Announcement

Collapse
No announcement yet.

Learn More About Systemd-Homed For How Linux Home Directories Are Being Reinvented

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by frank007 View Post
    Browsing != connecting for browsing
    https isn't a VPN, the only traffic that is encrypted is the important parts (communication to/from the server). Most of the actual page content is still sent over http.

    See some easy examples of leet haxxoring of clients in an open wifi.
    https://fractionalciso.com/wifi-pineapple/

    Maybe you forget all the persons who make the Linux world great with all their free work.
    Maybe you forget all those companies that invested billions of dollars over decades to make Linux world great with all their paid developers work.

    The actual path betrays all those persons, and all those persons still believe in Linux.
    I don't care. I need a tool that works well, and these people alone are insufficient to deliver it.

    Comment


    • #12
      Originally posted by frank007 View Post
      Browsing != connecting for browsing

      Maybe you forget all the persons who make the Linux world great with all their free work. The actual path betrays all those persons, and all those persons still believe in Linux.
      You probably think that Linux is mostly volunteer work. It isn't. It's mostly commercial and that's a good thing. Neither GNU or Linux has ever been a communist project. In fact GNU and the FSF recommends against giving away software free of charge. Because developers need money. Linux has always been intended to be free of charge, but has never been anti-commercial.

      Comment


      • #13
        Originally posted by Danny3 View Post
        after I saw the video with the "Security above everything" including usability, I don't think I will like this.
        in other words, your choice is https://en.wikipedia.org/wiki/Dancing_pigs

        Comment


        • #14
          Originally posted by frank007 View Post
          Maybe you forget all the persons who make the Linux world great with all their free work.
          what did they eat?

          Comment


          • #15
            Now I'm wondering: what kind of performance should I expect with a stack like ext4 -> loopback -> luks -> ext4?

            Comment


            • #16
              I'm watching the video. This all seems Microsoft-ish in the extreme.

              Comment


              • #17
                Originally posted by pal666 View Post
                in other words, your choice is https://en.wikipedia.org/wiki/Dancing_pigs
                More like babysitting systemd users who apparently don't know the difference between suspending and power cycling.

                Comment


                • #18
                  Originally posted by Shiba View Post
                  Now I'm wondering: what kind of performance should I expect with a stack like ext4 -> loopback -> luks -> ext4?
                  I haven't toyed around, but ecryptfs and encfs sound more ideal, since those encrypt in user-space and per file.

                  Someone with more knowledge can tell if those are worse or better ideas than luks.

                  Comment


                  • #19
                    Originally posted by Zucca View Post
                    I haven't toyed around, but ecryptfs and encfs sound more ideal, since those encrypt in user-space and per file.

                    Someone with more knowledge can tell if those are worse or better ideas than luks.
                    Depends on your needs. The TLDR is go with LUKS if your CPU supports AES, especially if you have a laptop.

                    LUKS & other per disk/partition methods are good for root volumes -- hard for someone to physically add a key logger if the drive can't be decrypted. Performance penalties may occur depending on hardware and encryption method used. Especially useful with laptops since no one will be able to access the system or clone the drive to get its data.

                    Per file encryption, OTOH & IMHO, is more useful if you don't have a newer system and full disk methods slow your system down (no AES). They're also useful on shared setups where LUKS is being used but you want some form of privacy...like family PC with a single user account scenarios... They're also useful on secure workstations where LUKS is pretty unnecessary and any encryption overhead, however minimal, is undesired; like a git or compile heavy workstation where a few confidential folders need to be kept secure but the rest needs pure, raw throughput.

                    If you have a modern desktop system with AES support, that's basically anything x86_64 from 2010+ and quite a few ARM CPUs, there's no reason not to use LUKS or ZFS or whatever with AES since we essentially get free disk security unless you have one of those specialized environments where it isn't really required.

                    Comment


                    • #20
                      Originally posted by pal666 View Post
                      what did they eat?
                      You seem to me an old-oriented man.

                      Comment

                      Working...
                      X