Wednesday, February 23, 2011
ChromiumOS uses eCryptfs for Home Directories
While looking for something else today, I came across this ChromiumOS design document:
This is a very interesting read, about how the good folks at Google are using eCryptfs to secure user data on ChromiumOS devices. I found a few of the design points particularly interesting, such as the hashing of user names and integration with the TPM. I was also pleased to see that eCryptfs was chosen, in part, in accordance with their design needs for both performance and power consumption.
There are detractors out there who regularly snipe Canonical and Ubuntu for a perceived lack of contribution to the core engineering of Linux and free software. Such attacks continue to sadden and frustrate me.
I'm really quite proud of the the early work we did on eCryptfs in Ubuntu in 2008-2010, with our Encrypted Private Directory and eventually our Encrypted Home Directory features. It's quite clear to me that Google's usage of eCryptfs for per-user home directory encryption in ChromiumOS are extensions of one of Ubuntu's pioneering technical advancements of desktop Linux.