According to news on September 10, Canonical announced that Ubuntu 23.10 (codename Mantic) will be released next month. Minotaur) will introduce experimental features to provide initial support for TPM-based full disk encryption. This move aims to make full use of the system's Trusted Platform Module (TPM) to further enhance Ubuntu's security. However, one big change that this feature brings is the reliance on the Snap format, which includes that the bootloader and kernel will be presented as Snap packages instead of traditional Debian packages. In addition, Ubuntu will also use the unified kernel image (UKI) to encapsulate the kernel and initramfs into a PE binary file.
TPM is an important security feature that encrypts the entire disk during boot to protect user data from unauthorized access. In Ubuntu 23.10, TPM will become part of the Ubuntu full disk encryption solution and provide support for the classic Ubuntu desktop system
According to the editor’s understanding, the TPM-based full disk encryption function is adopted in the Ubuntu system The same architecture as the classic Ubuntu desktop and shares some design and implementation principles. The boot loader (including shim and GRUB) and kernel resources will be delivered as Snap packages and managed through gadgets and kernel Snaps. This means that throughout the lifecycle, the Snapd agent will be responsible for managing full disk encryption, providing users with stronger security protection. Although this move introduces a new package management method, it significantly improves the security and trustworthiness of Ubuntu systems, allowing users to use their computers with greater confidence
The above is the detailed content of Ubuntu 23.10 experimental feature launched: new disk encryption enhances system security. For more information, please follow other related articles on the PHP Chinese website!