Originally posted by elvis
View Post
Announcement
Collapse
No announcement yet.
System76 Eyeing Disk Encryption By Default
Collapse
X
-
Originally posted by torsionbar28 View Post
Show me a Lenovo laptop that comes with full Lenovo vendor support for Linux. Or any other OEM where all of the laptop's features and functions "just work" out of the box. Laptops are notoriously fickle when it comes to drivers, and the big OEM's are Windows vendors when it comes to consumer products. They support Linux only on their high end professional workstation models, and typically only corporate distros like RHEL and SLES. And find me one big OEM that is disabling ME by default. The fact is, you get a lot for your money when you buy from System76. If you want to be a self-support penny pincher, that's your prerogative, but it's poor form to badmouth a leading Linux hardware vendor, and even more so when you haven't even used their product.
Also, it's pretty comical to call one a "self-support penny pincher" because they question why they would purchase inferior hardware at a significant price markup just for linux support. I'm not "badmouthing" system76--I'm just wondering why it costs so much to brand a Clevo unit and put (and support) linux on it. Does the cost come mainly from the support?
Comment
-
Originally posted by M1kkko View PostWell, at least on my Lenovo laptop, full disk encryption is supported on hardware level, I don't need any of that OS level nonsense and also there is no performance penalty for enabling encryption.
Basically when you power on the laptop, the first thing you see is a password prompt, and without entering the password there is no way to even find out what operating systems I have installed.
https://support.lenovo.com/en/solutions/migr-69621
Comment
-
Ubuntu offers home directory encryption via their GUI installer, but doing full-disk encryption is less straightforward on their platform
- Likes 1
Comment
-
Originally posted by Flaburgan View PostWhere does that come from? On the exact same screen where you can pick home directory encryption, you can choose to encrypt the whole hard drive as easily. I see nothing new here. Did I miss something?
1) Full disk encryption, via dm-crypt, cryptsetup and LUKS. This requires device manager to encrypt at the block level, with the file system on top. YOu choose this at disk setup/partitioning time (using the "encrypted LVM" option). This is only in the advanced/TUI/server installer, not in the GUI installer:
2) Home directory encryption, via ecryptfs, which allows a virtual encrypted container to live on top of the file system, and be mounted per-user as required. This is an option you choose after disk partitioning, but before install, and is available in the TUI andd GUI installers.
- Likes 1
Comment
Comment