feddit.org

1,857 readers
493 users here now

Matrix Raum
Matrix Space

Static Badge

Wir sind eine deutsch- und englischsprachige Lemmy Community und entwickelten uns aus feddit.de heraus.

Feddit.org dient als Reddit-Alternative im Fediverse.

Wir sehen uns als einen selbstbestimmten Raum, außerhalb der Kontrolle kommerzieller Tech-Unternehmen.

Netiquette wird vorausgesetzt. Gepflegt wird ein respektvoller Umgang - ohne Hass, Hetze, Diskriminierung.

Alternative Oberflächen:

Werden euch Posts/Kommentare nicht angezeigt?

Diese Community ist spendenfinanziert und wird von der Fediverse Foundation unterstützt.

Serverregeln

Wir tolerieren kein diskriminierendes Verhalten und keine Inhalte, die die Unterdrückung von Mitgliedern marginalisierter Gruppen fördern oder befürworten. Diese Gruppen können durch eine der folgenden Eigenschaften gekennzeichnet sein (obwohl diese Liste natürlich unvollständig ist):

  • ethnische Zugehörigkeit
  • Geschlechtsidentität oder Ausdruck
  • sexuelle Identität oder Ausdruck
  • körperliche Merkmale oder Alter
  • Behinderung oder Krankheit
  • Nationalität, Wohnsitz, Staatsbürgerschaft
  • Reichtum oder Bildung
  • Religionszugehörigkeit, Agnostizismus oder Atheismus

Wir tolerieren kein bedrohliches Verhalten, Stalking und Doxxing. Wir tolerieren keine Belästigungen, einschließlich Brigading, Dogpiling oder jede andere Form des Kontakts mit einem Benutzer, der erklärt hat, dass er nicht kontaktiert werden möchte.

  • Sei respektvoll. Alle sind hier willkommen.
  • Kein Rassismus, Sexismus, Ableismus, Homophobie, oder anderweitige Xenophobie
  • Wir tolerieren kein Mobbing, einschließlich Beschimpfungen, absichtliches Misgendering oder Deadnaming.
  • Wir dulden keine gewalttätige nationalistische Propaganda, Nazisymbolik oder die Förderung der Ideologie des Nationalsozialismus.
  • Aktionen, die diese Instanz oder ihre Leistung beschädigen sollen, können zur sofortigen Sperrung des Kontos führen.
  • Provokationen können nach Ermessen der Moderation entfernt werden
  • Toxisches Verhalten wird nicht geduldet
  • Keine Werbung und Eigenwerbung
  • Kein Spam
  • Keine Pornografie / Adult Content
  • In Deutschland, Österreich oder Schweiz illegale Inhalte werden gelöscht und können zur sofortigen Sperrung des Accounts führen.

AttributionThis text was partly adapted and modified from chaos.social. It is free to be adapted and remixed under the terms of the CC-BY (Attribution 4.0 International) license.

 
Datenschutzerklärung

TOM


Matrix Room
Matrix Space

We are a German and English-speaking Lemmy community that evolved from feddit.de.

Feddit.org serves as a Reddit alternative in the Fediverse.

We see ourselves as a self-determined space, outside the control of commercial tech companies.

Netiquette is expected. A respectful interaction is maintained - without hate, harassment, discrimination.

Alternative UIs:

Are you missing posts/comments?

Serverrules

We do not tolerate discriminatory behavior or content that promotes or advocates the oppression of members of marginalized groups. These groups may be characterized by any of the following (though this list is of course incomplete):

  • ethnicity
  • gender identity or expression
  • sexual identity or expression
  • physical characteristics or age
  • disability or illness
  • nationality, residency, citizenship
  • wealth or education
  • religious affiliation, agnosticism, or atheism

We do not tolerate threatening behavior, stalking, and doxxing. We do not tolerate harassment, including brigading, dogpiling, or any other form of contact with a user who has stated that they do not wish to be contacted.

  • Be respectful. Everyone is welcome here.
  • No racism, sexism, ableism, homophobia, or other xenophobia
  • We do not tolerate bullying, including name-calling, intentional misgendering, or deadnaming.
  • We do not tolerate violent nationalist propaganda, Nazi symbolism or the promotion of the ideology of National Socialism.
  • Actions intended to damage this instance or its performance can lead to immediate blocking of the account.
  • Provocations can be removed at the discretion of the moderators
  • Toxic behavior will not be tolerated
  • No advertisements and self-advertisement
  • No spam
  • No pornography / adult content
  • Content that is illegal in Germany, Austria or Switzerland will be deleted and can lead to an immediate ban of the account.

AttributionThis text was partly adapted and modified from chaos.social. It is free to be adapted and remixed under the terms of the CC-BY (Attribution 4.0 International) license.

 
Data-Protection-Policy

TOM

This community is powered by donations and supported by Fediverse Foundation.

Static Badge

founded 5 months ago
ADMINS
1
 
 

Full Disk Encryption is planned to be introduced in the forthcoming release candidate of the Aeon Desktop to enhance data security for its users.
The feature is expected to be included in the upcoming Release Candidate 3 (RC3).

Full Disk Encryption is designed to protect data in cases of device loss, theft or unauthorized booting into an alternative operating system.
Depending on the hardware configuration of a system, Aeon's encryption will be set up in one of two modes: Default or Fallback.

