If that’s the only reason, it’s not a great one. You could solve it by storing the password with your important documents.
If that’s the only reason, it’s not a great one. You could solve it by storing the password with your important documents.
That’s because you’re probably using biometrics instead.
Why would you need to enter 2?
Yep. But typing in a password at boot is no big deal and you do then get some of the benefits of encryption. The problem, as you seem to be hinting, is the lockscreen issue. A screenlocked OS without the hardware encryption module is not actually locked down whereas Android, for instance, is. Is that right? I’ve wanted to ask how Android does this - basically, it loses the key and then regenerates it based on biometrics or whatever, each time you unlock, is that it?
Yep. Unfortunately that’s where we are.
And yet somehow on mobile, where most personal computing is now done, this is not a problem.
Why is this a problem for us and not for ordinary dummies on Android? It’s been the default there for years already.
is it’s usually not a one-click process
It is, these days. Ubuntu and Fedora, for example. But you still have to select it or it won’t happen. PopOS, being explicitly designed for laptops, has it by default.
If the government gets my drives I assume they’ll crack it in no time.
Depends on your passphrase. If you follow best practice and go with, say, a 25-character passphrase made up of obscure dictionary words, then no, even a state will not be cracking it quickly at all.
If a hacker gets into my PC or a virus I’m assuming it will run while the drive is in an unencrypted state anyway.
Exactly. This is the weak link of disk encryption. You usually need to turn off the machine, i.e. lose the key from memory, in order to get the full benefits. A couple of consolations: (1) In an emergency, you at least have the option of locking it down; just turn it off - even a hard shutdown will do. (2) As you say, only a sophisticated attacker, like the police, will have the skills to break open your screenlocked machine while avoiding any shutdown or reboot.
Another, less obvious, reason for encrypting: it means you can sell the drive, or laptop, without having to wipe it. Encrypted data is inaccessible, by definition.
Encryption of personal data should be the default everywhere. Period.
Absolutely. LUKS full disk encryption. Comes as an opt-in checkbox on Ubuntu, for example.
And I too cannot understand why this is not opt-out rather than opt-in. Apparently we’ve decided that only normies on corporate spyware OSs need security, and we don’t.
The correct answer to this question should be ''Whatever is the current default".
If we have to ask and answer such questions as this (I’m unconvinced), then something is really wrong.
Almost a year? I’ve been on the same one for about 15.
Interesting, thanks. Had not considered that second point.
for terminal tabs and splits. Only recently did I realize that tmux is the better option, even for local use
Reasoning?
Apart from the the janky scrolling it works great as a reader app, yeah. Zero distractions and fast.
Try reading an entire epub book in scroll mode and you’ll see the use case.
The only other feature I want is smooth scrolling, I can’t believe there are no modern terminals with it.
Seconded on both counts.
That’s what I would have said till I tried using a TUI epub reader. The jankiness of line-level scrolling (rather than pixel-level like in a GUI app) is all but a deal breaker.
I was then most surprised to discover that terminal emulators with this amazing cutting-edge technology (smooth scrolling) do not even exist.
Probably not because it would need to be an off-the-peg solution with support included for my bosses to even begin to consider it. But I have heard of Collabora and I know it’s decent.
More in the running would be a cloud solution from the amazing Framasoft, including Framapad
None of this is to disparage LibreOffice, which apparently offers value to many people and that’s great.
That does make sense. Thanks.
Then your password or more likely PIN is what is being used to generate the encryption key. Not very strong encryption but better than nothing.