In the past few days, there have been uncertainties and concerns about the LUKS (“Linux Unified Key Setup”) disk encryption, which is widely used on Linux. We publish our assessment of this here.
This blog post doesn't look like a valid show hn[0]; "Show HN is for something you've made that other people can play with", the first example of off topic is a blog post
It’s a very interesting article, and I didn’t even notice “Show HN” in the title until seeing your comment, but you’re correct there’s no project that we can try.
I was wondering how they were able to add a description, which isn’t usually possible for link submissions.
> It’s a very interesting article ...
Thank you.
> I was wondering how they were able to add a description, which isn’t usually possible for link submissions.
This is what was displayed to me at /submit: https://share.riseup.net/#urogFVqxhsFzmJ9YgaMgLQ
This reminds me of the true crypt project which was suddenly “not safe anymore” (NSA). Now I wonder if that was a simple hint about the pbkdf2 being utterly broken.
Digression: A month or two ago I had zero experience with this stuff. But have a once very nice high-end laptop that is now several years old. I'd replaced it with a new one and tried to sell it, for what I thought was a measly $350. Was close to 10x that price new with accessories. But, I learned folks just won't pay reasonably for a used PC.
Was bummed but came across a comment here. "Blah, blah using as a travel laptop now blah…" Woah, that's it! Have been skittish about traveling with my laptop due to reading horror stories at the border. Has my whole life on it. Plus a great excuse to try out stuff I never had much time for.
So I paved the old laptop with the latest Fedora KDE and Wayland, enabled LUKS2, long password, and even figured out Secure Boot. (Have been using a non-encrypted Debian/X setup for a decade+.)
One unexpected thing is that it encrypts the root partition (though not /boot). Guess I was expecting only /home ?
Cloned my work locally and now ready to travel! Hopefully no border guards pull out a wrench. (xkcd 538 ;-)
Still haven't figured out how to confirm it is using Argon2 however. EDIT:
sudo cryptsetup luksDump /dev/foo0p3
The setup subcommand also prints useful information, but unfortunately not the derivation function.
[0]: https://news.ycombinator.com/showhn.html