Default Mode

The Default Mode is the preferred method of encryption provided the system has the required hardware. This mode utilizes the Trusted Platform Module(TPM) 2.0 chipset with PolicyAuthorizeNV support (TPM 2.0 version 1.38 or newer). In this mode, Aeon Desktop measures several aspects of the system's integrity. These including:

  • UEFI Firmware
  • Secure Boot state (enabled or disabled)
  • Partition Table
  • Boot loader and drivers
  • Kernel and initrd (including kernel command line parameters)

These measurements are stored in the system's TPM. During startup, the current state is compared with the stored measurements. If these match, the system boots normally. If discrepancies are found, users are prompted to enter a Recovery Key provided during installation. This safeguard ensures that unauthorized changes or tampering attempts are flagged.

Fallback Mode

The Fallback Mode is employed when the necessary hardware for Default Mode is not detected. This mode requires users to enter a passphrase each time the system starts. While it does not check system integrity as comprehensively as Default Mode, Secure Boot is strongly recommended to ensure some level of security, confirming that the bootloader and kernel have not been tampered with.

Contrary to initial concerns, Default Mode is not less secure than Fallback Mode despite not requiring a passphrase at startup. The strong integrity checks in Default Mode protect against attacks that could bypass normal authentication methods. For example, it can detect changes to the kernel command line that could otherwise allow unauthorized access. Furthermore, it safeguards against modifications to initrd thereby preventing potential passphrase capture in Fallback Mode.

Secure Boot, while optional in Default Mode due to the comprehensive integrity checks, is critical in Fallback Mode to maintain system security. Disabling Secure Boot in Fallback Mode increases vulnerability to tampering and attacks aimed at capturing the passphrase.

Aeon's implementation of Full Disk Encryption provides robust security options tailored to the capabilities of users' hardware. By offering both Default and Fallback modes, Aeon ensures that all users can benefit from enhanced data protection.

The inclusion of this feature in RC3 marks a significant step forward in safeguarding user data against potential threats.
Aeon users are encouraged to read and bookmark the Aeon Encryption Guide.

More Information about openSUSE:

Official

Fediverse

(Image made with DALL-E)

2
 
 

Full Disk Encryption is planned to be introduced in the forthcoming release candidate of the Aeon Desktop to enhance data security for its users.
The feature is expected to be included in the upcoming Release Candidate 3 (RC3).

Full Disk Encryption is designed to protect data in cases of device loss, theft or unauthorized booting into an alternative operating system.
Depending on the hardware configuration of a system, Aeon's encryption will be set up in one of two modes: Default or Fallback.

Default Mode

The Default Mode is the preferred method of encryption provided the system has the required hardware. This mode utilizes the Trusted Platform Module(TPM) 2.0 chipset with PolicyAuthorizeNV support (TPM 2.0 version 1.38 or newer). In this mode, Aeon Desktop measures several aspects of the system's integrity. These including:

  • UEFI Firmware
  • Secure Boot state (enabled or disabled)
  • Partition Table
  • Boot loader and drivers
  • Kernel and initrd (including kernel command line parameters)

These measurements are stored in the system's TPM. During startup, the current state is compared with the stored measurements. If these match, the system boots normally. If discrepancies are found, users are prompted to enter a Recovery Key provided during installation. This safeguard ensures that unauthorized changes or tampering attempts are flagged.

Fallback Mode

The Fallback Mode is employed when the necessary hardware for Default Mode is not detected. This mode requires users to enter a passphrase each time the system starts. While it does not check system integrity as comprehensively as Default Mode, Secure Boot is strongly recommended to ensure some level of security, confirming that the bootloader and kernel have not been tampered with.

Contrary to initial concerns, Default Mode is not less secure than Fallback Mode despite not requiring a passphrase at startup. The strong integrity checks in Default Mode protect against attacks that could bypass normal authentication methods. For example, it can detect changes to the kernel command line that could otherwise allow unauthorized access. Furthermore, it safeguards against modifications to initrd thereby preventing potential passphrase capture in Fallback Mode.

Secure Boot, while optional in Default Mode due to the comprehensive integrity checks, is critical in Fallback Mode to maintain system security. Disabling Secure Boot in Fallback Mode increases vulnerability to tampering and attacks aimed at capturing the passphrase.

Aeon's implementation of Full Disk Encryption provides robust security options tailored to the capabilities of users' hardware. By offering both Default and Fallback modes, Aeon ensures that all users can benefit from enhanced data protection.

The inclusion of this feature in RC3 marks a significant step forward in safeguarding user data against potential threats.
Aeon users are encouraged to read and bookmark the Aeon Encryption Guide.

More Information about openSUSE:

Official

Fediverse

(Image made with DALL-E)

3
 
 

OpenSuse leading the development in regards to boot security, an area in which Linux Distros are lagging behind other operating systems.

Full Disk Encryption is designed to protect data in cases of device loss, theft or unauthorized booting into an alternative operating system. Depending on the hardware configuration of a system, Aeon’s encryption will be set up in one of two modes: Default or Fallback.

Default Mode:

This mode utilizes the Trusted Platform Module(TPM) 2.0 chipset […], Aeon Desktop measures several aspects of the system’s integrity. These including:

  • UEFI Firmware
  • Secure Boot state (enabled or disabled)
  • Partition Table
  • Boot loader and drivers
  • Kernel and initrd (including kernel command line parameters)

These measurements are stored in the system’s TPM. During startup, the current state is compared with the stored measurements. If these match, the system boots normally.

view more: next ›