Although encryption of the disk (as offered during installation) is a good idea, it protects against loss of the system or disk while powered down. It does not protect against unauthorized access to the running system, and if the threat model includes that, zeroing (or better yet, multiply overwriting with varying patterns and then zeroing) offers protection that disk encryption does not.
Neither action protects against determined state equivalent actors or malware implanted in the drive controller. Tom Dial On 05/02/2016 11:17 AM, debian-user-digest-requ...@lists.debian.org wrote: