mycodesucks@lemmy.world to linuxmemes@lemmy.world · 3 days agoSekyuriteelemmy.worldimagemessage-square64fedilinkarrow-up1890arrow-down112
arrow-up1878arrow-down1imageSekyuriteelemmy.worldmycodesucks@lemmy.world to linuxmemes@lemmy.world · 3 days agomessage-square64fedilink
minus-squarenialv7@lemmy.worldlinkfedilinkarrow-up10arrow-down1·2 days agoDepends on your threat model. If you are defending against people stealing your hard drive and reading your data, then this is perfectly fine.
minus-squarenibbler@discuss.tchncs.delinkfedilinkEnglisharrow-up6·2 days agoif it’s logging in automatically it needs the required encryption key available on the disk in clear. so the stolen hard drive will boot and unlock in any computer, no?
minus-squarenialv7@lemmy.worldlinkfedilinkarrow-up9·2 days agonot necessarily if the key is on TPM for example.
minus-squarenibbler@discuss.tchncs.delinkfedilinkEnglisharrow-up2·2 days agothis is correct, but a very strict condition in relation to the general statement i reacted to :-)
Depends on your threat model. If you are defending against people stealing your hard drive and reading your data, then this is perfectly fine.
if it’s logging in automatically it needs the required encryption key available on the disk in clear. so the stolen hard drive will boot and unlock in any computer, no?
not necessarily if the key is on TPM for example.
this is correct, but a very strict condition in relation to the general statement i reacted to :-)