I'm not talking about full disk hardware encryption. I'm talking about software encryption.
encrypting /home
prevents your data after your laptop is stolen. As far as I understand, encrypting /
and /boot
is supposed to protect against running malware that steals your passwords (Evil Abigail). But that can only work when there is a fully secure and signed boot process (UEFI, bootloader, kernel). And (at least currently) it's not the case. So what protection does it give?