Haven't seen one of those in ages.. post yours and get rated!
OP here, thanks for all the contributions!
I added some of your suggestions, but fucked up the colors (TOR should be purple because of the logo but who cares)
If someone wants to add anything I used the font: 'HelveticaNeueLt Std Ext' 14px
If I remember correctly, system-wide encryption is handled by dmcrypt + LUKS (in kernelspace), and home directory encryption by ecryptfs (in userspace), which uses more resources due to overhead.
soon to do, just need a day or two where I feel like reinstalling and testing just about absolutely everything and get it to the point where it's manageable, wouldn't mind messing around with btrfs (or zfs or something) containers so I can set up a clean windows wm then reflash it whenever needed, shouldn't be too difficult to do
all seems to work well on my machine with the caveat of having to eject the graphics card from the guest windows machine before rebooting otherwise the linux host (probably) needs a reboot before the card can be used in a vm again, I'm sure there's a work around but it's getting harder to diagnose such issues with each passing week with everyone and their dog posting guides with (horrible, outdated) qemu configs clogging up google search results
even if that were the case, there's decent separation between hardware devices with iommu tables (or not, depending on your configuration) and nothing the vm is ran on should have root access, at most it'll be able to do shit on the user you're running it on and maybe fuck up the windows image but then who cares?
unless of course your windows vm has both virtual machine breaking exploits, linux privilege escalation exploits, all while being baked into windows or whatever you're running on windows (and if you're that paranoid I recommend not using any hardware ever)
oh yeah, there would be a browser inside the encrypted linux partition obviously
the unencrypted would just be for shits and giggles (i.e., riced gentoo) most likely with the possibility of access to the windows vm so I get <10 second boot times without having to enter long passwords
>Why would you encrypt everything if you store everything in your home directory
Leaks happen in every mount point, FDE is the only sensible approach.
>If I remember correctly, system-wide encryption is handled by dmcrypt + LUKS (in kernelspace), and home directory encryption by ecryptfs (in userspace)
No, that's just one of gozillion possible solutions. You can encrypt your home using block-device encryption via ext4 new encryption capabilities or via dm-luks+pam_mount or via encfs... anything involving dm-crypt in any of his incarnations is generally safer
>Why would you run a VM in a sandbox?
Why would you __not__ run a VM in a sandbox?
Are you running a browser as a OS and running windows in your browser and running a browser inside that windows that is ALSO running windows? And THAT windows is running Linux (???) with a sandbox and virtual machine that is encrypted and running /g/ straight from the tit?
>le if you don't have nothing to hide, you don't have nothing to fear
I hope one day your laptop will get stolen and some nigger will use your credit card infos to send you an entire collection of dragon dildos - or something like that.
Windows 10, amirite?
>I hope one day your laptop will get stolen and some nigger will use your credit card infos to send you an entire collection of dragon dildos - or something like that.
why would i store my cc# on a computer? are you retarded?
>Windows 10, amirite?
that upset? but nah. try again. like it even matters.
I have maximum security; a broken grub which requires a couple of very specific commands to be entered before you can access the encrypted drive on which /home is encrypted again.
>all that just to shitpost and get pwned via the interwebs
How do you guys set up encryption?
I've read a tiny bit about it and it seems complicated AF.
Also, since murdock killed himself, we can't trust loonucks now can we?
Guess it's time for templeOS
I'm still working on setting it all up.
>windows 10 botnet-free edition
>netrunner 17 horizon OR fedora server 23
>i7 4740-HQ @2.5Ghz (turbo 3.5Ghz)
>8Gb ddr3 ram
>intel hd4600 2Gb
>1920x1080p 15.5" ips