LUP 572: Data Security Only a Maniac Could Love¶
- Air Date: 2024-07-21
- Duration: 91 mins 29 secs
About this episode¶
Wes' self-decrypting bcachefs disk and a GrapheneOS twist that'll make you ditch your iPhone.
Your hosts¶
Sponsored by¶
- Core Contributor Membership: Take $1 a month of your membership for a lifetime!
- Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!
- 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.
Episode links¶
- 💥 Gets Sats Quick and Easy with Strike
- 📻 LINUX Unplugged on Fountain.FM
- clevis — Clevis is a pluggable framework for automated decryption. It can be used to provide automated decryption of data or even automated unlocking of LUKS volumes.
- bcachefs Encryption
- What measured boot and trusted boot means for Linux
- Automatically decrypt your disk using TPM2 — Entering the passphrase to decrypt the disk at boot can become quite tedious. On modern systems a secure hardware chip called “TPM” (Trusted Platform Module) can store a secret and automatically decrypt your disk. This is an alternative factor, not a second factor. Keep that in mind.
- Use systemd-cryptenroll with FIDO U2F or TPM2 to decrypt your disk
- Automatic LUKS 2 disk decryption with TPM 2 on Fedora
- Safe automatic decryption of LUKS partition using TPM2 | 221b
- FOSDEM 2024: Clevis/Tang - unattended boot of an encrypted NixOS system
- Clevis & Tang on NixOS Slides
- Decrypt LUKS volumes with a TPM on Fedora Linux
- Self-Hosted 127: Can't Fix What You Don't Track
- Garmin Forerunner 265 — Forerunner 265 is a running smartwatch with a touchscreen AMOLED display, training metrics, phone-free music, & up to 13 days of battery life in smartwatch
- HRV Status
- Garmin Sleep Tracking
- Nap Detection
- Garmin Pay
- Tribit Stormbox Micro 2 Wireless Portable Speaker: 10W
- USB-C Charging Converter for Garmin Watch Without Charger Cable
- Obtainium — Obtainium allows you to install and update apps directly from their releases pages, and receive notifications when new releases are made available.
- Managing your personal access tokens
- Membership Summer Discount — Take $1 a month of your membership for a lifetime!
- Iotas — Iotas aims to provide distraction-free note taking with optional speedy sync with Nextcloud Notes.
- LINUX Unplugged 567: So Long sudo
- Celeste — GUI file synchronization client that can sync with any cloud provider
- vt52's Blog: Migrating from NixOS channels to Flakes
- FUTO Keyboard
- autossh
- LINUX Unplugged 570: RegreSSHion Strikes
- Aeon — The Linux Desktop for people who want to "get stuff done"
- Aeon: openSUSE for lazy developers
- Grayjay — Follow Creators Not Platforms
- Grayjay on GitLab
- CrowdSec
- Bustle — Bustle draws sequence diagrams of D-Bus activity. It shows signal emissions, method calls and their corresponding returns, with time stamps for each individual event and the duration of each method call. This can help you check for unwanted D-Bus traffic, and pinpoint why your D-Bus-based application is not performing as well as you like. It also provides statistics like signal frequencies and average method call times.
- open-and-shut — Type in Morse code by repeatedly slamming your laptop shut
Tags¶
apple watch killer, automated decryption, autossh, barix, bazzite, bcachefs, bcachefs encryption, bcachefs on rootfs, blue bubbles, bluefin, boot chain, bustle, celeste, clevis, coinbase, contactless payment, crowdsec, disk encryption, encryption, fedora, flakes tutorial, fosdem, framework 13, futo, futo keyboard, garmin, gentoo challenge, gigawatt boost, github rate limiting, grapheneos, grayjay, guix, iotas, jupiter broadcasting, libreoffice, linux podcast, linux unplugged, luks, measured boot, morse code, nextcloud, nixos, obtainium, open-and-shut, opensuse aeon, pcr, pcr 7, rclone, rolling release, rust, slam your laptop lid, sleephq, smartwatch, systemd-cryptenroll, tang, that hash lifestyle, tpm, windows outage, 🦒