[coldtea]

FDE is not supposed to be an anti-stealing mechanism anyway.

Besides any potential thief wont even know whether you're running FDE or not on the laptop they steal, or whether it would be bricked or not. They can always sell it for its parts (screen, etc) anyway.

[nickpsecurity]

It actually is a mechanism to reduce impact of theft. Someone with access to your computing hardware might modify it to subvert the system, read keystrokes, decrypt drive, leak it, and so on. This can be as simple as Customs installing something as you leave the country during an "inspection" then reading keys right off when you come back. Not saying it happens so much as a concern we had during a brainstorm. Or someone plugging in an attack tool into your Firewire port while you take a piss at Starbucks. Or you plug in USB drive they dropped with a radio and attack kit in its connector.

Whereas, if someone straight-up steals it, they have no chance of recovering data if the encryption is strong and key isn't in memory (eg cold boot). You can also transmit media through untrusted channels that way. Even NSA's Inline Media Encryptor, which my inspired my designs, has that use case.

[coldtea]

>It actually is a mechanism to reduce impact of theft.

Sure, but that's different from anti-stealing (and I mean stealing the machine of course, not the data).