I want to encrypt my drive, but ensure that the encryption keys never leave systems that I physically control.
I sure as hell don't want to encrypt my drive a second time because the default setting (that I could only change later, when I'm actually using the computer) for the drive encryption software was to upload the drive crypto key to The Cloud.
I sure as hell don't want to encrypt my drive a second time because the default setting (that I could only change later, when I'm actually using the computer) for the drive encryption software was to upload the drive crypto key to The Cloud.
Or am I misunderstanding your question?