Exactly, the onboarding experience needs to be super sleek and straightforward, you’ll be surprised to know how many creators don’t know how to configure their stuff, they usually ask their friends

Removed by mod

Removed by mod

Friend, a lot has happened from 1988, leadership changed, governments overthrown and/or overtaken, plots twisted, laws have been rewritten and other introduced, I’m talking within those countries…

take Algeria for example they recently had their presidential election, their (S)elected president promised them that he’ll build 3 hospitals in Gaza in less than 20 days ( he never did, and will never do )

Morocco just like Algeria is having Secret deals with the Israeli government, such as buying their Pegasus spyware

It seems like these governments are just using Palestinian cause to stay in power, they don’t care

I’m not talking about recognition that’s written on a piece of paper, I’m talking about actions

You’ll be surprised by how many Arab countries, actually don’t recognize Palestine ( with their actions ) ( e.g. Egypt, Morocco, Algeria, Saudi Arabia… And the list goes on )

Removed by mod

What it archives though and afaik is intended for is the possibility of easily and quickly “erasing” the disk by just overwriting that encryption key a couple times, I don’t remember if that used a special tool or something but if that is useful to you it probably wouldn’t be hard to find more info on this.

first of, apologies for the late reply… this reminds me of when I ( not so long ago ), used to overwrite random data into HDDs using Eraser, before selling my laptops or switching a company laptop, I hear SSDs are designed to last longer, so that practice ( of writing random data so it’ll erase the sensitive data ), is “kind of” a time waste now… but I guess it’ll make it hard to retrieve that data, unless the attacker has some specialized software and hardware

Samsung is a reasonably trustworthy company, not from US/UK, not Chinese, so if they say they have a clean implementation of this I’d trust them

I wouldn’t trust any company based only on their claims, they need to document ( explain how it works ), develop things in the open ( publish the firmware ), the schematics, even the CAD drawings… like what the folks at System76 and Framework are doing…

That said, it sure sounds cool to have that level of protection, if only Samsung wasn’t a shitty company already ( in my book )

Would be kinda a national security issue for them if it wasn’t seeing how Samsung is everywhere in gov an private sector in Korea.

I’m speculating here, but it wouldn’t be far fetched if they designed a secure encrypted clean hardware for the government with military grade encryption as they like to call it, while the end users receives only enough encryption power to protect against normie threat actors like a spouse…etc companies have these policies where they provide a premium/quality products for businesses and governments but cheap or in many cases poorly made products to end users … like Windows Home

I heard from people who have tried both Void and Alpine, that Void is much more easier to use as a desktop OS while Alpine is more suited as a server OS…

but if they want to get at the data they’ll just pull the HD and run code-breaking software on it on and entirely different super-computer. TPM won’t help you at all in that case.

You make it sound so easy and doable, but the reality is that without meeting certain conditions such as the existence of the original TPM chip, a brute force attack will render the data irretrievable… And even if I’m wrong in the last part, that would still be a pain in the butt for the attacker… and it’ll buy me time… like you said … belts-and-suspenders

This doesn’t sound to me as if you’re concerned about espionage

Because i don’t have second chances, which is why I wish there’s way to erase everything by entering a key combination… somehow… Idk… like Android has that…

Oh, I never heard of this one before, it certainly meets the criteria, I read the documentation to understand it more

yes, the developer seem very opinionated :|

Idk if FDE is enough, what if the attacker can modify the boot code to capture the decryption keys and other stored passwords ? as far as I know this is exactly what secure boot protects against, it checks the validity of the boot code using the TPM chip, if it’s already there, why don’t most distros use it ? instead you’ll see that secure boot is greyed out in the Bios ( which means it’s not supported )

and yes, I did lock down the Bios too, with a different password

Edit: I’ll check EndevourOS documentation, Mint is cool but it doesn’t adobt newer standards or newer kernels ( newer kernels are just much more secure )