@delta glad to hear you are on top of things and of course advancing to new tech and transforming an initial base is hard.
Maybe backward compatibility should be sacrificed at some point even… making it EpsilonChat
Just look at #grub taking 10+ years to adapt to the #argon2i key derivation standard (still not implemented) making #FDE with #LVM on #LUKS still ‘hard to do’. so yeah…
Thinking of trying #postmarketOS on my #PinebookPro.
I didn't even know you could run it as a desktop OS.
Supposedly the installer supports #FullDiskEncryption, which is... "poggers," I think the kids say.
Building secure and privacy protecting mobile phones
https://fifthdimensionnews.substack.com/p/upwardly-mobile
#EFF #Rayhunter #IMSI #CitizenLab #Deibert
#mobile #mobian #Debian #KaliNetHunter #PostMarketOS #Jolla #SailfishOS #Finland #EU #Pine64 #OnionMobileDev #TOR #GuardianProject #press #Journalism #FDE #RFERL #GrapheneOS #Whonix #phone #encryption #CivilLiberties #FirstAmendment #FourthAmendment #USA #Development #FreedomOfThoughtandExpression
As a follow-up to Full Disk Encryption for those moving from #Windows10, #openSUSE offers #FDE secured by TPM2 or FIDO2 for #BitLocker-like security. 
#10isEnough #EndofWindows10 #UpgradetoFreedom today! https://news.opensuse.org/2024/09/20/quickstart-fde-yast2/
The workflow I really want is something like:
- Use full disk encryption (#FDE) via #LUKS
- Only *require* a password to decrypt the disk from an encrypted data-at-rest state (i.e. boot)
- Once decrypted, prefer using fingerprint unlock (retaining the password option for convenience & necessary for remote access).
- Login should decrypt the keyring regardless of auth method.
Then maybe have a panic/lockdown mode like Android/iOS that sends the device back into the encrypted-at-rest state.
@itsfoss : for multiple reasons (*) it's wiser to use FDE (Full Disk Encryption) from the start. To make your data inaccessible, replace your master password by something random and long, and forget it (that password).
(*) I'll elaborate on request.
️ 
rd.luks.data приходится использовать /dev/disk/by-id/... вместо UUID'а раздела на диске.cryptsetup open --type luks2 --persistent --allow-discards --perf-no_read_workqueue --perf-no_write_workqueue ...options rd.luks.data=7f2df3a2-3c68-492e-bbd6-1ccf956379c0=/dev/disk/by-id/nvme-VENDOR_MODEL_SERIAL_ID_-partN
options rd.luks.name=7f2df3a2-3c68-492e-bbd6-1ccf956379c0=crypto_dev_name
... или ...
options rd.luks.data=2b507209-fcf1-4aae-a55a-1ba4e908cc8b=/dev/disk/by-id/ata-VENDOR_MODEL_SERIAL_ID_-partNcryptsetup luksDump и отсутствующие в выдаче:lsblk -fls /dev/disk/by-id/Its been, I've lost count, 6 years? And still GRUB2 does not support #argon2 while #pbkdf2 absolutely gets stomped .
Effectively rendering #fde with encrypted boot insecure on Linux (X86). While with u-boot on ARM you can use argon2
I do not understand why this isn't like a high priority issues for GNU
Logging in to #FDE on #OpenBSD
Password: ********
<nope!>
Password: ********
<No, try again>
Password: ********
<Yep, that's the one>
Logging in to FDE on #Linux:
Password: ********
<Let me think about that>
<Considering the possibilities>
<Engaging quantum mulligan decryption>
<Calling a lifeline>
<INITIATING GRUB RECOVERY YOU HAVE NO CHANCE TO SURVIVE MAKE YOUR TIME!!!!!>
FFFFF-----!!!!!!!
#MicroOS and #Tumbleweed users! #GRUB2 with Boot Loader Specification (BLS) is now available, offering dynamic boot entries and improved full-disk #encryption support. Dive into the details and boost your system’s security! #FDE #openSUSE https://news.opensuse.org/2024/10/08/grub2-bls/
#GRUB2 with #BLS is now available in #MicroOS and #Tumbleweed! 
This update brings dynamic boot entries and better full-disk encryption support. #opensource #openSUSE #Linux #FDE
https://news.opensuse.org/2024/10/08/grub2-bls/
#GRUB2 with #BLS is now available in #MicroOS and #Tumbleweed! This update brings dynamic boot entries and better full-disk #encryption support. #opensource #openSUSE #Linux #FDE https://news.opensuse.org/2024/10/08/grub2-bls/
Is anyone actually running https://shufflecake.net/ as #FDE #FullDiskEncryption on Linux?
I just heard about it and it sounds good.
Have you taken #AeonDesktop RC3 for a spin yet? Have you checked out the Full Disk Encryption? https://news.opensuse.org/2024/07/28/rc-image-released/ #FDE #AeonDesktop #Linux
Установка Ubuntu 24.04 с полным шифрованием диска и использованием TPM
Это буквально "заметки для себя", но так как гуглёж до начала не дал никакой толковой информации, то решил оставить их и для остальных, может кому-то пригодится.
Aeon Desktop RC3 is here with Full Disk Encryption by default. A BIG Thanks to everyone who made this possible! #opensource #FDE #Linux https://news.opensuse.org/2024/07/28/rc-image-released/
Quick guide on encrypting an external drive. Assuming the drive is at /dev/sda with a /dev/sda1 partition
Set up encrypted volume (-y for verifying the password)
# cryptsetup luksFormat -y -v /dev/sda1
Unlock the encrypted volume and create a mapping to /dev/mapper/DUDE
# cryptsetup luksOpen /dev/sda1 DUDE
Create a file system
# mkfs.ext4 /dev/mapper/DUDE
Mount the partition
# mkdir /mnt/DUDE
# mount /dev/mapper/DUDE /mnt/DUDE
OpenSUSE Aeon Desktop Enhances Security with Full Disk Encryption #Aeondesktop #Opensuse #FDE #FullDiskEncryption #Linux #Security
https://ostechnix.com/full-disk-encryption-in-aeon-desktop/
️
