Ah I gotcha. Another option im considering is using a separate pc for windows and using a kvm to switch between them. That may be a good option for you as well if you can swing it.
I find it OK if you must use windows but it was fairly annoying to deal with and those annoyances are what got me to actually go for the whole Linux deal and I’m happy I switched.
Have you tried Open Tablet Driver (if your tablet is supported)? I use it on Wayland and it works perfectly for me, but I’m not an artist and I only use it to play osu!.
If the drive is mounted and data accessible, in case your computer is compromised by some kind of malware, well, the data will be easy to exfiltrate. Now, if the computer is turned off or the drive unmounted, that’s what encryption comes in to protect it.
So, basically, encryption will protect the data in case of physical theft of the drive or in case of remote hacking if the drive is un-mounted.
I had the expection that Linux is already set up as a multi-user environment and has that feature built in.
Of course that “isolation” of data, as I had it in my mind, wouldn’t be really secure, but it doesn’t have to be that for me. I just don’t want anyone to access it easily.
Perhaps it’s useful to provide some clarification here. As the other user stated, Linux is set up for multi-user setups and provides logical protection, but you seem to misunderstand how operating systems and file permissions work.
If someone steals your unencrypted hard drive and boots into their own operating system, they are able to circumvent all access control and permissions on your hard drive. This is because when they mount your hard drive your operating system isn’t running; they’re simply reading the stored data, so the access control and permissions set up by your operating system don’t mean anything. This happens with ALL operating systems (Linux, BSD, Windows, MacOS, etc.). Logical protection like access control is only useful while the OS is running, and it cannot help otherwise.
This is why encryption is important, because it prevents unauthorized access when the OS isn’t running. If you’d like to see just how easy it is to access unencrypted data, make a live USB and boot into it on any unencrypted computer (assuming you have permission to do so if you don’t own the computer). You don’t even need to extract the hard drive in most cases to read file contents, you can simply boot into a live USB. The only situation where this isn’t the case is when USB booting is disabled in the BIOS and the BIOS is password protected, but you could always just remove the CMOS battery to clear the settings to bypass the BIOS password anyway.
Unencrypted data will always be trivial to retrieve when the attacker is allowed physical access to your computer.
Simplified, there’s two layers to data protection, physical and logical. Linux or basically any correctly configured modern operating system provides logical protection, i.e. access under the running OS is only granted to authorized users. Granted you can still put holes in here, e.g. a webserver is misconfigured and allows access to any user to all files it can read. However, from the OS perspective, everything is fine, as the webserver can still only read what it’s allowed to.
Data encryption protects data at rest, i.e. when no operating system enforcing the logical protection is running. The case has already been described so I’m not gonna repeat that here.
It’s important to understand that in general, these two measures are completely seperate from each other. Device encryption won’t help against logical attacks, and logical protection won’t help against offline attacks. You need both if you can’t rule out an attack vector completely (i.e. your server sits in a secure safe that can’t be opened by anyone not authorized to, then encryption might not be necessary).
No poorly not. Just as Windows by default. Systemd-homed is a solution for that but afaik its questionable if its ready. Would be great if Distros like Fedora shipped it by default.
An encrypted system rather than an encrypted user partition is still necessary, because attackers could replace system files or simply add a service that uploads your stuff somewhere, or manipulate sudo, or log your password etc.
EEVDF has been an insane improvement for the desktop, I can compile programs while listening to music and watching videos without any issues since the update, the responsiveness when my computer is maxed out is amazing, and the perf hasn’t lessened any noticeable amount
I just did something similar last week. My criteria were 1) small form factor like a Chromebook, 2) not actually a Chromebook, 3) could swap out or install an m.2 SSD.
I ended up getting a harddrive-less old Latitude 3190 for 30$ off eBay, put a 256gb SSD in (had it lying around + that’s the max capacity supported I think), and ended up installing fedora KDE. It’s not perfect but for the price it’s amazing
Dang, that’s a nice deal. I think I want something with a bit more juice, as I would like to play Minecraft from time to time. I’m leaning towards used thinkpad
I am a software developer and am forced to have Windows on my work computer. WSL allows me to have a Linux terminal that I can use directly on my files without needed a VM.
But being forced to use a terminal to do anything is kinda hard to deal with if you’re not a developer. I’m probably guessing this didn’t bother you that much.
What are you trying to do on WSL? I think the whole point of WSL originally was to have a linux terminal on Windows, before they added graphics in WSL 2.
I was trying to run applications on it, similar to their Windows Subsystem for Android that they released as an update to Windows 11. I have to say, the latter is significantly easier to deal with imo.
Same. Well, not forced, but using Linux would just make everything more difficult. I like being able to drop to a shell and use a Linux environment with its useful utilities to manipulate stuff on my Windows PC.
Yeah, I could use mingw, but that is a pain, and I can’t just apt install stuff.
There’s also a package called gsudo which allows you to preface a PowerShell command with sudo to run it as an administrator. It will cause a UAC prompt.
<span style="color:#323232;">sudo choco update all
</span>
linux
Active
This magazine is from a federated server and may be incomplete. Browse more on the original instance.