Linux 4.1 Kernel Released With EXT4 Encryption, Performance Improvements 116
An anonymous reader writes: The Linux 4.1 kernel has been announced and its release brings expanded features for the Linux kernel including EXT4 file-system encryption, open-source GeForce GTX 750 support, performance improvements for Intel Atom / Bay Trail hardware, RAID 5/6 improvements, and other additions.
Something to look forward to (Score:3, Funny)
Re: (Score:1)
Please fix slashdot (Score:5, Insightful)
Read More button gone. Stupid share button in its place.
Re: (Score:3, Informative)
Good to know I'm not the only one bugged by that, not to mention the stupid "video clips" thing they've added.
Seems like they gave up on beta but are now messing with the "classic" site.
Re: (Score:3, Insightful)
No, they are re-implementing beta one step at a time. It's a new strategy.
Re: (Score:3)
I'm not sure I get the problem. If you click on the post title, you get exactly the same as you always did, that is the post and comments. I'm using /. classic with full noscript though...
Re:Please fix slashdot (Score:5, Insightful)
Yes it still works, but it's not obvious or discoverable. And it's jarring. I typically read the blurb to decide if it's interesting, then click the read more at the bottom of the blurb to read the whole thing and the comments. Also the number of comments was right there at the bottom too, which made it nice and fast to see what were the interesting stories. Now that information is in the upper right-hand corner, so I just don't notice it straight away. I guess Dice once again has forgotten the value of slashdot and the interesting aspect of slashdot is the user-generated comments. Dice seems to be rolling out the beta site with all its crap and and its de-emphasis on user-provided content, but under the guise of the classic site. Not working guys!
If someone can post some greasemonkey scripts to fix the site, that'd be wonderful. Also if we could just turn off the video bytes stuff that would be good also. And put the polls back where they belong!
In the meantime, there is soylent. It's not been very good lately but if enough people go there and comment, and submit stories, maybe it will get better and be a proper replacement.
Re: (Score:2)
Yeah! Fuck classic!
Re: (Score:3)
So much this.
It's such a small change but it totally screws up a flow we've had forever and which made perfect sense. Read title, read summary, read number of comments, click to read said comments. Now it's, read title, read summary, look to upper right to see number of comments, then move mouse back to title to read them (I'm sure I'm not the only one who moves the mouse along as I read).
And yeah, the weird floating videobytes thing.. that's gotta go.
Re: (Score:2)
I just click the Article title. But I use classic. That and I mostly use RSS to get the articles so I've largely ignored the new interface for years.
Re: (Score:2)
Perfect analysis of all the UI fails.
Just leave the dam site alone. It was working fine the way it was before.
Fix for Firefox users (Score:2)
Find your profile directory. It should contain a subdirectory named chrome. Edit or create a text file there named userContent.css (ie., chrome/userContent.css relative to the profile directory). Insert the following:
@-moz-document domain(slashdot.org) {
.comment-bubble { opacity: 0.3 !important; }
}
changing the opacity value as required. Restart Firefox.
(This would be more useful as a Greasemonkey script, but I don't know how to write one of them. Volunteers?)
Re: (Score:2)
You can hide the videos with a simple adblock filter; "slashdot.org##article#firehose-000".
You could also make the share button go away (slashdot.org##div.popularity), but that does break the tags css.
Re: (Score:3)
I'm not sure I get the problem. If you click on the post title, you get exactly the same as you always did, that is the post and comments. I'm using /. classic with full noscript though...
(Aside: Full noscript here too, though I don't think there's a /. classic any more, since the beta seems to be gone, or at least not actively being promoted).
The problem in part is that many people probably click on that spot due to muscle memory - I have for over a decade. Suddenly that link has been replaced by a button that does something totally different and not universally desirable. For no good reason. The paranoid cynics might think that the placement of the social media button there is deliberat
Re: (Score:2)
I don't think there's a /. classic any more, since the beta seems to be gone, or at least not actively being promoted
It exists, but it's well hidden in account preferences. I use a classicish mode which is good because it's the only way to read -1 moderated comments (-1 comments seem to be impossible to read from the default UI). Unfortunately, the devs test changes very rarely with classic mode, so things break often.
Re: (Score:2)
The problem in part is that many people probably click on that spot due to muscle memory
I'm glad I'm not the only one. And I've been 'here' since ~2000.
