Announcement

Collapse
No announcement yet.

EXT4 On Linux 5.5 To Support Encryption On Smaller Block Sizes

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • EXT4 On Linux 5.5 To Support Encryption On Smaller Block Sizes

    Phoronix: EXT4 On Linux 5.5 To Support Encryption On Smaller Block Sizes

    For the past four years going back to Linux 5.5 has been EXT4 native file-system encryption making use of the kernel's FSCRYPT framework that is shared between several file-systems. That support has continued to improve with time and with Linux 5.5 another limitation will be dropped...

    http://www.phoronix.com/scan.php?pag...-Encrypt-Small

  • #2
    Don't some POWER systems use 64k page sizes?

    Comment


    • #3
      Actually I'm quite surprised this wasn't supported previously. But then again, Linux encryption is still a joke compared to Windows or macOS, so no biggie. The fact that encryption relies on proper preparation during partitioning is ridiculous.

      Comment


      • #4
        Originally posted by anarki2 View Post
        ... Linux encryption is still a joke compared to Windows or macOS, so no biggie. The fact that encryption relies on proper preparation during partitioning is ridiculous.
        What?
        Just one checkbox during insall will give you full disk encription (using cryptsetup).
        or one command after install to encript just ~/.
        no need for partition preparation problems.
        Encryption integrated into the file system is just a mostly pointless bonus.
        (zfs encrypted snapshot diff shipping is the only advantage to integration AFAIK)

        What's a joke is the lack of flexibility on MS/Apple software.

        Comment


        • #5
          Originally posted by anarki2 View Post
          Actually I'm quite surprised this wasn't supported previously. But then again, Linux encryption is still a joke compared to Windows or macOS, so no biggie. The fact that encryption relies on proper preparation during partitioning is ridiculous.
          You're full of bullshit just like winblows and macshit encryption which is a joke:

          https://www.howtogeek.com/fyi/you-ca...on-windows-10/

          https://www.techspot.com/news/78625-...ncryption.html

          Comment


          • #6
            Originally posted by anarki2 View Post
            Actually I'm quite surprised this wasn't supported previously. But then again, Linux encryption is still a joke compared to Windows or macOS, so no biggie. The fact that encryption relies on proper preparation during partitioning is ridiculous.
            Are you perhaps telling me that WIndows partition encription does not rely on "proper preparation during partitioning"?

            Have you ever tried turning on encryption on a Windows system that does not have the 100MB "System Reserved" partition (not a EFI partition, it's in addition to that)?

            Comment


            • #7
              Oh god, why I'm not surprised that embedded device firmwares (SSD storage devices in this case) are complete shitshows of security?

              Comment


              • #8
                Originally posted by starshipeleven View Post
                Oh god, why I'm not surprised that embedded device firmwares (SSD storage devices in this case) are complete shitshows of security?
                Microsoft has since updated BitLocker to always default to software-based encryption. On modern processors there is no noticeable impact in performance. Still though, I would have more trust in an open-source encryption solution.

                I have never been totally comfortable with the idea of a TPM either. A hardware chip that contains your encryption keys... It's bound to have some holes, but it's complex enough to prevent most people from finding them.

                Comment


                • #9
                  One should be really stupid to trust proprietary encryption implementation. You don't even know what it doing, nor you can check that with anyhow reasonable amount of efforts. So if it does something nasty or just bugged/insecure ... you'll be last to know that.

                  p.s. and remember, security and convenience are worst enemies. If something is very convenient, most likely it highly insecure. "Usable security" is holy grail of crypto ... and at the end of day, if you don't have idea how it works... there could be nasty surprises. Hey, how many users do you think can use, say, SSL/TLS/HTTPS in anyhow secure manner?

                  Comment


                  • #10
                    Originally posted by Chugworth View Post
                    Microsoft has since updated BitLocker to always default to software-based encryption. On modern processors there is no noticeable impact in performance. Still though, I would have more trust in an open-source encryption solution.

                    I have never been totally comfortable with the idea of a TPM either. A hardware chip that contains your encryption keys... It's bound to have some holes, but it's complex enough to prevent most people from finding them.
                    Meh, a simple OS password is enough to keep "most people" from accessing my PC.

                    If I go to the hassle of encrypting stuff and risking to lose all data because I forget a password or the system fucks up, it has to be very fucking nuke-proof.

                    Comment

                    Working...
                    X