cm0002@lemmy.zip to Linux@programming.dev · 8 days agoLinux Now Disabling TPM Bus Encryption By Default For Performance Reasonswww.phoronix.comexternal-linkmessage-square22fedilinkarrow-up199arrow-down10
arrow-up199arrow-down1external-linkLinux Now Disabling TPM Bus Encryption By Default For Performance Reasonswww.phoronix.comcm0002@lemmy.zip to Linux@programming.dev · 8 days agomessage-square22fedilink
minus-squarePossibly linux@lemmy.ziplinkfedilinkEnglisharrow-up1·6 days agoThat isn’t how TPMs work The TPM checks the signature of the software with the signature it has internally. If that signature changes it will refuse to release the keys.
minus-squareFederico@mastodon.unolinkfedilinkarrow-up0·edit-26 days ago@possiblylinux127 Exactly. So if someone steals your laptop it can just press the power on button to read your disk. Security my ass.
minus-squareFederico@mastodon.unolinkfedilinkarrow-up0arrow-down2·6 days ago@possiblylinux127 Password is not mandatory Some organizations require ultra-simple password formats (e.g. 6 digits) Afaik password is not enabled by default in windows Call this security… It’s just a marketing lock-in strategy. A good old password is all you need for encrypting a disk.
minus-squarePossibly linux@lemmy.ziplinkfedilinkEnglisharrow-up2·6 days ago…Except none of that is true
That isn’t how TPMs work
The TPM checks the signature of the software with the signature it has internally. If that signature changes it will refuse to release the keys.
@possiblylinux127 Exactly. So if someone steals your laptop it can just press the power on button to read your disk. Security my ass.
…if they can log in
@possiblylinux127
Call this security… It’s just a marketing lock-in strategy. A good old password is all you need for encrypting a disk.
…Except none of that is true