Re: (Score:2, Informative)
Click the article title instead. I switched to that method years ago when the read more button started doing stupid Javascript tricks.
Really, you should be able to cope with this sort of change. It's minor, and this isn't your site. Deal with it like an adult and quit cluttering up the discussion threads with your whining.
Re: (Score:1)
Who's whining? lol
Re: (Score:2)
Really, you should be able to cope with this sort of change. It's minor, and this isn't your site.
But you don't understand! They moved my button! It has rendered me completely helpless!
Re: (Score:2)
There isn't all that much to clutter up anymore. People are reminiscing about the good old days while packing up their proverbial wagons. Meanwhile, the devs make random changes that won't attract new users but will help drive away the rest of the old.
It's sad, but everything has its end. And at least Slashdot also had
Re:Please fix slashdot (Score:5, Informative)
Re: (Score:2, Interesting)
It's worth noting that there's an interesting comment in the HTML social menu, under the selector "article footer div.grid_10.l":
<div class="popularity">
<a href =""><i class="icon-thumbs-up-alt"></i></a>
</div>
<div class="popularity">
<a href =""><i class="icon-thumbs-down-alt"></i></a
Re: (Score:2)
Anyone want to kickstart a new site? Between all the sites going to this and people trying to keep Voat offline so Redditor's don't have any alternative I'm ready to just go back to IRC & Usenet.
Toss on a small daemon to handle voting of Usenet articles, add a web front end for people that can't use anything else and just have a place for intelligent discussion with moderation, decentralized.
Re: (Score:2)
A web workaround is just to go to http://slashdot.org/archive.pl [slashdot.org]
The headlines tell you as much as the summaries around this place, and you don't have to see the ugly front page any more.
Re: (Score:2)
Does slashdot provide anything that a sub-reddit wouldn't?
Re: (Score:2)
Also try shrinking your browser (to make it the same size as any phone) and the stupid icons overlap the summary so you can't even read it.
Re: (Score:2)
I don't understand why anyone working on a website would only test with like 1280 resolution. The first thing you always do is test at at least
Re: (Score:2)
Ahhhh... it read it as HTML. I put "less than or equal to 1024 at least."
Bad dog analogy (Score:2)
After I fixed my dog, he just sleeps alot and got fat.
The "Ads Disabled" checkbox did elimnate a lot of leg humping.
Lots of great features and no kdbus (Score:4, Interesting)
Building the kernel now.
Very cook feature list, with arguably the best feature being that they managed to keep kdbus and more systemd nonsense from infecting the kernel code. I'm especially looking forward to trying out ext4 encryption on my laptop.
Re: (Score:1, Troll)
There are a lot of systemd-free options out there (Score:4, Informative)
Which distro are you using that isn't already infected by systemd? I'm SO glad Gentoo still allows me to use OpenRC...
Me too! I use both funtoo and gentoo, at work and at home, but here's a pretty good sized list of options for those who like debian, arch, and other distributions:
http://without-systemd.org/wik... [without-systemd.org]
If you're stuck with Red Hat, your choices have been pretty much taken from you, and you should probably be looking to change to something else, but otherwise you probably have the choice of using OpenRC or upstart, and someone has probably already figured out how for you.
Re: (Score:3, Informative)
Am a Debian fan, and seriously pissed that Debian decided to slide down the systemd shithole, so I decided to check out the Debian fork, Devuan.. Seems they have taken Jessie and ripped that systemd abortion out.. Am currently running it in a Virtualbox vm, time will tell if I go with Devuan over Debian....
Re: (Score:1)
What is amazing is that it didn't take them 15 years to slide down that shit hole.
Heaven forbid they provide a reasonably up to date kernel or gcc, but they have no problems adding this abortion and squelching all complaints.
Makes you wonder what RH is doing behind the scenes and why.
Re: (Score:1)
It's all out in the open (Score:3)
Lennart frequently blogs about how he could have been a contender and had his own linux if he'd just been born a little earlier - plus his plans of what he's doing behind the scenes to make linux HIS. It's all out in the open, lots of detail and if we don't like it we can just use somebody else's stuff.
I wish him good luck with his "world domination" but I also wish he was a bit more patient and would stop inflicting alpha level shit on us as part
Re: (Score:2)
This post has no useful content. That said:
I just wanted to say thank you very much for the link FreeUser! It's been slightly frustrating at best trying to keep up with all the partial yet somehow already out of date blogs to get the same information.
