(oddlama.org)

189 points arjvik | 1 comments | 17 Jan 25 03:00 UTC | HN request time: 0s | source

Show context

acheong08 ◴[17 Jan 25 04:12 UTC] No.42733994[source]▶

I don't understand why anyone would use passwordless disk encryption. It just seems inherently vulnerable, especially with the threat model of physical compromise.

Entering a password on boot isn't even that much work

replies(19): >>42734012 #>>42734073 #>>42734132 #>>42734171 #>>42734304 #>>42734370 #>>42734375 #>>42734397 #>>42734516 #>>42734734 #>>42734841 #>>42734892 #>>42734925 #>>42735445 #>>42736160 #>>42739068 #>>42740673 #>>42741392 #>>42742256 #

1. pclmulqdq ◴[17 Jan 25 04:16 UTC] No.42734012[source]▶

>>42733994 #

On servers, it protects against someone stealing your disks (or stealing the raw bytes from your disks) and then booting them in a copy of your machine.

↑

Bypassing disk encryption on systems with automatic TPM2 unlock