mycodesucks@lemmy.world to linuxmemes@lemmy.world · 2 days agoSekyuriteelemmy.worldimagemessage-square64fedilinkarrow-up1887
arrow-up1887imageSekyuriteelemmy.worldmycodesucks@lemmy.world to linuxmemes@lemmy.world · 2 days agomessage-square64fedilink
minus-squarenialv7@lemmy.worldlinkfedilinkarrow-up9·1 day agoDepends on your threat model. If you are defending against people stealing your hard drive and reading your data, then this is perfectly fine.
minus-squarenibbler@discuss.tchncs.delinkfedilinkEnglisharrow-up6·1 day agoif it’s logging in automatically it needs the required encryption key available on the disk in clear. so the stolen hard drive will boot and unlock in any computer, no?
minus-squarenialv7@lemmy.worldlinkfedilinkarrow-up8·1 day agonot necessarily if the key is on TPM for example.
minus-squarenibbler@discuss.tchncs.delinkfedilinkEnglisharrow-up2·1 day agothis is correct, but a very strict condition in relation to the general statement i reacted to :-)
Depends on your threat model. If you are defending against people stealing your hard drive and reading your data, then this is perfectly fine.
if it’s logging in automatically it needs the required encryption key available on the disk in clear. so the stolen hard drive will boot and unlock in any computer, no?
not necessarily if the key is on TPM for example.
this is correct, but a very strict condition in relation to the general statement i reacted to :-)