It is very much appreciated.
Re: (Score:3, Interesting)
I'm not sure what encryption is useful for. If my servers get hacked, they're able to read encrypted files. Malware on my Android device can read my encrypted files as soon as I get the phone properly booted. The laptop niche seems okay, except laptops get hacked just like desktops way more often than they get stolen and offlined.
Re:Lots of great features and no kdbus (Score:5, Interesting)
It's certainly useful when you're moving equipment or storage devices. Your complaint would apply to any encrypted storage system that mounted an encrypted file system; Bitlocker, Truecrypt, dmcrypt, etc.
I work for a company that does a lot of government contract work, and we are contractually bound in almost all cases to story certain kinds of confidential data on encrypted media. When using Linux servers, we usually use dmcrypt, but EXT4 encryption would be a nice option as well.
Re: (Score:3)
Yes, but you see the point: the applications of encryption are small, mostly restricted to communication. Encrypting storage is crap. You can argue that moving physical equipment is "communication", because information moves from one place to another. This is ridiculous when moving from one rack to the rack 5 feet away; it's more pertinent when shipping backup tapes between buildings; and it makes some middling amount of sense when excessing hardware--you might throw out a whole, unwiped drive, which i
Re: (Score:2)
The problem is you can't always be the one to dictate the contract terms, and quite often someone utterly incompetent will have come up with the terms...
There are organisations which are burdened with the requirement to encrypt *ALL* disks, even those on servers because someone writing the contract heard the encryption buzzword, or got a kickback from a company selling a disk encryption product.
When the contract stipulates that something must be done, even if that something is stupid then it's very easy to
Re: (Score:2)
I very strongly disagree there. Adding an extra complication to backups is just asking for trouble when you really need them, especially since the person doing the restoration may effectively be somebody "grabbed off the street" when the normal staff are no
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Take a look at AMANDA for an example - you can get stuff back with "dd" and "tar" if necessary instead of using the actual AMANDA software.
Which a McBurgerFlipper won't know how to do. Even as an experienced systems integration engineer, I would need a few hours at least to develop a plan on how to do that. I have tapes all over the place with multiple days's worth of differential backups, and I need to use dd and tar to get the data out, restore it to the appropriate systems, restore differentials and incrementals IN PROPER ORDER--meaning I have to verify I'm using the tapes in the correct order--get that data into the appropriate applicat
Wrong - way easier now than it ever has been (Score:2)
Joking, newbie, selling yourself way short or completely and utterly fucking useless - what is it to be? The amusing bit is the condescending crap on the end about home backups when the situation is that if you are responsible for the gear then you are failing in your duty if you cannot do a bare metal restore of critical systems AND talk somebody with minimal experience through it. I'
Re: (Score:2)
You're ridiculous. "Oh, I can just walk into a major bank, an insurance company, or a credit card processor, and, with no foreknowledge of their systems, wave my hand and reconstruct their entire data center from back-ups, no planning required!" You'll get a non-working system.
You're one of those people who thinks he's a rockstar developer, a magic sysadmin with the Midas touch. I've watched hundreds of people like you destroy businesses and then walk off smiling to yourself about how you did a perfect
Don't strawman me (Score:2)
Only your stupid strawman is ridiculous, I'm suggesting that if you WORK at a major bank and you are responsible for their backups then part of that is being able to do bare metal recovery AND walk others through the process.
Yes, your strawman is stupid, but I didn't suggest anything remotely like your imaginary friend that you are shouting at and I have to admit that I think it's a very childish way to act.
While perhaps I should have been clearer an
Re: (Score:2)
Only your stupid strawman is ridiculous, I'm suggesting that if you WORK at a major bank and you are responsible for their backups then part of that is being able to do bare metal recovery AND walk others through the process.
Your argument was that some stupid intern you hired might not be able to figure out how to use an encryption key, so the process should be simple; then it was that keys and documents get lost, and you should be a good enough admin to know wtf you're doing; now it's that you have the whole process memorized, being the veteran resident expert on the business's particular system and having designed it from the ground up.
Let's refresh your memory:
If you can't successfully explain a recovery procedure to a recent average high school student over the phone then you are doing it wrong. If someone in ten or twenty years needs to track down a key from ex-employees that have moved or died then you are doing it wrong.
