• ooterness@lemmy.world
    link
    fedilink
    English
    arrow-up
    33
    arrow-down
    3
    ·
    6 months ago

    Full disk encryption doesn’t help with this threat model at all. A rogue program running on the same machine can still access all the files.

    • thayer@lemmy.ca
      link
      fedilink
      English
      arrow-up
      18
      ·
      6 months ago

      It does help greatly in general though, because all of your data will be encrypted when the device is at rest. Theft and B&Es will no longer present a risk to your privacy.

      Per-app permissions address this specific threat model directly. Containerized apps, such as those provided by Flatpak can ensure that apps remain sandboxed and unable to access data without explicit authorization.