Why would you use this when there is LUKS?

Will use luks when it's on Windows. Don't want to use a non-functioning od just to play tinfoil. I have no cp to hide.

You don't encrypt your laptop?
What will you do when Tyrone takes it and your personal data?

I don't know anyone by that name

You mom/sister/g̶i̶r̶l̶f̶r̶i̶e̶(yeah nah)/boyfriend does though.

>when it's on Windows
>when Linux Unified Key Setup is on Windows

why would i use it

tell me your avreage Joe what is such a pro that I should use full operating system encryption

>there are users on Sup Forums that don't do full operating system encryption
Fuck you nigga, I used full disk encryption with veracrypt and luks. both of them fucked me over. veracrypt kept telling me my password is incorrect even though it wasn't, i even tried to restore the master key or w/e the fuck it is called using the recovery disk. guess what? IT NEEDS YOUR PASSWORD WHICH IS WRONG, EVEN THOUGH IT'S NOT! FUCK THAT JEW SHIT. LUKS IS FOR KEKS.

/THREAD

HEIL HITLER

Nope. It passed audit.

>strikethrough
HOW?

luks and dm crypt are pain to use if you want a non standart setup

I wanted to have a separate bootloader on a removable media and was unable to so because its a feature but its almost undocumented
This is piss easy with truecrypt (only on windows though, linux version doesnt have this)
I assume same is for veracrypt( I went with satandart luks in the end and havent actually used veracrypt)

>Please, come steal my info, I have nothing to hide!

̶L̶i̶k̶e̶ ̶t̶h̶i̶s̶,̶ ̶y̶o̶u̶ ̶P̶u̶s̶s̶y̶-̶F̶a̶g̶g̶o̶t̶-̶N̶i̶g̶g̶e̶r̶!̶

Why not both? Disk encryption with luks, usb and special files vera. or better yet tomb.

How to full disk encryption with dual-boot? Help me anons!

Because when I installed openSUSE with full disk encryption it was a buggy piece of shit. For example, I noticed I couldn't install packages because it told me I have no space left, even though I had plenty of GBs, there were problems with mounting encrypted partitions, etc... Thanks, no, I will use VeraCrypt that I trust and has never failed me.

VeraCrypt gives you plausible deniability with its hidden containers.

you don't have to know Tyrone, Tyrone knows about your sweet Laptop and just sees some bucks in it, he simply doesn't care about who you are, he just wants to steal.

Are both Linux/BSD?

What's the point of encrypting your disk if the hardware spyware in your CPU just reads your key from memory and sends it to the NSA

I use VeraCrypt because it's based on the TrueCrypt codebase, it's security was proven in U.S. federal court. The feds were unable to break the encryption on some degenerates laptop. Plus it has undergone a security audit and all issues found were fixed.

LUKS/dm-crypt has hardly any documentation at all and most installers don't let you change the options, hell they don't even inform you what default options they're using so you have no idea if Ubuntufagdevs or Fedorafagdevs have any fucking idea about secure encryption settings and standards.

VeraCrypt supports cascading algorithms, LUKS/dm-crypt doesn't.

Anyone that uses LUKs is a tard.

LUKSI use for FDE encryption of my private nonillegal data.
>just works
>theftproof

Veracrypt allows for plausible denieability of any data.
>more secure
>no proof there's a hidden partition

SIEG HEIL

The speed of LUKS vs Veracrypt system encryption cannot be compared, on windows it takes me about 20 seconds to decrypt and then it starts the boot process, on LUKS it takes about 5 seconds.

anyways, you cannot use VeraCrypt in Linux for system encryption simply because LUKS is superior in every way.

No

Two reasons: Tyrone and Ivan.

LUKS does not have plausible denieability

maybe your password really was wrong

Check out DeLUKS
I remember that it can have multiple hidden volumes, not just 1 with VeraCrypt

>H̶e̶ ̶c̶a̶n̶'̶t̶ ̶d̶o̶ ̶b̶a̶s̶i̶c̶ ̶s̶t̶r̶i̶k̶e̶ ̶t̶h̶r̶o̶u̶g̶h̶ ̶
W̶h̶a̶t̶ ̶a̶ ̶p̶l̶e̶b̶

Even the default options are strong enough. You can check after install what cipher was used. Just use the man page for cryptsetup.