As well,
With respect - professional engineer here, guy with a HR granted title of engineer there. You really should choose your insults a bit more carefully. I'm sure you have plenty of skills I do not have but to me IT in general is a subset of what I was doing last century, so you have only succeeded in making me laugh by puffing yourself up.
In the last decade, we've moved on to virtualizatio
What's with the misrepresentation? (Score:2)
It's both potentially a complete showstopper and totally unnecessary in the first place. I don't really understand why you cannot grasp the concept.
I'll restate something above in another way - if you can't work out how to do a bare metal restore on a single system with all the needed data on media that you can read and the right hardware then somebody has seriously fucked up. That guy that worked there should have put something togethe
Re: (Score:2)
Bit longer than that and still doing it. Why bother to quote something if you haven't read and comprehended it?
Indeed. Even though that's a bad idea with media life and formats there's a lot of material that fits that description, especially in the geosciences and some other applied sciences. It's something I have to deal with several times a year with some clients even providing tapes from the late 1970s.
I see the problem now (Score:2)
Re: (Score:2)
You still assert that inputting an encryption key into a process is massively complex. It's not like they're performing mathematical key scheduling by hand; they have to enter a fucking password, or provide a key file from a USB drive kept with the back-ups.
This is the bar you set: someone is going to be too stupid to insert USB dongle with key. Restoring back-ups with Amanda is no trivial task; it's not rocket surgery, but it's not "turn the computer on and smile". There will be instructions, tape ord
Re: (Score:2)
No, just massively stupid and directly opposed to the entire operation of having something to come back from when the shit hits the fan. It's a situation for physical security and not something to keep yourself and a few others in a job because nobody else has the keys. Being one office fire away from the org never having access to some data ever again is what backups are supposed to prevent and not enforce.
Re:Lots of greMoat features and no kdbus (Score:1)
Re: (Score:2)
Huh, what is encryption good for? You don't care if your servers get stolen by a random thief and then ebayed?
If you need to RMA disks you don't have to chose between eating yourself the loss and living with the fear that your vendor might just quickly fix it and send it to some random customer together with all your data?
Re: (Score:3)
You don't RMA disks with such sensitive information that you need file-by-file encryption or whatnot; you shred the disks. Your OS reads data through an IO layer that decrypts it as it streams, storing it in memory as unencrypted data, which is then read by programs and integrated into memory structures; what if your OS writes program memory to unencyphered swap? Suddenly you have medical records, social security information, and credit card numbers in an unencrypted area of your hard disk.
People disass
Re: (Score:2)
People disassemble, degauss, and shred those disks in those contexts.
Or used them for target practice. A hard drive with a bullet hole or two is quite unusable.
Re: (Score:2)
Hah, thought that was just me. Be nice though, and pry the circuit board off first so you don't scatter bits all over the range.
See you there!
Re: (Score:2)
Who steals servers? (Score:1)
Well, linux isn't necessarily just for servers. Can also be used for desktop and portable equipment. But let's talk servers here.
A couple of years ago, offices here in Austin, Texas were broken into for the company C3 Productions (owners of Austin City Limits and Lollapalooza music festivals). All their servers were taken. Now, I doubt they were hosting their ticketing ecommerce website from within their offices. But those server
Re: (Score:2)
what if your OS writes program memory to unencyphered swap?
Luckily, encrypting the swap partition on Linux is trivially easy:
http://hydra.geht.net/tino/how... [geht.net]
Only an idiot would encrypt their hard drives and not their swap partition.
Re: (Score:2)
Re: (Score:2)
Let me guess: you like to burn money by destroying hardware that can be replaced for free and you think automatically the sysadmins in charge of implementing encryption are incompetent. Are you working for the government?
Re: (Score:2, Insightful)
Think about extremely common and relatively benign cases, before you even bother getting to the topic of thieves.
You buy a hard drive with a warranty. Before the warranty expires, the drive fails. It doesn't work (or not reliably) so you can't confidently wipe it. But you can't physically destroy it either, if you want it replaced through the warranty instead of at your own expense.
So you send the drive (which contains your data) to total strangers where they w
Re: (Score:2)
Security is expensive, hardware is cheap.
You can buy from vendors who are used to dealing with clients holding confidential data, and expect them to handle returns or swallow the cost of replacements without returning the dead ones. It all depends on the contract between you and the supplier.
