5 years ago
Duplicate of http://community.linuxmint.com/idea/view/5994
Great idea. Just because your paranoid, does not mean they are not after me.
While encryption is just about personal needs, fear, or paranoia, nothing speaks against that option at install time — except that this is one of the good things Ubuntu added to vanilla Debian. You shouldn’t wonder when the LMDE installer comes more frugal than Ubiquity…
Why would I want to switch to Cinnamon? I never liked it. I use LM 17.2 MATE.
Thanks for the info. I will still stay with LUKS though.
@RytronII The only security improvement you will see is if data-pertitions are encrypted. The path /usr contains static information such as the binaries you are running. Encrypting the binaries does not make your system more secure. Theoretically it could make it less secure since you could potentially use "known" files to reverse engineer your encryption key. What is a given is that every time you start or resume an application the binary must be decrypted as it is read. That may not be a massive load, but decrypt the megabytes in Office or FF a few times and it does add up. Without adding security.
Thus, encryption of /home, /opt and /var vill give security improvement the rest pretty much no difference.
And as @Rebel450 points out, LMDE is tergetting the advanced user and spending resources on this kind of low value feature is, IMHO, not in the scope of LMDE development.
It is not only that LMDE is just based on Debian.
Linux Mint made it very clear:
".... for the experienced user....."
This is no offence, but I suggest you to switch to Cinnamon better.
Could you clarify what you mean by "to decrypt the office binary". Also please clarify "encryption data and log" -- how does this differ from LUKS?
As I said I use full disk encryption with LUKS and my system is not noticeably slowed down -- it runs great -- sure if someone had a very low spec machine then I can see full disk encryption being an slowdown issue.
Why do you say full disk encryption brings no security improvement?
It is a matter of resources. Mint has a very small team and full disk encryption is not a high importance issue IMHO, especially in the "techie" version. And It does slow the machine down to decrypt the office binary while not bringing any security improvement. Encrypting data and log does improve security while having almost zero performance impact.
I know LMDE is based on Debian and LM is based on Ubuntu. Just because LMDE is aimed at more advanced users doesn't mean it can't be a bit more user friendly. People are not necessarily paranoid just because they choose to use full disk encryption -- just being security conscious. I run full disk encryption on LM17 and my PC runs fine -- no slowness.
LMDE is not based on the same as Mint 17.2
LMDE is also aimed at the more advanced user.
Full disk encryption is rarely, if ever, meaningful and will make your computer slower and thus if you absolutely want it you figure it out if you use LMDE. encryption of /home and /opt is plenty add /var and even the most paranoid is covered