I said posting would be more regular now that the holiday’s over, didn’t I? I lied.
- Here’s a useful idea: a server that allows (Linux) systems with encrypted file systems to boot unattended. I’m not sure how that doesn’t defeat the concept, but actually reading the documentation may help with that. (via, via)
- While on the topic, the EFF says “Encrypt your disk!“. (via)
- The Commodore 64 is 30 years old, for those readers of a certain age who may have had one… I was a Apple ][ kid. (via)
- Aw, thanks.
- “What deduplicating file system should I use?” Well, I can think of an answer.
Your unrelated link for the day: The Restart Page. (via) Make your browser full-screen when trying any of them.
Re Mandos (the unattended boot app) they have a central server that has the root passphrase of a given system encrypted with an OpenPGP key from that system. The client boots, uses TLS to connect to the server, then decrypts the provided passphrase and uses it to continue booting.
There are some protocols designed to handle the case where a client server is stolen/confiscated, but if law enforcement is involved you’re probably subject to search warrants that would compel you to provide the keys. Still, it keeps thieves from getting the data, and you generally have the opportunity to fight warrants/subpoenas.
At least you *used to* in the U.S. Not sure that’s true anymore.