On Mon, 3 Jul 2017 at 01:03:13 +0200
Arnt Karlsen <arnt@???> wrote:

> On Mon, 3 Jul 2017 00:42:52 +0200, Alessandro wrote in message
> <20170703004252.748a9c7f@ayu>:
>
>> Il giorno Wed, 28 Jun 2017 19:38:11 +0200
>> Didier Kryn <kryn@???> ha scritto:
>>

>>> Le 28/06/2017 à 15:40, Stephan Seitz a écrit :  
>>>> And today you should always encrypt your discs.     

>>>

>>>      I don't see any reason to encrypt /usr. You might like to
>>> encrypt /etc because it contains user names and (already encrypted)
>>> passwords. But definitely there is no reason to encrypt everything.  

>>
>> Valid reasons to encrypt /usr include:
>>
>> 1) /usr resides on the same partition as / and/or /home (trivial
>> case); 2) protecting its files from being tampered with when the
>> device is offline;
>> 3) making harder to someone who can access your
>> offline HD understand which partition is /, or /usr or /home, so that
>> the attacker will have to try to decrypt them all;
>> 4) you put stuff in /usr/local that might contain
>> keys/passwords/sensitive information that would better be kept
>> protected.
>
> ..if you wanna protect /usr/local, chop that off /usr and
> encrypt, mount etc them all as you damned please.

I forgot to mention: leaking your collection of installed software is
sometimes itself leaking personal and possibly sensitive information about
yourself and your business, for the same reasons TCP/IP traffic metadata is
important in it's own right. Plus, if you travel extensively, you might not
know if the place you're traveling into has enacted some restrictions on the
kind of software you are allowed to own and run.