[prawn]

If you're trying to remote-wipe your computer so that a thief doesn't access your sensitive data, wouldn't you want the data to be lost permanently?

[danweber]

Could be. But that's a very different problem.

Old-school computer security breaks things down into the CIA categories:

Confidentiality is for things you want secret. Integrity is for things you want to not be altered. Accessibility is for things you want to be able to reach.

Honestly, very little of data requires confidentiality. Yet that's what encryption is usually used for. I would, by an order of magnitude, rather have a hacker gain access to my family photos than have them deleted beyond my ability to recover.

I hate whole-disk encryption. In nearly everything in my life, the threat of losing access to my data is vastly worse than someone else accessing it.

[cstejerean]

Losing a laptop can and will happen at some point. At that point, if you don't have a backup you will lose access to your data period. Full disk encryption means nobody else will get to that data.

Keep an unencrypted backup in a secure location, not on a device you are bound to lose in a coffee shop or airport.

[steve8918]

I encrypt the entire disk of my laptop. That can contain potentially important information, and it also has the best chance of being stolen or lost. I can keep relatively important piece of information on my laptop now after I installed TrueCrypt and encrypted my entire disk. It makes hibernating my laptop about 20x slower, so I stopped doing that, but it's completely worth it.

[prawn]

Interesting - hadn't heard that CIA thing before.

I run a business. A good deal of what is on my laptop I would put in the confidentiality category. I guess apps and settings would come under integrity.

[danweber]

Yeah, one of the points of CIA is to help you identify which problems you want to fix. A lot of business assets do require confidentiality, and you have to spend correspondingly more money and time dealing with it.