(oddlama.org)

189 points arjvik | 1 comments | 17 Jan 25 03:00 UTC | HN request time: 0.199s | source

Show context

acheong08 ◴[17 Jan 25 04:12 UTC] No.42733994[source]▶

I don't understand why anyone would use passwordless disk encryption. It just seems inherently vulnerable, especially with the threat model of physical compromise.

Entering a password on boot isn't even that much work

replies(19): >>42734012 #>>42734073 #>>42734132 #>>42734171 #>>42734304 #>>42734370 #>>42734375 #>>42734397 #>>42734516 #>>42734734 #>>42734841 #>>42734892 #>>42734925 #>>42735445 #>>42736160 #>>42739068 #>>42740673 #>>42741392 #>>42742256 #

cyberax ◴[17 Jan 25 05:31 UTC] No.42734397[source]▶

>>42733994 #

> I don't understand why anyone would use passwordless disk encryption.

I'm using it on my home server that I'm using for self-hosting. This way, if it's stolen, the thief won't be able to easily get to my data. At the same time, I don't have to physically enter the password if my server reboots.

replies(1): >>42742497 #

jvdvegt ◴[17 Jan 25 19:49 UTC] No.42742497[source]▶

>>42734397 #

They'll have your data if they just take the whole server...

replies(1): >>42742862 #

1. cyberax ◴[17 Jan 25 20:22 UTC] No.42742862[source]▶

>>42742497 #

And then what? They will be faced with a login prompt. Reading from disks is useless. My login password is strong.

↑

Bypassing disk encryption on systems with automatic TPM2 unlock