Or you can simply not return faulty drives, just replace them and then destroy the faulty ones.
Many places will stress test the drives for a while before putting live data on them, most drives that will fail during thei
Re: (Score:2)
It seems like just another point of failure to me.
The idea that it is useful when moving equipment has some merit, but you don't need an encryption-away FS to do it.
Re: (Score:2)
err encryption-aware
Re: (Score:3)
> The laptop niche seems okay,
Except it is not an niche. Personally I haven't used a desktop/workstation computer for like 5 years. And also it have been like 5 years (or more) since notebook shipments exceeded desktop/workstations. Of course in sane IT deployments loss of client computer should not be a problem but still there could be sensitive data there. Even system level stuff like password hashes and so on. Maybe it is rare but security breaches usually involve the weakest link - and be it that if
Re: (Score:2)
Laptops usually don't contain vast stores of data. Once in a while, you hear about a laptop with millions of medical records vanishing from a coffee shop; most of us have VPNs requiring our passwords, connecting remotely into applications which connect back to databases which carry tons of data. A laptop might, at the nominal worst, contain some cached information for one or two people, accessible by hours of work dredging through cache files--if that information doesn't stay entirely within memory durin
Re: (Score:2)
I'm not sure what encryption is useful for. If my servers get hacked, they're able to read encrypted files.
You mention laptops and mobile devices, and claim that they get hacked way more often than they get lost/stolen. This is absolutely not true. Look at the many, many instances of laptops being lost or stolen with sensitive databases on them, and the ones that get reported publicly are just a tiny fraction.
It's also not necessarily the case with ext4 encryption that a box getting hacked reveals all of the data on it. Ext4 encryption allows each user account -- or even various subdirectory, IIRC -- to have
Re: (Score:2)
Look at the many, many instances of laptops being lost or stolen with sensitive databases on them, and the ones that get reported publicly are just a tiny fraction.
That's called the law of large numbers: every single person you'll ever meet in your life will have never come in contact with any other person who has come in contact with any other person who carries such data on a laptop; however, there are 7 billion people in the world, 2 billion in China, 300 million here in the US, more laptops than people in businesses, and "utility laptops" that float around with trucks instead of with users. Somewhere out there in that vast ocean covering 70% of the world's surf
Re: Lots of great features and no kdbus (Score:1)
Like it has done with everything else, perhaps systemd will take over the role of the Linux kernel, too. That way no code changes need to make their way into the kernel. The kernel is just no longer present at all.
Ext4 encryption... (Score:4, Interesting)
ext4 encryption has a lot of promise, and I consider this a big feature. It essentially functions like EncFS/CFS, but instead of being a secondary filesystem accessible via FUSE, it is part of the main filesystem. The closest thing it parallels is AIX's EFS.
I'm not surprised that Google coded this part. It makes perfect sense for Android. Encryption of /data can be turned on immediately during a device setup without having to worry about block level items, or if the device crashes during the /data encryption process.
Overall, an add-on which is definitely needed. Since Google mainly uses ext4, this is their best bang for the buck, and I hope the maintainers of other filesystems toss something similar in their code.
Ssd support (Score:3)
Does it support samsung 840 and 850 pros yet for production?
is there a howto on encrypting and mounting? (Score:2)
is it as simple as issuing adding an option to the makefs.ext4 then a mount command for a partition and providing the password to a prompt?
EXT4 vs dm-crypt (Score:2)
Does anyone know why you want encryption directly in the filesystem rather than the layered approach being offered for years by the dm-crypt kernel filesystem? The Phoronix article mentions that is intended for Android systems, so my immidiate thinking was that it had something to do with flash storage specifics. Generally I do not like it when a generic, simple solution like dm-crypt gets reimplemented at another layer, increasing complexity, but maybe there is a reason for this?
Another article mentions F2
Re: (Score:2)
http://www.cyberciti.biz/hardw... [cyberciti.biz]
Re: (Score:1)
Move the comments number BACK (Score:2)
I browse in full screen mode on a 30" 2560x1600 monitor. Some would say this is folly, none the less it's what I do.
The article news headline is on the far left 1/4 of my monitor.
The comment quantity per article is over a fucking foot to my right and I have to glance at how many comments there are, per article, left, right, left right.
Put it back below where it belongs.
I don't like or care about a dopey share button - if you keep it, fine but don't make the comments number worse due to it.
I hate to cite