IIRC and I may be wrong here the drive stays encrypted in sleep. Decryption is done in real time via your CPU. However the encryption key is stored in unencrypted RAM. Which is why the other comment suggests encrypting swap and hibernating, this writes RAM to disk.
To be fair there are probably many different ways to solve the problem. I'm somewhat experienced with Linux and I've attempted seeing up TPM LUKS decryption on boot. It's certainly not easy or at least wasn't when I tried. For non experienced people it's easier to just enter the password at boot and enable auto login. Then you get the security, software, ethics, or licensing debates that accompany most Linux discussions.
They do understand the point. The problem is that if you use TPM to unlock on boot it is slightly self defeating. Now the attacker has access to your display manager or TTY. They can guess passwords, try to bypass the biometric checks, or find an exploit. But that does indicate a higher tech level that your average thief.
The common way to do it with LUKS2 and TPM as detailed on the Arch wiki. Not sure if that'll apply at all to ZFS and Zorin though
It is less secure though. What I do is set my computer to log in on start and I set up fingerprint auth. So I only need to login once on startup with the drive decryption.
Here's a reddit post on using clevis, TPM, and ZFS to decrypt.
You should also know that if you're mobo dies so does your data.
Hey, I was a full time potter for a few years but now will soon be entering IT after going back to school. I think you should kind of reconsider. I agree that soul crushing corporations and grinding for pay are a bummer and I think she should go into something she's engaged and interested in but you should reconsider this opinion.
Being an independent artist is essentially running a small business with a heavy focus on branding and marketing. Many arts programs poorly cover business topics. If she is already skilled in art it may be better for her to attend college for business administration or marketing. The only potters I knew that thrived ran a good business plan.
If she decides to go an alternate route like graphic design or teaching. That's fine although it can be just a soulless and crushing as a business career.
So yeah, while I agree and admire that your were able to pursue your happiness at the behest of some degree of money. I would worry that you might push her away from a path that is not a bad as it seems and I hope I didn't overstep.
I will be returning to pottery when everything stabilizes for me as a hobby or side business and my business IT program has given me some new ideas. My career should help stabilize my life so I can pursue my art, layoffs willing.
I think it does. If you make the choice to poorly manage your distro's tools/website it shows that you aren't responsible enough to manage the distro. They also had the laptop purchasing issue.
I'm not saying every distro needs to be super organized and testing shit but they should be before I recommend it to someone. Especially when there are other Arch based distros that don't have the issues.
The newbie stuff is fair enough. I do think they get extra flak here because the distro was marked as Arch for noobs.
I don't think that would be the case. The AUR helper would pull the updated dependencies from the Arch repos which would not be available in Manjaro's repos
They're valid arguments and people should be informed about it mainly because of how it was recommended a lot for beginners.
It ships with some gaming stuff, uses zen kernel, has some performance mods (I guess), and a theme as ugly as sin. But you can make any distro do what it does. I'm sure it's in the same territory as Nobara.
Firefox somewhat regularly crashes or freezes up my laptop (16Gb) due to memory usage and I'm running the default Arch package. I ended up installing a memory watchdog that kills processes when they start using too much. Although I do hoard tabs.
IIRC and I may be wrong here the drive stays encrypted in sleep. Decryption is done in real time via your CPU. However the encryption key is stored in unencrypted RAM. Which is why the other comment suggests encrypting swap and hibernating, this writes RAM to disk.