Mark VonFange interviews developer Kris Moore about PC-BSD 10.1.2 and what’s in store for future releases.
PC-BSD 10.1.2 has been released, so we thought we’d talk to project lead, Kris Moore, to see what’s in store!
Q: What new features and improvements are available in PC-BSD 10.1.2?
This quarterly update got a LOT of new features, partly so we would have time to really play with them before the 10.2 release later this summer. Most of them are security and privacy focused, but there are some other neat things as well. In no particular order, these are some of the best ones:
* PersonaCrypt – Our new privacy utility that offers a few cool new features.
In its default mode, it can setup your entire user $HOME directory on a geli-backed external device, such as a fast SSD Flash Stick (Using the 256GB Corsair Flash Voyager GTX here). At the login screen, you will then enter your normal user password, along with a decryption password to mount your home-directory. The GELI key is split in two, so you can “pair” the memory stick with your system, so even if the stick is stolen, and somebody gets the password, it is still worthless without the “paired” system. Another benefit of this technology is that you can bring your work with you when you travel between desktops, or jump from a desktop to laptop. I’m using it now for conferences and being on the road, since all my development work and important data is on my $HOME, meaning I can just unplug and keep working on my laptop without having to keep files in sync.
Another side of PersonaCrypt is something we call “Stealth” mode, which allows you to do a desktop login with a one-time GELI-key encrypted $HOME directory with no personal data. Think of it as privacy mode in a web-browser, but for your entire desktop session. This also plays nicely with the following new feature.
* Tor transparent proxy support
10.1.2 includes an easy way to switch between your normal internet connectivity, and “Tor” mode by clicking a single button on the system tray. In Tor mode, the firewall acts as a transparent proxy, forcing all internet traffic to be routed through the Tor network, including DNS requests. All other traffic which may expose your system on the internet is blocked. This goes a step beyond just running Tor as a browser proxy, since you can’t always trust plugins (cough *flash/java*) and other apps to behave properly.
* 4K Monitor support