, seeing your tax returns, etc. then you should encrypt the drive.
There is a very real security vs. availability trade-off though. Is the average person more concerned with others reading their emails, viewing their pictures, seeing their tax returns, or are they more concerned with losing access to those things themselves?
Losing access to an encrypted drive is a very real possibility (people often forget their passwords, and are used to that being recoverable), and is the data loss is probably more impactful than privacy loss for many people.
It's been a while since I've set up a windows machine and this may already be mentioned, but when I sign up for signal I got lots of warnings that were like "warning if you lose your phone and encryption key you will lose your data"
That way I know what I'm signing up for.
Just put "encrypt? Yes no" in the on-boarding flow and let people know what the risks are and what they may be protecting against. I'd probably default to off because people don't read wizards and the last thing someone wants is to lose their entire HDD because they accidentally made a decision they didn't understand.
And maybe for a certain period of time they can nudge users to read about encryption and decide if it's right for them, or just easily disable that nudge. Maybe even basic education like "if you find yourself forgetting your password often then maybe encryption is not for you" or something like that.
Windows is already optimized for extracting as much value from customers as possible, may as well help them make at least one informed decision.
Your computer is not "likely" to be stolen and sold.
And the worst part is, I have seen computer repair shops that refuse to work with a laptop if it has an encrypted system drive, under the guise of "how would we then validate the fix?"
Surely not likely at all for a gaming desktop that's going nowhere in my home.
For business users with notebooks who fly around a lot or spend time in coffee shops, it's possible.
> Your computer is likely to be stolen and sold.
Quite a stretch. In almost 50 years of using computers every day, never had one stolen.
For the typical user, this is far far far more likely to happen than that they would “pop out” the drive and read it in another machine.
Defaults should be safe for most users. Power users are exactly the people who can deal with changing a setting. It’s constantly surprising to me when technical people insist that defaults should be optimized for technical people.
This is not the correct model. For a typical user, they can bring the laptop to someone knowledgeable, who will pop out the drive for them.
The main question is: What is the biggest risk: theft or data corruption.
In my experience, corruption and ransomware is more common so FDE should be off for households desktops or laptops, as these rarely leave the house. A business tends to have managed devices and data loss is a legal nightmare, so FDE should be on. The main thing is: people should be able to choose.
There is a happy medium. Encrypt the user directory/s and leave the rest of the disk unencrypted. There is still a risk that the user loses valuable data due to corruption, but there is much less of a risk of the entire system being unusable or unrecoverable because of corruption or ransomware.
You're proposing encrypting the only thing that merits recovery?
> Your computer is likely to be stolen and sold.
No, it’s not.