• 0 Posts
  • 9 Comments
Joined 1 year ago
cake
Cake day: June 18th, 2023

help-circle



  • Encrypting user data is pretty standard in the industry, and even required by law in the instance of servers hosting medical information in the US. Consumer software for disk encryption like you mentioned is substantially different from usual encryption solutions employed by data centers. Whole disk encryption is commonly done at a firmware or hardware level. For an example, iPhone embedded storage is fully encrypted and tied to the rest of the phone’s hardware. No user input required.

    It wouldn’t have mattered if the guy had encryption any way because, as the article mentioned:

    To make matters worse, it appears that the admin targeted in the raid was in the middle of maintenance work which left would-be-encrypted material on the server available in unencrypted form at the time of seizure.



  • this is a seperate issue, and no, it wouldn’t fix the issue, maybe improve it a little though. as stated in the article, not everything would be in ~/.config/kde, and IME there are files scattered over ~/.local/share that you might also consider config you want to export.

    Personally, I’ve tracked down 80-90% of the settings I care about and put them in git, but it was tedious, and some things can’t really be shared across machines, while some other things need to be cleared of machine specific information to work as a new “default base config”


  • i haven’t looked too deeply into it, but a lot of kde config files already have some sort of update and version data. transitioning to new locations shouldn’t be TOO difficult. I think everyone can agree it should be done. I imagine that naming and specific locations could turn into bikeshedding though.

    It’s been tempting for me to use some LD_PRELOAD magic to clean things up. I’m the kind of person that keeps my home directory read-only and uses custom environment variables for particularly egregious applications.