Plausible deniability is a meme. They'll still know there's something there because of random data. No one will believe you just filled the hard drive with random data; they'll know it must be encrypted.

Don't have a hidden volume? Too bad. They'll beat you to death for giving them some decoy operating system that seems rather underused.

>check after install

>not testing out various distributions in virtual machines
>not knowing you can actually make an encrypted partition with your security options in the live cd through terminal and then trick the installer in using that

>rape your SSD to encrypt shit no one gives a fuck about

loonixfags are so fucking bored and their time is so fucking worthless, holy shit

I don't know how VeraCrypt compares to LUKS however I do know that lucks fucking sucks.

>no integrity check
>doesn't allow you to use chacha20 nor ctr mode
ZFS and bcachefs are better for encryption.

Post your reasoning. Why do you believe that LUKS is compromised?

>fucked his password
>blames veracrypt
And what is your story iwth LUKS?

[ s]Like this[ /s] (without the spaces)
̶L̶i̶k̶e̶ ̶t̶h̶i̶s̶

>>rape your SSD
???

Even trips won't save your clueless attempt to be less stupid than you actually are

What you are describing is totally possible and takes a few extra lines on your config. Learn how to use a computer.

>Never understood why people encrypt on closed source Windows because the OS is a higher level.
If I had to use windows, I would probably have it enable in case thieves stole my laptop.

>No on will believe
it doesn't matter whether anyone believes you, it matters whether they can prove something

ofcourse last resort to break any encryption is to beat the key out of a person. if the key isn't lost or corrupted, everybody breaks eventually

Veracrypt on both Windows and Linux. I make encrypted containers for my porn. God forbid I die in a car crash or something stupid I can't predict, last ting I need is my family finding my porn stash and all the non vanilla fetishes mixed in. Also encrypted container for all of my plain text documents that contain usernames and passwords for every and all of my accounts I've ever made on the Internet.

Also can someone please tell me what the fuck moving my mouse around randomly before making a container has do with cryptographic strength?

It's some unicode hack that makes it look like it's stricken through, kinda like that zalgo text, and not a 4chin feature. Google unicode strikethrough and click on the first result.

I dual boot and have full disk encryption, but only linux is encrypted (not so full disk after all), since I only use windows for gaymen, but I guess I could turn on the default windows encryption shit and have everything encrypted. If both OSes are linux distros, then setting up FDE should be piss easy.

>can someone please tell me what the fuck moving my mouse around randomly before making a container has do with cryptographic strength?

This question indicates broader confusion about what pseudorandomness and cryptography are or how they're corollary. I.e., brainlet

>They'll still know there's something there because of random data.
Wouldn't free space on any hard disk look like it's filled with random data after some use? Like if you download some movies, delete them, download some more, delete them again, repeat twenty times.

>I don't really know user

See how much easier that was to say?

I forgot to mention that you could also argue that you DBANned it in the past with the mersenne twister option.

I trust that Sup Forums recognizes that the present move for any serious neckbeard nowadays is encryption + RAID1+. Software RAID, which is the easiest (although far easier in Windows than in Linux, not unlike drive encryption) is at the whim of the OS, so NAS boxes like Drobos seem like the best solution. Unfortunately, these devices don't support drive encryption, AFAIK. In that case, you're probably left looking at an FTP server running Linux with LUKS and software RAID to maintain a secure, redundant, *and* OS agnostic filebase.

Thoughts?

The entire volume is encrypted. It looks encrypted. You decrypt to the hidden volume. It resolves to the hidden volume. It looks decrypted. In other words,

>They'll still know there's something there because of random data.

is brainlet nonsense.

This indicates an ignorance about auditing practices that's being projected upon others free of it. I.e., brainlet status quo maintained

>Also can someone please tell me what the fuck moving my mouse around randomly before making a container has do with cryptographic strength?
generating entropy. if you'd use some prng instead of real entropy, one would only need to know it's initial state to recreate your keys.

This post enlightens one about basic concepts such as entropy and key salting to which they must have been ignorant to take any sustenance from.

