There are several mis-conceptions here. I will try to shed some light. 1. Encrypting partitions or containers is what one usually does. The system will keep a copy of the deciphered key so that reading and writing to/from the container/partition will encrypt/decrypt on the fly. That is at the OS level if it is to make the data secure. It makes data secure in the sense that if the hardware were to fall to the wrong hands the data would not be recoverable. 2. Encrypting files/folders is possible but it is not typically done in a setup where the data changes constantly. It is possible in theory, but I do not know of anyone or anything (software) that goes through that kind of trouble. 3. Encrypting your filesystem will NOT save you from popups. Those two things are _entirely_ different. (See my next two points.) 4. Just because you chose to "encrypt" when you installed your system it does not mean that you are invincible, far from it. I would argue that if you do not know what your "encrypt" part of the installation does, you are at risk of losing your data. By that I mean that you may not be able to access it. In essence, you tried so hard to be "safe" that you prevent yourself from looking at the data. Of course, everyone will tell you to encrypt, but it all goes well until there is a problem. True disaster and recovery, including encrypted data, has people testing something before it is used. Your average "iznogoud" will not know what the OS is trying to do, will not test recovery of data before a disaster happens, and has no idea they are being stupid. 5. Encryption will not save you from compromised passwords, backdoors (NSA style) and plain stupidity (like clicking left and right with a bad browser in pages of unknown content and ownership). Popups usually come up on warez sites, pr0n sites, sites with tricks and hacks, scams, etc. Those are very likely to have malwere that can be injected in your browser (plugins) and cause trouble. Linux and BSD (MacOSX included) are a lot safer that MS products in my opinion. (I use encrypted containers on _every_ drive I own and I only type the password to unlock the key of the crypto system when I am sitting at the console of the system. Yes, that level of paranoia.) TrueOS is based on FreeBSD, so it is pretty safe from viruses, backdoors, etc. But if you are going to use a browser, do me a favour and do the following. Create an account on the system that is essentially a throwaway, browse all suspect content form that. Wipe clean the browser cache, config, etc, in that user's home directory. Switch back to your regular user to browse legit content. Usethat user's account when you are unsure of hte risk you are about to take. Thank me later. You can go back to a Linux system if you find what modules were used by TrueOS and 'modprobe' the same ones on the newest Linux distro of your choice.