Hacker News new | comments | show | ask | jobs | submit login

It's the norm for GNU/Linux users who run it on the bare metal of their laptops, in my experience. I haven't seen a laptop boot a linux distro without a LUKS passphrase prompt in years.

I can't say the same for Windows and Mac users.

Last two employers recommended FDE but made no strict requirements because apparently it was non-trivial for non-Linux users.

It's a no-brainer feature for any sufficiently fast portable device. If the installer supports it why would you disable it? I haven't had to worry about the data on my laptops should they be stolen for what must be over a decade now, GNU/Linux has supported it that long.






OK, I'm impressed. But I think that we've been talking past each other. When you say it's the norm, you mean among your peers, right? Technical people. Start up, enterprise, etc.

Me, I've been talking about PC users, generally. Not just Linux, and not just technical people. Sadly enough, I doubt that FDE is very common, let alone the norm.

And even worse, for many it'd likely be a curse. Inexperienced people don't do well at keeping track of complex passphrases, keys and so on. I've seen that over the years in forums where people plead for help to access TrueCrypt volumes. After losing passphrases, accidentally formatting, and so on.


The context of this thread was Linux and being able to circumvent the boot process via something like init=/bin/sh in the boot parameters. Someone pointed out that strategy doesn't really work with FDE, which was challenged as being uncommon.

I am only speaking to the prevalence of FDE among Linux users; it's not uncommon.

You're correct in that these are technical people. Most people running a GNU/Linux distro on bare-metal in their possession are at least somewhat technical, wouldn't you agree?




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: