Er... actually... the asymmetric encryption used with DM (Device Manager) encryption for Linux is pretty good. But most people don’t set it up correctly. It’s best IF the keys are stored on separate media. I’ve seen major distributions make it a lot easier over the past couple of years. It’s reasonably easy with Debian and Ubuntu at the moment. Setting up encryption using separate media for keys is still manual though. Even after that though, most people don’t give a thought to data integrity and then wouldn’t know if a root kit or keystroke recorder were installed to start with. Encryption and data integrity checking have to both be good. The overall system is only as strong as those two major factors. :-)
Thanks for those comments.
I just started messing with encryption, and I am finding, as you state, that to do it right requires some thought/knowledge.
Fortunately, what I have to protect is very basic, and is info the gooberment already has!