Ideas
Tutorials
Hardware
Software
Countries
Users
Moderation
Chat room
ISO Images
Back
Created 1 year ago, edited 1 year ago.
Status changed 10 months ago
Add Option of Full Disk Encryption to all future Linux Mint Releases
Status changed 10 months ago
|
||||||
| Idea: | ||||||
|---|---|---|---|---|---|---|
| ||||||
| Comments: |
| 2 weeks ago |
 znaut |
Agreed. I would like to see this as well. | |
| 1 month ago |
 disPPlay |
I would like to see this idea implemented, as it is very easy for the user to encrypt the whole HDD with a simply click and a passphrase. | |
| 3 months ago |
quake0 |
This really needs to be approved already. | |
| 4 months ago |
zurku |
@lon_ore There are other like me, who would prefer to use the Debian Edition instead for resource constraint reasons and the fact that its rolling, but if you think about it, its still not available by default for the random Linux Mint user who doesn't have the slightest idea how to do that. The encrypted install option is still not available in the installer even thought its been around in Debian proper for ages. That's somewhat alright, if it wasn't for the fact that the LMDE installer does not recognize encrypted block devices either. Halfway through setting up the volumes manually I ran into this problem and had to shelve the idea completely and switch to another distro. Please add this option for Linux Mint soon. There are many great things about this distro that make it shine above all others. However this small and important feature is a blackeye to this, IMO. |
|
| 4 months ago |
Ion_ore |
In case someone's still wondering, you actually can do this on Mint 14. On the live boot you just need to upgrade the installer (ubiquity) before installation. I completely removed all ubiquity packages, updated the package list and then marked the package "ubiquity-frontend-gtk" for installation (I used the Cinnamon liveDVD). | |
| 5 months ago |
Drag0nFly |
This should be considered core functionality for laptops. Since the Ubuntu installation already has this feature in place implementing it on Mint would hopefully be a minor task. | |
| 6 months ago |
gcarvell |
I would really, *really* like to run Linux Mint on my work laptop. Some factors in that are the general high quality of the distro, the solid Ubuntu / Debian base, ability to run 3rd party software, emphasis on user choice, and Mint's work on the MATE desktop. However, full disk encryption is a hard requirement that Mint does not support. For now, Ubuntu 12.10 with its full disk encryption is a tolerable workaround (after manually adding the MATE desktop and ripping out all the Unity and shopping type stuff I could), but a straight Mint install would be much better. Hopefully the development team will consider this option in the near future. |
|
| 6 months ago |
Mateo37 |
I want to thank the Linux Mint team for their professional quality and easy to use releases. I think the addition of the option to have FDE during an install and/or having a point and click tool in the GUI to do it afterwards would be greatly beneficial for business users like me who have higher security requirements for customer data. | |
| 6 months ago |
quake0 |
This was in ubuntu 12.10 installer but I can not find it in mint 14 RC. | |
| 6 months ago |
ASmith |
The action indicates my suggestion to add the 'Option' for Installers of Linux Mint to enable a Full Disk Encryption has been selected. Outstanding! Kudos to the Linux Mint Team and to those that took the time to Vote and comment on this important and imo essential feature in a increasingly troubled, economically challenging times where laptops and even desktops are routinely stolen not only for the personal information they might have to sell to a ID theft specialist but also for a quick hardware device payday. Thank-You ASmith |
|
| 6 months ago |
ASmith |
Sorry to hear Minuxlint, that you have given up on Mint over the lack of full disk encryption not being given as a option. Sadly, the vast number of business users that want to use Linux Mint do not do so because there is no direct install option for full disk encryption. The newest Ubuntu Release is now offering full disk encryption as a option for installers and hopefully that will provide enough stimulus to the Linux Mint team to go ahead and provide that useful feature. The newest high security reviews appear to indicate a combination of AES-Serpent or Serpent-Twofish multiple encryptions defeat even the most ardent attempts by bad people with bad intentions. On newer CPU's with built-in AES acceleration the trade-off in HD access,read and writes should be minimal however if the device is fully powered down before it is seized, stolen or demanded at gunpoint, any information that is heavily encrypted is essentially protected and shows up as random useless data to computer forensic examiners. In short, the newest Ubuntu Release now includes the Option for installers for full disk encryption, Linux Mint should include that option also. |
|
| 8 months ago |
martensjd |
It just strikes me as naively trusting to not use full disk encryption on a laptop. | |
| 10 months ago |
minuxlint |
Having been a long time Linux Mint advocate, I was also disappointed that the script that I had used from tutorial 344 failed with Mint 13. I have long since jumped from Mint to other distros, but kept a family laptop running Mint for my wife and kids. Not having the security of knowing that a stolen laptop is missing hardware, not missing personal information, seems a bit behind the times for me. I hope that the position Clem took in an earlier blog post that stated that the Mint team was not targeting users who would need this as an install option changes. It is the sole reason I no longer run Mint in my home. |
|
| 10 months ago |
ASmith |
Thanks vincentv for considering however you marked the Grubpass which defeats the evil maid attacked as 'rejected' and should be reconsidered as it is entirely meant to work in tandem with the option of Full Disk Encryption. I'm also disappointed to see the option of a USB token file to use super strong passwords on a removable media however given the Linux developers time, I understand such time is vitally focused on other tasks. With many Western nations slipping now into double dip recession, computer and digital device thefts are of course on the increase as well as sadly nations being transformed into a virtual Police State. Business's switching to Linux are on the rise as they widely refuse to install Windows 8, a vast majority of them view full disk encryption as a must have option. Security minded Linux users also definitely place Linux distributions with Full Disk Encryption option available on their 'Must Have' list. I feel such a optional inclusion is vital to add to future Linux Mint releases. |
