Archlinux: Enigmail on AUR

Schnouki has just made a PKGBUILD for the Thunderbird-Addon Enigmail which enables you to use GPG-encryptions on e-mails easily. The advantage is now, that we don’t need to rely on third-party binary packages anymore, because we can build it directly from the AUR. With enough votes, it might become part of the official community repository.

My Idea of an OpenPandora OS

If I would buy a Pandora, which I am not sure of currently, I would propably make my own Archlinux based OS.

The idea to port Arch to the ARM platform is nothing new, as someone is trying to do it here.  So I would just use this as base and then make sure to include the following key features:

All in one apps. The Pandora seen as a computer has not too much power. Also there is as far as I know only 512 MB internal space planned, so using Firefox, Thunderbird and Liferea at once does not make too much sense for me. I would prefer Seamonkey, Mozilla’s Firefox/Thunderbird/Other hybrid. As a downloader, one could use either something terminal based like aria2c. For advanced usage I am thinking about JDownloader, but without a GUI and a HTML-Server-Plugin (so that you can control JDownloader from within Seamonkey). Also I would need something for chatting, I recommend Pidgin here (again, cutting off some features I don’t need).

Encryption. I thinkt portable devices should always be encrypted. They propably contain private data and you do not want to get it stolen and then get everything published on the internet, do you? LUKS with dm-crypt is the software that I would use here. Encrypting everything would slow down the speed though, so I would try to keep it balanced. See also this article I wrote about that subject. For chat and mail encryption, there are the OTR and Enigmail plugins. Maybe Keepass to keep all passwords sorted (plugins for seamonkey and pidgin would be really awesome here; maybe I could write them).

Usability. Basically OpenBox with big enough window borders, that you can click the buttons easily with your fingers on the touchscreen. Also a panel featuring a big launch menu, which goes fullscreen. Mouse gestures where possible (Seamonkey)!

Pacman wrapper? I have been thinking about package management a bit longer. On the pandora forums I have read that they do not want any packagemanagement, so you can copy pasta a compiled program from your pc on your SD card and then just launch it on the Pandora. This seems not too useful for me, I would prefer pacman except that you can choose where (on which SD card) you want to install your software. Why? Because you can put two of them in there. Huge software like openarena could be installed on a different card as main programs are installed. I know that this is very likely to how windows likes to deal with software, but in this scenario it seems to make sense to me. One could sort his SD card like the ordinary linux root folder structure, so he would know where to find the software. Furthermore, there should be scripts that check whether the right SD card is inserted before launching a program. I am not sure, but all this might be possible with a pacman wrapper and a fixed folder structure on every SD card, containing a pacman database each.

As said before, I am not sure if I will buy one of these beautiful devices, but if I do, I will make a very customized setup.

_Full_ harddisk encryption unnecessary with linux

Last week I talked to yoschi about how slow my KDE starts up. He pointed out that my full disk encryption is propably the speed killer and that it is not needed.

Its not too long ago that I switched from Windows to Linux and by not knowing too much about its architecture I decided to do a full encryption just like I did it on my Windows installation.

The major difference is that Windows programs write their configuration files, cache or other data wherever they want to – you can’t really control it. Linux programs don’t do that – you’ll find all the sensitive data in your home folder (or in one of the folders I listed below). Besides on Linux you have mainly open or at least free (as in beer) software. Most windows users I know crack at least some software (Photoshop is a good example, not everyone is able to buy it), so you don’t need to worry about that either.

The only problem could be that some software is not allowed in your country – germany has for example a so called Hackerparagraf which says that software that can be used to hack computers are illegal (it isn’t really clear though and I haven’t heared/read of someone getting sued for this yet). In that case you should encrypt this software, too, if you are planning to use it.

Here’s my plan of what I will encrypt on my machine when I re-install it the next time:

Encrypt:

/home
/etc
/var
/srv
/tmp
/root

Except for:

/var/cache/pacman

This should give my box a real boost since most stuff won’t be encrypted anymore

PS: I don’t use any swap. If you do use one, you better also encrypt that!