Full-disk encryption performance in Librem 5


#21

I’m not sure I understand. Are you saying that disk encryption cannot be turned off? While Android provides no clear way to turn off disk encryption, I can assure you it can be done.

If you mean something else, please explain.


#22

I’m saying that once it’s enabled you can’t disable it.


#23

Full disk encryption can be removed. You do have to reformat the disk though so all files must be backed up somewhere else. It isn’t easy but it can be done.


#24

Sorry I thought I saw you say that you enabled and then disabled full disk sorry


#25

I guess I made it sound easy. On Android it used to simply require a factory reset. Now it requires deleting the LUKS header on the filesystem by reformatting from the recovery.


#26

Hi all,

Sorry to revive this old conversation, there was no official statement on fde yet.

As we know from


there will be no TPM in the librem 5.

Have you (puri.sm) or someone with a dev kit already tested a fde and the resulting performance (if it’s already testable)? Will a full disk encryption be some kind of standard on the phone? Even without a TPM it would be possible for me to enter the very long decryption password on boot up - assuming that with the battery time and loading the battery before 0 % I won’t have to boot up many times.

In case there is no fde planned, having everything e2e encrypted but all your “junk” or even log in data with the decryption keys lie unencrypted on your phones unencrypted disk? :-/ I am feeling a bit odd that a robber could see photos (my junk ;-)) made on a librem 5 if they were not encrypted.

Maybe @dcz or @nicole.faerber could give some insight if fde as standard is planned :slight_smile:

Thank you


#27

Interested as well, FDE is crucial. (or something similar of course)


#28

I found the following: