Originally posted by frank007
View Post
Announcement
Collapse
No announcement yet.
Learn More About Systemd-Homed For How Linux Home Directories Are Being Reinvented
Collapse
X
-
- Likes 2
-
Originally posted by starshipeleven View PostBut... But... Linux can do it too with some 300-400 LoC of shell script and a neckbeard writing them.
Why having good things when you can hack together shit with shell scripts.
- Likes 2
Leave a comment:
-
Originally posted by intelfx View PostJust what is the "actual page content", if not "communication to/from server"?
I meant the user-specific bits of the page and any information that is sent back to the server from the user.
The next Chrome builds will go as far as blocking HTTP resources embedded in a page served over HTTPS, as well as blocking HTTP downloads started from HTTPS.
- Likes 1
Leave a comment:
-
Originally posted by Ananace View Post
I spoke with Lennart after the talk he held at DevConf, and there seems to be a surprisingly big misconception on when the encryption is actually locked again. Locking the screen/session isn't supposed to instantly re-encrypt your homedrive, though I can't imagine that it'd be impossible to add a hook for that.
The default - from systemd - is supposed to be encrypting only when your computer suspends/hibernates/shuts down - or after a timeout when no inhibitions are active, not when your screensaver starts or something inane like that. Though the default from your dist might be something completely different, as with all systemd settings.
If you're worried about losing downloads, then you should make sure your download tool knows to add a power saving inhibition during a download, otherwise you're already likely to lose them in case your computer wants to power save. Homed should not change this in the slightest, only add some additional security to after your computer has decided that it's no longer in active use.
Do you know, on an off-chance, are they going to use the idle timer directly or just the session lock status?
- Likes 1
Leave a comment:
-
Originally posted by starshipeleven View Posthttps isn't a VPN, the only traffic that is encrypted is the important parts (communication to/from the server). Most of the actual page content is still sent over http.
Just what is the "actual page content", if not "communication to/from server"?
Browsers have been emitting warnings about mixed security content for a few years now. The next Chrome builds will go as far as blocking HTTP resources embedded in a page served over HTTPS, as well as blocking HTTP downloads started from HTTPS.Last edited by intelfx; 07 February 2020, 09:17 PM.
- Likes 1
Leave a comment:
-
Hmm, I like most of these ideas, especially encrypting on suspend.
One thing cross my mind: couldn't we actually swap RAM the user's programs use to the encrypted home as well?- users can find their work again when locking their session on a multi-user system
- protected against unexpected shutdowns/USB stick removals
- Protect more than the decryption keys: also the decrypted data that sits in RAM
It might require a user namespace, though, as it would cause problems if the user elevates their privileges, or explores their filesystem with elevated privileges.
Leave a comment:
-
Originally posted by cjcox View Post
Of course. Just like systemd, you are free to not use it at all. To remove systemd: Step 1 (of 3,567,888)...
Step 2 - click Install to Hard Disk
Step 3 -
Step 4 - Profit!
Leave a comment:
-
Originally posted by frank007 View Post
Please, don't use my words out of context.
- Likes 2
Leave a comment:
-
Originally posted by bridgman View PostIs it just me, or is this thread hard to follow ?
personally I see a lot of potential in homed and can’t really reject it out of hand. I’m not a big fan of laptops but do travel around with one. This is just one possible way of dealing with moving between that laptop and the desktop. I’ve been looking into personal cloud solutions but frankly I’m not up on the security considerations. A home directory on a cloud though is one solution to the home directory problem.
I just think many of the people that reject anything SystemD related are a bit “funny”. It seems like a knee jerk reaction in many cases. As for this new homed approach it is very interesting and might actually be a good thing. Like anything new it isn’t how it is now but how it evolves that can damn it to failure.
- Likes 1
Leave a comment:
-
Guest repliedOriginally posted by wizard69 View Post
Well if we are expressing opinions here I might suggest that you are grossly out of touch. Developers of free software are a flighty bunch. The best thing that has ever happened to Linux is the picking up of professional developers, that is people paid to work on their niche of Linux. It doesn’t matter if that person works at Redhat, Apple or some other organization the fact that they get paid to polish that niche has resulted in massive gains in the Linux domain.
ive been using Linux long enough to realize what happens to software where the developer can’t commit himself to the project. There are thousands of projects that died over the years because someone priority has changed. That might be mouths to feed, kids to cloth or even a desire to get back In touch with nature.
when your job is in fact software development it is far easier to Shepard a project than some noob donating his time.
Leave a comment:
Leave a comment: