If anyone leaves their ubuntu logged in unattended it's as easy as navigating through the menus to "passwords and encryption keys" and ticking the "show password" to reveal and steal anyone's passwords.

In the need to set up multiple partitions for added physical security, a need for a better bootup encryption password entering needs to be integrated.

At current, for every desired encrypted partition on the same hard-drive, the encryption needs to be set individually, hence at bootup, the encryption key for each partition would need to be put in. This can be tedious if not needed for that level of challenging security, but it is also useful for more complex levels of security hence it should not be removed. It could be useful that way for larger cooperations that need to ensure that physical access to a machine must have the right approval the respective approving bodies, where each physical encryption password would be entered by a different individual.

Ubuntu 8.04 "Hardy Heron" added support for iSCSI.

Now lets add support for encrypted iSCSI.

The default encryption scheme in Ubuntu requires that I make a key and store it on a keyring to use... this is all well and good. However, there are times when a user will want to encrypt a file without the key being stored anywhere but his head. With the current system you need to have the decryption key saved, and even if you delete it afterwards, it's still theoretically recoverable.

The ~/Private method of storing encrypted data is a bit darkened. If you don't know that Ubuntu has got this feature and that you have to install it, you don't realize that can do that.

My proposition: Allow encryption of any folder in ~/ clicking with left button in Nautilus. If user doesn't have the packages, he would be asked for his/her permission to install them.

A user with sensitive data on their computer may be coerced into giving up their login password.
In that case, the Private folder or the home folder encryption provided by Ubuntu are no good.

Encrypting directories using ecryptfs is not intuitive or easy to maintain when reinstalling Ubuntu, using sim links to external drives, etc. Also, if a user is logged in, the mounted ecryptfs folder becomes unencrypted and viewable to other users.

In short, can we provide extra security/privacy for our data despite wanting/needing to use insecure apps?

Linux permissions do a good job of automatically protecting core system files from change but data privacy/security seems to be predicated on an assumption of userspace security which is generally unrealistic. At the same time for many people losing the privacy of their data can be far worse than losing their OS install or hardware. For example in my case...

I have some applications which I love but which aren't written with security in mind. The main one I'm thinking of here is FileZilla which stores all usernames and passwords as plain text but many other apps simply assume their environment will always remain private. One of the MAIN REASONS I switched to a linux based system was to get a bit more security as since I became a web developer a few years back I have stared to accumulate LOTS of other peoples web hosting credentials. This is valuable booty to some miscreants and I guess it has been standard hacker practice to scan for unencrypted ftp/ssh credentials for time immemorial but I am troubled to hear many worms and trojans now do the same as a matter of course and I would like an extra line of defense against this.

There are lots of encryption solutions, some of which I already use such as truecrypt but these don't really hit the spot as once a volume is mounted it can be read by any user/process. This means that any intrusion into my user space (say from a browser bug) while I have a truecrypt volume mounted might trivially compromise all my most private data. I'm sure we have the technology to protect against this.

Note: Please do not reply Ubuntu is secure enough already or vote this down because 'Ubuntu does not get viruses'. *nix is only that way because developers were sensible enough to take precautions before there were widespread problems. Nothing is infallible and the one thing worse than a total lack of security is a false sense of security!

It seems that email is a very very unsafe mode of communication. Although I don't have any world domination plans as yet, I would like to keep my things private from intruding governments as well as companies.

I've been looking a bit around and it seems that there is a lot possible, but that it's just very fragmented; GPG and FireGPG together with some extra functionalities would help us get started.

What if you created one package out of Seahorse/GPA/KGPG and FireGPG which after installation had the following functionalities for for example gmail (more email programs should follow);
- The first time you start it up, a key-pair is being made for your email address. The public key is automatically uploaded to the PGP Global Directory which then verifies the email adres with a verification email.
- When you send an email it automatically looks in the Global Directory whether the person you send the email has a public key and if it finds one, it automatically encrypts and sends the message. Also it automatically signs the email using your private key.
- When you receive an encrypted message, it automatically unencrypts it and checks the signatures using the Global Directory.

Using a system like this would get many people to use it since it is not so complicated anymore and just one package. The more people post public keys, the more it gets accepted by other email programs while it doesn't interrupt the current flow of emails since you can still send normal emails as well.

If you think intruding governments are taking a bit too much away from our privacy these days, please vote UP!

Links:
http://www.getfiregpg.org/
http://www.gnome.org/projects/seahorse/
http://www.gnupg.org/gpa.html

[....]

Currently the Ubuntu Desktop installer does not allow the user to set up whole disk encryption (with lvm/luks). However, this is easily done though the "Guided - use entire disk and set up encrypted LVM" option in the alternate installer. This should also be possible via the desktop installer.