I honestly tought they had abandoned “native” encryption on btrfs itself, after seeing that it works perfectly fine with LUKS and dm-crypt. Glad to see this is actually being developed.
Can’t wait for the day where you can just create a key, use a TPM or U2F to store it and let btrfs handle the rest
Possibilities at the block layer are generally quite limited since it only has limited means to work with. It’s very low-level. For example, it is not possible to do authentication in LUKS. An attacker can’t read the data but they can modify it; undetected.
You need to stack another layer on top and I’m not sure that’s even a thing.
The patch mentions that authenticated hashes aren’t supported yet either but with effectively limitless metadata to work with, it’s at least possible to do.
Per-directory/subvolume encryption is also a useful feature. You could encrypt the root fs which generally does not contain sensitive information using a key in TPM but then require a password to unlock the user’s home. That’s basically how it works in Android and it builds on top of fscrypt.
Note that this is of course a very theoretical attack vector.
Wouldn’t it then decrypt to gibberish data unless they already had the encryption keys?
Depends. I don’t know the situation of LUKS and its commonly used ciphers in particulare but even some commonly used ciphers are vulnerable to things like bitflip attacks.
This is usually “fixed” by authenticating them but that’s not easily possible at the block layer.
If it decrypts incorrectly, shouldn’t BTRFS checksumming then return an I/O error to user space as well?
Note that btrfs usually uses CRCs, not cryptographic checksums. They’re designed to catch “naturally” occuring corruption, not crafted corruption. Naturally, it’d still be extremely hard to break them when working with encrypted data but it’s a “uh, sounds pretty hard” situtation, not a “we can prove you’d need billions of years to do it” one.
You can use cryptographic checksums but note again here that the attacker could be able to modify the checksum aswell.
I don’t know how feasible this really is a but a possible attack could be to tell btrfs that the extent you modified is a nochecksum extent (you can turn off checksums in btrfs) which would make btrfs simply not check the checksum.
Mint is up to date but less buggy than Ubuntu, and it has served me well for years without problems. The UI is very conventional so I don’t spend time thinking about where stuff is. It supports multiple packaging systems now, so it’s easy to find and install software. You don’t have to go to anywhere as dodgy as the Arch User Repository to find what you need. I like Mint because it’s boring and it works and I can just get on with stuff.
I avoided GNOME3 for the longest time, but I decided to try it on a new install of Debian on a whim and actually ended up really liking it. Needed to enable a couple of extensions, but once you get used to it the workflow isn’t at all that bad.
That really depends on your definition of “sane defaults.” Even a lot of the computer science professionals I work with wouldn’t consider Arch Linux defaults as sane. I picture sane defaults to include a lot more basic functionality that Arch doesn’t have out of box (automatic suspend, desktop environment, lock screen, etc.).
I use Arch for the exact same reason you do though. Once you get past the tedious stuff like setting up your networking stack, setting up idle suspend, etc. it’s nice to choose whatever WM/DE you want and customize it how you want.
Been using Gentoo little under 20 years. I used Arch for few years in between, but switched back. I’d say all I’ve learned about Linux is via using Gentoo.
@authed@347_is_p69 Can agree plenty, I tried out Arch for one of my first Linux distros. I learned lots, it was a pain when stuff broke but at least it taught me how to fix things.
The community is strong with lots of knowledgeable users with patience to help others out.
The release cycle gets the balance just right between having predictable updates and the latest software. Fedora’s testing process is very good, you rarely have problems.
Controversial one: strong financial backing from Red Hat means that Fedora is very unlikely to sell out or turn evil, at least not without a lot of notice.
linux
Newest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.