@cm0002 Never understood why one should use tpm when there are good old passwords. It would be better to enforce a long password. To me TPM always looked like a marketing strategy masked by security tools: in the end it’s a device that makes it mandatory to use your hard-drive on a specific machine. It’s even weaker than a good password. Am I wrong?
@cm0002 Never understood why one should use tpm when there are good old passwords. It would be better to enforce a long password. To me TPM always looked like a marketing strategy masked by security tools: in the end it’s a device that makes it mandatory to use your hard-drive on a specific machine. It’s even weaker than a good password. Am I wrong?
TPMs protect against evil maid attacks
Android has a nice solution with the system vs user encryption
@possiblylinux127 And allows to decrypt the disk if someone steals your laptop: it can just turn it on to read it…
That isn’t how TPMs work
The TPM checks the signature of the software with the signature it has internally. If that signature changes it will refuse to release the keys.
@possiblylinux127 Exactly. So if someone steals your laptop it can just press the power on button to read your disk. Security my ass.
…if they can log in
@possiblylinux127
Call this security… It’s just a marketing lock-in strategy. A good old password is all you need for encrypting a disk.
…Except none of that is true