Lennart: Linux Comes Up Short Around Disk Encryption, Authenticated Boot Security
1 min read
Sep 24, 2021
Most Linux distros are currently coming up short from offering adequate security around full disk encryption and authenticated boot. Prominent Linux developer Lennart Poettering even argues that your data is "probably more secure if stored on current ChromeOS, Android, Windows or macOS devices."
Lead systemd developer Lennart Poettering wrote a lengthy blog post today around the state of authenticated boot and disk encryption on Linux. While many Linux distributions offer full-disk encryption, offer UEFI SecureBoot, and begun embracing TPMs, many of the technologies aren't being used to their best potential yet especially now by default / out-of-the-box.
Lennart's short summary of the situation is:
Linux has been supporting Full Disk Encryption (FDE) and technologies such as UEFI SecureBoot and TPMs for a long time. However, the way they are set up by most distributions is not as secure as they should be, and in some ways quite frankly weird. In fact, right now, your data is probably more secure if stored on current ChromeOS, Android, Windows or MacOS devices, than it is on typical Linux distributions.
The link for this article located at Phoronix is no longer available.
Related Articles
1 - 0 min read
KDE Issues Warning After Theme Wipes Linux Users
1 - 0 min read
Open Source is Not Insecure, Despite Common Misconceptions
1 - 0 min read
Hacked VMs Reveal New Attack Risks
