why encrypt the system partition?

[kalpana]

i was just reading a thread where someone wanted to encrypt the system partition. is this to hide password files? user lists? guard against root kits?

when you boot up, you would enter your encryption pass phrase and bring your system up exposing your system partition to everyone on your system. maybe all you really gain is the ability to obscure your data from hardware thieves.

i do not believe i am someone that world wide national intelligence agencies would have an interest in. so i don't need to make my system so strong that it blocks even them. not that i could really accomplish that. my worry is hacker kid thieves. of course certain kinds of data could be of interest to others, but this is generally worked on in databases which can have their own security. of course, i don't put databases on system partitions. maybe on /home/data or just /data.

i once wanted to do a full drive encryption. then a system with 3 separate drives got me to rethink what i am doing and re-addressing the thought chain of what kind of encryption is needed, now on individual storage devices.

my latest idea is to have a clear system that can boot up all the way without any prompt for an encryption pass phrase. thus, i'm not letting thieves get the idea there is any data of value to others (like bank account access) on it. the first drive would be a complete system (Ubuntu Linux) that is fully usable. the 2nd drive would be a rescue drive (because it is only 120G) and also not encrypted. the 3rd drive is where the encryption will be. after it is mounted (whole drive encryption) then it can be substituted for usual mounts to effectively be running on the encrypted storage device. the evil maid would need to know how this work to take control. but, like i said, above, i doubt i am that big of a target. that, or i have my real "system" in my pocket at all times.

discussion?