Announcement

Collapse
No announcement yet.

System76 Eyeing Disk Encryption By Default

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • System76 Eyeing Disk Encryption By Default

    Phoronix: System76 Eyeing Disk Encryption By Default

    Ubuntu-focused Linux PC vendor System76 who has also been working on their own Pop!_OS distribution is looking at enabling disk encryption by default...

    http://www.phoronix.com/scan.php?pag...yption-Default

  • #2
    i think this shouldnt be the default, but having an option is nice

    Comment


    • #3
      I'd prefer native filesystem encryption, something close to the mac filevault, ios encryption and the new android encryption. Something that allows for multiple keys (for multi-user devices) and that can delete the keys from ram when locked. Full disk encryption as used today is so limited in these regards.

      Comment


      • #4
        Well, at least on my Lenovo laptop, full disk encryption is supported on hardware level, I don't need any of that OS level nonsense and also there is no performance penalty for enabling encryption.

        Basically when you power on the laptop, the first thing you see is a password prompt, and without entering the password there is no way to even find out what operating systems I have installed.

        https://support.lenovo.com/en/solutions/migr-69621

        Comment


        • #5
          Originally posted by M1kkko View Post
          Well, at least on my Lenovo laptop, full disk encryption is supported on hardware level, I don't need any of that OS level nonsense and also there is no performance penalty for enabling encryption.

          Basically when you power on the laptop, the first thing you see is a password prompt, and without entering the password there is no way to even find out what operating systems I have installed.

          https://support.lenovo.com/en/solutions/migr-69621
          I don't think I'd trust Lenovo on this. I'd rather keep my OSS solution, where I know what's happening.

          My skepticism with anything Lenovo comes from 1) China, 2) their history (SuperFish, etc.).

          Comment


          • #6
            Originally posted by M1kkko View Post
            Well, at least on my Lenovo laptop, full disk encryption is supported on hardware level, I don't need any of that OS level nonsense and also there is no performance penalty for enabling encryption.

            Basically when you power on the laptop, the first thing you see is a password prompt, and without entering the password there is no way to even find out what operating systems I have installed.

            https://support.lenovo.com/en/solutions/migr-69621
            Isn't that a proprietary implementation? Why would you trust that?

            Comment


            • #7
              Originally posted by M1kkko View Post
              Well, at least on my Lenovo laptop, full disk encryption is supported on hardware level, I don't need any of that OS level nonsense and also there is no performance penalty for enabling encryption.
              For those wondering: that's a feature of the hard drive itself (Full Disk Encryption), which is also supported by the PC's firmware. Afaik most PCs support self-encrypting drives, even back in the BIOS era.

              The main drawback of this system is that it's relying on closed source to stay secure (both the drive firmware and the UEFI firmware), and also don't crap out at random corrupting my drive, which I quite frankly don't trust that much to begin with.

              So yeah, as long as you are just keeping your data safe from thieves or low-level enemies that's ok. If you are actually trying to keep safe very important data from competitors or government agencies, it's a nope for me.

              Comment


              • #8
                This should have been made default long ago, if you ask me.

                This isn't exactly relevant, but what is up with the price of their systems? The hardware is far from inspiring for what you can get for the same price in the windows world, and linux is free, so there's no OS cost, and yet their mediocre Galago Pro base system costs $959! I just picked up a Lenovo 710 15.6" for $650 with nice hardware (core i5, 256GB SSD, 8GB RAM, IPS convertible display) and slapped my preferred distro on it in less than 15 minutes. So who buys these mediocre, overpriced linux laptops? I can think of way better ways of supporting linux.

                Comment


                • #9
                  So now the governments know which Linux users are true criminals

                  Comment


                  • #10
                    Originally posted by treba View Post
                    I'd prefer native filesystem encryption, something close to the mac filevault, ios encryption and the new android encryption. Something that allows for multiple keys (for multi-user devices) and that can delete the keys from ram when locked. Full disk encryption as used today is so limited in these regards.
                    LUKS (the current FDE solution for most distros) supports up to 8 different passwords (called "key slots") to unlock the encrypted volume.

                    Comment

                    Working...
                    X