Renegade

Wonder how this compares with deadcells.

For casual use the average person may have a higher likelyhood of getting a high quality config on something like bitlocker because of good default on things like UEFI security. For example secure boot is often disabled on Linux.

Linux guides on system encryption are hit and miss. Idealy you add cryptsetup to the UEFI partition, no need to leave boot or, if you choose to have it, swap unencrypted.

Properly configured dmcrypt on linux is more trustworthy I would argue, but all other factors involved matter.

The usecase for system encryption is pretty narrow. I would recomment further reseach and think more broadly about your security. Are you one of those users who is going to run qubes or just playing games. Have you though about something like intel me, because there are people who disable it or even use other architectures like Power10.

The underlying encryption itself is not an OS specific thing, so its really just down to the features config options, trust worthyness of the implementation, etc.

As a sidenote, I think the more "serious" encryption options like dm-crypt don't cater towards windows usually.

I think veracrypt and bitlocker are adequate options and the choice will depend on your threat model. Trust a closed source first party tool or an open source third party tool.The ultra-paranoid will probable find problems with both. For casual use, if you are trusting windows anyway I personally dont see the issue with using its encryption as well. In practical terms I think its more important to ensure that whatever tool you are using is configured correctly for your usecase and that the rest of your opsec is up to par (eg password vs tpm based encryption, how you are handling backups, algorithm, hidden partition, etc...) In that sense the best tool is the one you know how to use correctly.

Rush eventually decided that he would not attempt to have the Titanic-bound vehicle classed by a marine-certification agency such as DNV.

I have read elsewhere that certifivation was declined.

Yea ISO27000 stuff is basic but its still a long list to all check off. I was also initially suprised how high level it all is.

Thank you

Would it be possible too get an updated analysis now that more time has passed.

Factorio is in the minority IMO. My experience has been that indie games will often, say that they probablely wont do sales as a way to engourage purchases during beta and then a bit after release when there are potential financial benefits on the line they do sales anyway. I am totally not speaking from first hand experience /s.

Sounds fun.

Nix is powerful but ultimately very niche IMO. There are a lot of flaw with it.

From a package management perspective its security model seams to be to programatically pull from upstream sources which is fine if you have complete trust in all of those sources.

Nix is kind of a whole new layer of abstraction on top of an already super complex system. The level of programmability is maybe useful for something like a very specific power user scenario?

Also, in many cases the extra layer is a complete 1 for 1 wrapper meaning that its only an abstraction in the sense that its another layer not that its reducing what the user needs to understand about the depths of systemd. I find it hard enough remebering the synthax for systemd services and sockets. Nix has its own different but just as complex twist on it.

Theres also a ton of stuff that I wouldnt know how to even begin figuring out how to do in nix on my own. Search for how to set desktop wallpaper for example. If you feel that setting wallpaper using nix is intuitive or straight forward I would love to understand how?

malicious.life

darknetdiaries