/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
Bypassing disk encryption on systems with automatic TPM2 unlock
(oddlama.org)
189 points
arjvik
| 3 comments |
17 Jan 25 03:00 UTC
|
HN request time: 0s
|
source
Show context
acheong08
◴[
17 Jan 25 04:12 UTC
]
No.
42733994
[source]
▶
>>42733640 (OP)
#
I don't understand why anyone would use passwordless disk encryption. It just seems inherently vulnerable, especially with the threat model of physical compromise.
Entering a password on boot isn't even that much work
replies(19):
>>42734012
#
>>42734073
#
>>42734132
#
>>42734171
#
>>42734304
#
>>42734370
#
>>42734375
#
>>42734397
#
>>42734516
#
>>42734734
#
>>42734841
#
>>42734892
#
>>42734925
#
>>42735445
#
>>42736160
#
>>42739068
#
>>42740673
#
>>42741392
#
>>42742256
#
1.
udev4096
◴[
17 Jan 25 05:59 UTC
]
No.
42734516
[source]
▶
>>42733994
#
It's just not practical. How are you going to manually enter the password for let's say 10 servers?
replies(1):
>>42734848
#
ID:
GO
2.
johnisgood
◴[
17 Jan 25 07:00 UTC
]
No.
42734848
[source]
▶
>>42734516 (TP)
#
USB pendrive with random key, no need to enter anything and is more secure and gives you plausible deniability through many different means.
replies(1):
>>42735351
#
3.
cedilla
◴[
17 Jan 25 08:43 UTC
]
No.
42735351
[source]
▶
>>42734848
#
Going around 10 servers with a USB drive sounds just as tedious, and what happens when you lose the key or the attacker gets it?
↑