Orbi Camp
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
cm0002@lemmy.zip to Linux@programming.dev · 8 days ago

Linux Now Disabling TPM Bus Encryption By Default For Performance Reasons

www.phoronix.com

external-link
message-square
22
fedilink
99
external-link

Linux Now Disabling TPM Bus Encryption By Default For Performance Reasons

www.phoronix.com

cm0002@lemmy.zip to Linux@programming.dev · 8 days ago
message-square
22
fedilink
  • Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1    ·
    6 days ago

    TPMs protect against evil maid attacks

    Android has a nice solution with the system vs user encryption

    • Federico@mastodon.uno
      link
      fedilink
      arrow-up
      0      ·
      6 days ago

      @possiblylinux127 And allows to decrypt the disk if someone steals your laptop: it can just turn it on to read it…

      • Possibly linux@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1        ·
        6 days ago

        That isn’t how TPMs work

        The TPM checks the signature of the software with the signature it has internally. If that signature changes it will refuse to release the keys.

        • Federico@mastodon.uno
          link
          fedilink
          arrow-up
          0          ·
          edit-2
          6 days ago

          @possiblylinux127 Exactly. So if someone steals your laptop it can just press the power on button to read your disk. Security my ass.

          • Possibly linux@lemmy.zip
            link
            fedilink
            English
            arrow-up
            1            ·
            6 days ago

            …if they can log in

            • Federico@mastodon.uno
              link
              fedilink
              arrow-up
              0
              arrow-down
              2              ·
              6 days ago

              @possiblylinux127

              1. Password is not mandatory
              2. Some organizations require ultra-simple password formats (e.g. 6 digits)
              3. Afaik password is not enabled by default in windows

              Call this security… It’s just a marketing lock-in strategy. A good old password is all you need for encrypting a disk.

              • Possibly linux@lemmy.zip
                link
                fedilink
                English
                arrow-up
                2                ·
                6 days ago

                …Except none of that is true

Linux@programming.dev

linux@programming.dev

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

  • [email protected]
  • [email protected]
  • Matrix instant messaging group chat

Original icon base courtesy of [email protected] and The GIMP

Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 632 users / day
  • 2.34K users / week
  • 3.61K users / month
  • 10.3K users / 6 months
  • 1 local subscriber
  • 9.78K subscribers
  • 2.3K Posts
  • 14.8K Comments
  • Modlog
  • mods:
  • Ategon@programming.dev
  • adr1an@programming.dev
  • dwraf_of_ignorance@programming.dev
  • BE: 0.19.8
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org