Ok boomer, when everyone and their dog is using free wifi hotspots that have no encryption so I can sniff all their traffic and passwords it's an invented problem.


What does this communist crap even mean. Software development isn't free. They either find a way to monetize it or we are stuck with barely usable hobby projects. People don't usually donate for something they can get for free.

LUKS locking occurs on suspend, how are you listening to music with you PC suspended? XD

I did too. The idea is basically that, if a Dell laptop ships with "20.04 but a newer kernel than the stock 20.04 one", and you reinstall from a 20.04 CD, they want to automatically re-enable that newer kernel so you don't wind up with potentially broken drivers on reinstall.

It's basically a compromise between "LTS is supposed to be stable enough to calm the fears of enterprise users... which means it may be stale by more ordinary people's standards" with "Hardware manufacturers may deploy their officially Linux-compatible devices with newer drivers than what LTS ships with".

As far as I can tell, it's "Certified" as in "We, Dell, certify that this laptop will work with Ubuntu"... which means that it's perfectly fair for Canonical to adjust their installers so that they'll help you get the right drivers reinstalled.

I totally agree. The key word is 'security'. But I'm not a monkey (sorry monkeys, clever animals), I don't believe to everything I hear. So, what should I do everytime I hear the word secure or unsecure, to became crazy for searching for a solution to a non-existent problem? The same with browsers. If browsing is tagged as non-secure the problem is the browser itself, or it is an invented problem. The browser must not send back any info about the user, never. If a site want user infos back than there is something wrong with that site or the whole web.

In my own opinion, everyone (I've just read about Canonical and certified devices) are pushing for monetize their being part of the Linux word. My question is: do we really need all these actors? Do we are the users, we are the public.

I spoke with Lennart after the talk he held at DevConf, and there seems to be a surprisingly big misconception on when the encryption is actually locked again. Locking the screen/session isn't supposed to instantly re-encrypt your homedrive, though I can't imagine that it'd be impossible to add a hook for that.
The default - from systemd - is supposed to be encrypting only when your computer suspends/hibernates/shuts down - or after a timeout when no inhibitions are active, not when your screensaver starts or something inane like that. Though the default from your dist might be something completely different, as with all systemd settings.

If you're worried about losing downloads, then you should make sure your download tool knows to add a power saving inhibition during a download, otherwise you're already likely to lose them in case your computer wants to power save. Homed should not change this in the slightest, only add some additional security to after your computer has decided that it's no longer in active use.

Weren't those sorts of problems one of the big reasons given for needing to invent Wayland? That allowing things like using the media keys on the keyboard while the screen was locked would break the X11 spec too badly?

As long as I have the option to continue using traditional home directories on my encrypted disk, they can do whatever they please.

I was quite looking forward for this as systemd developers trying to solve another Linux mess, but now after I saw the video with the "Security above everything" including usability, I don't think I will like this.
Locking the session and not being able to hear the music continuing in background and having the info and buttons to change the song or having a download in background not being possible anymore it's insane.
I would rather not encrypt home or leave the computer unlocked than to interrupt a possibly long download.
And how the fuck is more secure to leave someone at your computer with the session completely unlocked so they can change the song in the music player compared to having the session locked and they change the song from the lock screen?
If thsese usability problems are real than I think it will be way better to leave out the whole Systemd-Homed completely and use Plasma Vaults or Veracrypt to encrypt only the important stuff.