|
| 10 months ago |
shred |
Thanks for considering! You're right about the evil maid attack. However, FDE is a safe protection if your notebook is lost or stolen. | |
| 10 months ago |
shred |
This is actually the only show stopper that keeps me from migrating some Fedora machines with FDE partitions to Mint. | |
| 10 months ago |
katamint |
I have just switched 6 pc in my office from ubuntu 10.04 to Mint 13 MATE On my personal pc i cannot use more the full disk encryption and this is a sad thing. Tutorial 344 doens't work. Please add this in linux mint 14. Security and Privacy are not an option ! |
|
| 10 months ago |
a701 |
I was actually very surprised to see that LinuxMint did not offer full disk encryption. I feel this is a must in any good distribution. I can see no reason why anyone would be against the inclusion of full disk enctyption as an option. I hope to see this added soon so I can give LinuxMint a try. | |
| 11 months ago |
jjthomas |
Needed for laptops. | |
| 11 months ago |
ASmith |
My thanks to each for your votes and help to promote greater security in all further Linux Mint releases. Please be advised there are a albeit small handful of visitors and members in the Linux Mint forum,community and readers that flatly do not want Linux Mint nor any Linux distribution to have any real encryption and security capability's whatsoever. Although most of their claims of tinfoil hats on those pointing out the very real need for security and privacy measures have been shouted down, those individuals still certainly exist. Regardless of what their true agendas or who they work for nor who their actual allegiance is to, such is simply a reality of the current police state times and to be expected rather than allow yourself to be broadsided in surprise that such would occur 'here'. Despite the obvious police state agenda's, given the global double dip recession economically impacting millions if not billions the very real possibility of netbook, laptop and digital device thefts for a quick pay-day is very real making personal full disk encryption a vital safeguard against that possible theft leading to even further personal theft based on your personal data. Business's look for full disk encryption applications 'built-in' they can enable, not simply what could be added by their IT department to do that. Business's rightly see applications that are built-in and included as largely 'stable' and more likely to be trusted than a 3rd. party addition from the beginning. With the major Linux distributions employing the LVM based full disk encryption options, it appears to be entirely positive in all directions for the Linux Mint development team to include that option also. |
|
| 11 months ago |
 kazztan0325 |
@quake0: I think you might want to ask active moderators about it. |
|
| 11 months ago |
quake0 |
This has 28 positive votes. What does it take to get considered? | |
| 1 year ago |
quake0 |
Why would any one vote this down? Its a one click option, not a default. | |
| 1 year ago |
 fleming746 |
Additional security for those who need it is a very beneficial option, this would be a very good idea for anyone using their system for business or creative purposes | |
| 1 year ago |
markrlondon |
Whilst not everyone sees the need for full disk encryption, it's one of those features which in reality is becoming a must-have. Home directory encryption is useful of course but being able to encrypt an entire system minimises the risk of data leakage. I am surprised that Mint does not yet have this feature. @BScheiber: Would you like to write up your method of patching the live-installer to provide full disk encryption? It would be useful for those of us who would like to try it. |
|
| 1 year ago |
 BSchreiber |
Due it's not 100% safe, i know, i just patched the live-installer to add this functionality. Where can i find support on how and where to maintain this patched live-installer and iso-cd for testing? |
|
| 1 year ago |
BTPFMJ |
While full disk encryption doesn't provide 100% protection against everything (nothing does), it can be very useful, and it's generally much more secure than home folder encryption, because full disk encryption can also protect the following items, all of which are likely to leak sensitive information: - temporary files - swap - log files If the root file system, additional file systems other than /boot (e.g. /home) if any, and the swap all live in LVM which sits on top of an encrypted volume, even secure hibernation is possible. (I'm using this setup routinely on my systems.) The boot volume in this case is indeed the weak point, in that an attacker could manipulate the boot loader, initrd etc. to reveal the encryption key or password ("evil maid" attack). But that implies both a relatively sophisticated adversary and that the laptop will be used later by its owner. If a powered down laptop is lost, stolen or confiscated, and not returned to its owner, full disk encryption provides 100% protection (assuming the passphrase is strong). |
|
| 1 year ago |
 fausto |
Very useful | |
| 1 year ago |
quake0 |
Agree. As long as its only an option along side home folder encryption. | |
| 1 year ago |
 undoIT |
YES! Simple full disk encryption as an install option is absolutely essential. I have Linux Mint 11 on one of my laptops that I use for watching movies. I have also played around with Linux Mint 12 and love it. I was planning to install it on a couple of my more regularly used laptops (I own 7) as well as some computers for friends and family. However, the lack of a simple option for full disk encryption, like what is available in other distros, is unfortunately a deal breaker. | |
| 1 year ago |
 blueXrider |
BTW how many more times are you going to repost. I think you have the record now | |
| 1 year ago |
 remoulder |
Please do not make duplicate posts |
Other ideas from ASmith
- Add Encryption Type and Keyfile Option to installing encrypted disk/directory
- Add Hybrid .ISO download images to future Mint Releases
- Add Anomos an Anonymous,Encrypted BitTorrent Client to Linux Mint Software Bundle
- Update Mint Rescue Disk Feature
- Add Optional Password Protect Your Grub2 with Grubpass
- Add Retroshare and Tribler for Anonymous Secure File Sharing