I’d like to hear from a cryptographer or cybersecurity expert, a risk assessment of what information both users and decision makers might care about is leaked with non-encrypted metadata (current fscrypt implementations).
My lay person expectation is quite a lot could be inferred about installed software. While those things aren’t secrets (the code is published), it could have legal impact for individuals in certain countries, such as journalists and dissidents. Whereas user data like documents, cache files, there’s quite a lot of noise and banality that I’m not certain whether much can be drawn from modification dates or file sizes. Other than the obvious: these are database files, these are LibreOffice documents. How much of this kind of leakage is too much? How do we even go about determining that? And to what degree (and how) should we inform the user of the difference in confidentiality provided by fscrypt vs dmcrypt?
I think in Fedora the advantage of fscrypt simplicity, and the ability to do very cheap encrypted incremental send/receive to a Fedora Server for backup, overwhelms the minor confidentiality advantage of dmcrypt fully encrypted the fs metadata. But perhaps that’s naive, hence wanting a domain expert on the subject to clearly describe what use cases, workflows, individual for instances that are at risk with metadata leaks.