98
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 24 Feb 2024
98 points (77.2% liked)
Linux
48214 readers
717 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
Others have given you ways of doing this, with TPM or hacking away by using the same password and auto-login. Many have told you you shouldn't, but I think no one explained why.
When the bootloader chooses the OS that OS might be on an encrypted or an unencrypted disk. If the OS is on an unencrypted disk it can be easily hacked and then all bets are off. So the only safe option is if the OS is on an encrypted disk, however to do that you need to decrypt the disk to access it. Now there are two options, either you need to provide a key for decryption (it does not need to be a password, it can be a thumb drive or fingerprint) or it happens automatically. If it happens automatically it's the same as not having encryption.
Enter TPM, which is trying to safely automatically decrypt the disk by using hardware validation. However here's the problem, the only reason you need disk encryption is to prevent against your hardware being stolen. If your hardware was stolen and you don't have disk encryption people can simply read the data. If you have disk encryption they need to decrypt the disk first. However when you use TPM or anything similar the disk gets decrypted automatically, meaning that it's almost the same as not having encryption at all.
If a hacker got a hold of your unencrypted disk they can open it on a second OS and extract the data. If they got a hold of a fully encrypted disk they are more or less screwed. But if your computer unencrypted the disk on boot all they have to do now is access the disk from your OS. There are several ways of bypassing a login, brute force it, or create new users. Not to mention possible security issues that might give the attacker access to your entire system, which is already unencrypted. Yes, having some form of encryption, even if it unencrypts automatically is better than no encryption at all, but not by much. I would argue that if you care about the data not being accessed you shouldn't have it decrypt automatically, and if you don't mind it decrypting automatically then encryption might be overkill for you.