They offer different flash templates with latest features.
Login

Forgot password
Register
Back

 Offer Full Disk Encryption Option with LMDE just like in regular Linux Mint.

Created 3 years ago, edited 3 years ago.
Status changed 3 years ago
Author:

RytronII
Status:
Considered
  Score:
 3
10 votes
Idea:

Hi LMC.

I think it'd be a good idea for there to be an option at installation of Full Disk Encryption with LMDE just like there is in the regular Ubuntu-based Linux Mint.

Cheers.

Comments:

3 years ago

RytronII
@xenopeek Thanks.  
3 years ago

xenopeek
Duplicate of http://community.linuxmint.com/idea/view/5994  
3 years ago

RytronII
@MagicMint ...or security. (-;

@Hammer459 Fair enough. (-:

@quake0 WTF?
 
3 years ago

quake0
Great idea. Just because your paranoid, does not mean they are not after me.  
3 years ago

Hammer459
@RytronII I have never said "don't use it" just why I see no value in investing time in making it a default option in the installer. And I am kinda paranoid :-)  
3 years ago

MagicMint
While encryption is just about personal needs, fear, or paranoia, nothing speaks against that option at install time — except that this is one of the good things Ubuntu added to vanilla Debian. You shouldn’t wonder when the LMDE installer comes more frugal than Ubiquity…  
3 years ago

RytronII
@Rebel450
Why would I want to switch to Cinnamon? I never liked it. I use LM 17.2 MATE.

@Hammer459
Thanks for the info. I will still stay with LUKS though.
 
3 years ago

Hammer459
@RytronII The only security improvement you will see is if data-pertitions are encrypted. The path /usr contains static information such as the binaries you are running. Encrypting the binaries does not make your system more secure. Theoretically it could make it less secure since you could potentially use "known" files to reverse engineer your encryption key. What is a given is that every time you start or resume an application the binary must be decrypted as it is read. That may not be a massive load, but decrypt the megabytes in Office or FF a few times and it does add up. Without adding security.
Thus, encryption of /home, /opt and /var vill give security improvement the rest pretty much no difference.
And as @Rebel450 points out, LMDE is tergetting the advanced user and spending resources on this kind of low value feature is, IMHO, not in the scope of LMDE development.
 
3 years ago

Rebel450
It is not only that LMDE is just based on Debian.
Linux Mint made it very clear:
".... for the experienced user....."
This is no offence, but I suggest you to switch to Cinnamon better.
KIND regards
 
3 years ago

RytronII
@Hammer459

Could you clarify what you mean by "to decrypt the office binary". Also please clarify "encryption data and log" -- how does this differ from LUKS?

As I said I use full disk encryption with LUKS and my system is not noticeably slowed down -- it runs great -- sure if someone had a very low spec machine then I can see full disk encryption being an slowdown issue.

Why do you say full disk encryption brings no security improvement?
 
3 years ago

Hammer459
It is a matter of resources. Mint has a very small team and full disk encryption is not a high importance issue IMHO, especially in the "techie" version. And It does slow the machine down to decrypt the office binary while not bringing any security improvement. Encrypting data and log does improve security while having almost zero performance impact.  
3 years ago

RytronII
Hi Hammer459.

I know LMDE is based on Debian and LM is based on Ubuntu. Just because LMDE is aimed at more advanced users doesn't mean it can't be a bit more user friendly. People are not necessarily paranoid just because they choose to use full disk encryption -- just being security conscious. I run full disk encryption on LM17 and my PC runs fine -- no slowness.
 
3 years ago

Hammer459
LMDE is not based on the same as Mint 17.2
LMDE is also aimed at the more advanced user.
Full disk encryption is rarely, if ever, meaningful and will make your computer slower and thus if you absolutely want it you figure it out if you use LMDE. encryption of /home and /opt is plenty add /var and even the most paranoid is covered
 

Other ideas from RytronII