If they didn't, their question must be about whether the function that takes in mouse positions and uses them as added entropy actually works and isn't just bogus. This reveals an ignorance about the auditing of open-source software as in

>Why would you use this when there is LUKS?
because only one thing can exist ever with no exception, fuck alternatives and fuck choice

if you want to protect against thieves, BitLocker is enough.
Maybe you have something to hide, user?

You can use {True,Vera}crypt containers withing LUKS. Checkmate, smug loli.

I meant that if I had to use windows, I would probably enable bitlocker.

>le "Plausible deniability is a meme" meme
You fell for it as well.
>They'll still know there's something there because of random data. No one will believe you just filled the hard drive with random data; they'll know it must be encrypted.
"No".
A simple "I tested the drive with badblocks and for now I've partitioned only what I use, I haven't made up my mind yet" will suffice. Moreover, scanning for a LUKS headers is something you can do with strings and grep, where a statistical analysis of the entropy on the drive will require an in-depth analysis (and still, you have absolutely plausible excuses).
>tfw all the used laptops I tinkered with had their HDD DBAN'd by average Windows users
>DBAN is suddenly not plausible

If I had to use Mac, I'd use nothing else than FileVault. Literally no reason to use anything else.

Yes

Why do you try to sound like you're so smart?

does anyone else's VeraCrypt freeze other programs when dismounting or mounting a container sometimes?

Or is the arab developer not optimizing for Ryzen yet?

Using LUKS/VeraNSA/TrueCIA when you could dm-crypt in plain mode leaving no "header" and only random data.

>In order to unlock the encrypted root partition at boot, the following kernel parameters need to be set by the boot loader:

>cryptdevice=UUID=:cryptroot root=/dev/mapper/cryptroot

>"no "header""

>t. brainlet

[s]t..test[/s]

Computers can't generate random keys without some sort of interaction aside from gathering I/O performance, running processes random data is better when user interaction is involved. I would argue monitoring the microphone or webcam for a few minutes would help also.

>only one password/keyfile
>can't change password/keyfile ever
>has to remember the exact settings if there's any deviation from the defaults
>too much of a brainlet to detach headers
>laughs for no reasons
it's Dunning-Kruger season on Sup Forums

[spoiler][/spoiler][spoiler][strikethrough][s]don't you lie to me[/s][/strikethrough][/spoiler][spoiler][/spoiler]

>Linux unified key setup is on Windows
U wot m8

This.

God damn, the ZFS encryption fork in the AUR is hot. Wish it made it to stable.

Those Drobos better run ZFS, as that's the only thing worth putting data on.

Not a bad solution.
Data is moderately more resilient for layering with advanced filesystems by eliminating the single point of failure that is the header.

The only thing left to do is to pull the EFI bootloaders of all your devices onto a USB and sleep with it on your person.

>I need my python helloworlds, hentai collection and welfare check scans completely protected
The state of this board.

To expand on this, how many have protection against Evil Maid attacks? Where a maid or someone else gains access to the laptop and installs a keylogger into your boot sector?

I, myself, would like to make use of Secure Boot for this, but Debian doesn't yet support it.

>Because when I installed openSUSE with full disk encryption it was a buggy piece of shit. For example, I noticed I couldn't install packages because it told me I have no space left, even though I had plenty of GBs, there were problems with mounting encrypted partitions, etc... Thanks, no, I will use VeraCrypt that I trust and has never failed me.
This is the fault use openSUSE's BTRFS subvolume scheme, not dm-crypt/LUKS.

>evil Rem just installs keylogger into the keyboard itself or flashes the EFI firmware.

>laptop
>no keyboard

As for flashing the EFI, how would that be done if Secure Boot is enabled, preventing booting to another disk?

Would replace the board but being a laptop, this isn't something that could be quick to do.

>Post your reasoning

>reasoning
>Sup Forums
Yeah right

>there are users on Sup Forums that don't do full operating system encryption
You mean full disk? AFAIK it's not authenticated encryption.

>Not a bad solution
I love how totally clueless people pretend to have an opinion.
>Data is moderately more resilient for layering with advanced filesystems by eliminating the single point of failure that is the header.
That's not what is the header for.