Aral Balkan  

So full-disk encryption on a Linux laptop is basically bullshit, isn’t it?

*gasps from the audience* *angry shouting*

Lock your computer: unencrypted
Sleep: unencrypted
Suspend: unencrypted

Hand your locked/sleeping/suspended computer to a customs agent or leave it unattended at a cafe: it’s unencrypted.

And we call this secure.

So I guess that’s the first thing to fix before we can recommend these devices to everyday people instead of Macs (see FileVault for a proper implementation).

1+
ERR: 0CK5
Follow

@aral
I just shut down my laptop whenever I can't keep my eye on it.

· Fedilab · 1 · 0 · 0
Aral Balkan  

@everlastingrocks Yeah, but that’s not practical (and even you will/have slipped up on occasion I’m sure) :) “Lock” should mean lock.

1
ERR: 0CK5  

@aral
Oh, yes it's certainly inconvenient.
Power button to usable desktop: 48 seconds
Power button to screen off: 7 seconds

So, there's a minute wasted every time I use my laptop.

Is FileVault (2) really secure? It's certainly more convenient (and without publically known exploits), but FileVault 1 wasn't.

0
Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml