

PC-BSD 10.1.2-RC1 Now Available - tete
http://blog.pcbsd.org/2015/05/pc-bsd-10-1-2-rc1-now-available/

======
tete
I am mainly mentioning this, because this release is going to bring a load of
privacy and security enhancements:

New PersonaCrypt Utility allows moving all of users $HOME directory to an
encrypted USB Drive. This drive can be connected at login, and used across
different systems

Stealth Mode allows login to a blank $HOME directory, which is encrypted with
a one-time GELI key. This $HOME directory is then discarded at logout, or
rendered unreadable after a reboot

Tor mode switches the firewall to running transparent proxy, blocking all
traffic except what is routed through Tor

Migrated to IPFW firewall for enabling VIMAGE in 10.2

~~~
danieldk
_New PersonaCrypt Utility allows moving all of users $HOME directory to an
encrypted USB Drive._

This is really a terrific idea with large/fast USB 3.0 drives becoming the
norm.

~~~
byuu
I'm not sure. If your goal of carrying your data with you is that you don't
trust it to stay secure on a system, then plugging in your USB stick to the
computer seems like a security risk right there. Once you decrypt it, another
person could have some kernel stuff running that grabs all your home data at
that time. If you trust the box, you may as well leave your data there with
regular encrypted home folders.

For the general idea of you having multiple computers and wanting to use the
same home folder on each of them, then the encrypted USB stick would be a nice
safeguard against accidentally losing said stick (prevents the finder from
reading it. As if even 1:1,000 random people would even be _able_ to read a
UFS or ZFS stick :P - of course, you should still encrypt anyway for that
case.)

Still a cool feature though.

~~~
ams6110
I think your second use case is probably the intended one. E.g I have several
computers at home and work that are all "trusted" and I want to conveniently
plug in my home directory on whichever one I'm using.

