gihyo.jp3d ago

第907回 Ubuntu 26.04 LTSのディスク全体暗号化(FDE)
https://gihyo.jp/admin/serial/01/ubuntu-recipe/0907?utm_source=feed

#gihyo #技術評論社 #gihyo_jp #技術動向 #技術解説 #業界動向 #OS #アプリケーション #ハードウェア製品 #Ubuntu #Resolute_Racoon #FDE #TPM #セキュリティ

第907回 Ubuntu 26.04 LTSのディスク全体暗号化(FDE) | gihyo.jp

FDEはFull Disk Encryptionの略で、ディスク全体を暗号化する仕組みのことです。来週リリース予定の26.04 LTSからはいよいよFDEが実用できそうな段階まできました。そこで今回はリリースに先だって紹介します。

gihyo.jp
openSUSE LinuxApr 9
Full Disk Encryption #FDE in #openSUSE just got better. The next #sdbootutil drops pcr-oracle in favor of systemd-pcrlock for better rollback protection, easier maintenance, and a simple two-command migration. 🛡️🐧 #Linux https://news.opensuse.org/2026/03/11/dropping-pcr-oracle/
Dropping pcr-oracle in user space Full Disk Encryption

Introduction In user space Full Disk Encryption (FDE), as opposed to the boot loader based FDE, developers for openSUSE supported signed policy and NVIndex p...

openSUSE News
Ralf BergsApr 8

#Microsoft sperrt #Veracrypt-Entwickler aus: Der Veracrypt-Entwickler kann die Windows-Variante seiner #verschlüsselung|ssoftware nicht mehr aktualisieren. Microsoft hat sein Konto gekündigt.

https://www.golem.de/news/keine-neuen-windows-versionen-microsoft-sperrt-veracrypt-entwickler-aus-2604-207334.html

Ich finde das eine riesen Sauerei! Ich habe VeraCrypt immer sehr geschätzt, weil es auf allen drei wichtigen Platfformen verfügbar war...

#FDE [2/...]

Keine neuen Windows-Versionen: Microsoft sperrt Veracrypt-Entwickler aus - Golem.de

Der Veracrypt-Entwickler kann die Windows-Variante seiner Verschlüsselungssoftware nicht mehr aktualisieren. Microsoft hat sein Konto gekündigt.

Golem.de
Sami LehtinenApr 2
Xubuntu 26.04 LTS (beta) - Installation with FDE failed. The preconfigured encrypted setup option, failed with Python arguments errors. And manually configured and partitioned setup failed, because it did not detect device mapped root correctly -> not possible to install on it. Let’s hope the final version fixes these both annoying issues. I did update the installer with latest version just before running the install, so the image had even older installer, which I didn’t use. #Xubuntu #LTS #LUKS2 #FDE #fail #installation #Linux
Jason YipMar 28
Is the #FDE role becoming less desirable? https://blog.pragmaticengineer.com/is-the-fde-role-becoming-less-desirable/
Is the FDE role becoming less desirable?

Job postings for Forward Deployed Engineers (FDEs) have surged, but many professionals don’t want the role because it’s more like solutions engineering than software development.

The Pragmatic Engineer
openSUSE LinuxMar 27
#openSUSE is dropping pcr-oracle from Full Disk Encryption #FDE in favor of #systemd-pcrlock. Better rollback protection, simpler #maintenance, and migration is just two commands. Details at https://news.opensuse.org/2026/03/11/dropping-pcr-oracle/
Dropping pcr-oracle in user space Full Disk Encryption

Introduction In user space Full Disk Encryption (FDE), as opposed to the boot loader based FDE, developers for openSUSE supported signed policy and NVIndex p...

openSUSE News
openSUSE LinuxMar 23
Big #security improvement for #openSUSE #FDE; pcr-oracle is being replaced by #systemd-pcrlock, which stores policy in #TPM2 non-volatile RAM and protects against rollback attacks. Time to migrate! 🔐 #Linux https://news.opensuse.org/2026/03/11/dropping-pcr-oracle/
Dropping pcr-oracle in user space Full Disk Encryption

Introduction In user space Full Disk Encryption (FDE), as opposed to the boot loader based FDE, developers for openSUSE supported signed policy and NVIndex p...

openSUSE News
Show threadErik van StratenMar 22

@SpaceLifeForm : a spare motherbord won't help just like that.

The actual encryption key is stored in a TPM chip (the rescue code is used to allow the system to access to the actual encryption key).

So even if you have a spare mobo, you'll have to transplant the TPM chip from the old to the new mobo.

The best advice: have a backup, as recent as possible. My backups are on VeraCrypt encrypted external (USB) HDD's.

#BitLocker #Veracrypt #FDE #FullDriveEncryption #TPM

openSUSE LinuxMar 11
#openSUSE is dropping pcr-oracle in Full Disk Encryption #FDE. systemd-pcrlock now handles #TPM2 policy, fixing rollback attacks and simplifying maintenance. Migration is just two commands! 🔒🐧 Find out more. #Linux https://news.opensuse.org/2026/03/11/dropping-pcr-oracle/
Dropping pcr-oracle in user space Full Disk Encryption

Introduction In user space Full Disk Encryption (FDE), as opposed to the boot loader based FDE, developers for openSUSE supported signed policy and NVIndex p...

openSUSE News
Show threadKevin Karhan Mar 2

@makepkg Reminds me of the @kalilinux ["detached LUKS header"]https://linuxconfig.org/how-to-use-luks-with-a-detached-headerhttps://linuxconfig.org/how-to-use-luks-with-a-detached-header and "LUKS-nuke-Password"...

#LUKS #Encryption #Linux #FullDiskencryption #FDE #ITsec #InfoSec #OpSec #ComSec