Absolute joke. Emphasis is mine:

… protected by a TPM and recovered automatically only by early boot software that is authorised to access the data

later on in the article it talks about how the packages are now going to be supplied:

Namely, the bootloader (shim and GRUB) and kernel assets will be delivered as snap packages (via gadget and kernel snaps), as opposed to being delivered as Debian packages. As such, it is the Snapd agent which will be responsible for managing full disk encryption throughout its lifecycle.

Looks like snap will be the future for Ubuntu

    • TiffOPA
      link
      fedilink
      English
      arrow-up
      3
      ·
      9 months ago

      I’m right there with you. Absolutely despise snap. I’m going to migrate all of Reddthat’s servers off Ubuntu because of it.

  • notfromhere@lemmy.one
    link
    fedilink
    English
    arrow-up
    2
    ·
    9 months ago

    This is great news. FDE is needed for all kinds of use cases. Ever log into your bank on your unencrypted laptop? Better hope nobody steals your laptop, they can get to any passwords saved in your browser, session cookies, etc. But if your disk is encrypted then it’s good luck, they’ll have to crack your password (if Canonical implements it right it shouldn’t be possible) or wipe the drive.

    • TiffOPA
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      It’s no different than standard FDE with LUKS, but the password is no longer the master key. The password (from what I’ve read) is used to generate the key, and that key is then used as the secret. So you can have an average password and it still makes it hard to “crack”

      • notfromhere@lemmy.one
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        9 months ago

        Right. Typing in the LUKS password every time you resume from standby (specifically hibernation) means nobody actually uses it in practice. This unlocks a key feature missing from Linux ecosystem.