this post was submitted on 14 Aug 2024
300 points (97.5% liked)

Technology

58115 readers
3935 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world
300
Microsoft is enabling BitLocker device encryption by default on Windows 11 (www.theverge.com)
submitted 1 month ago by mr_MADAFAKA@lemmy.ml to c/technology@lemmy.world
115 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Andromxda@lemmy.dbzer0.com 8 points 1 month ago

It still uses the TPM by default, instead of requireing a passphrase to be typed in on boot to unlock the keys. This still makes it an insecure mess.

https://yewtu.be/watch?v=wTl4vEednkQ

https://github.com/stacksmashing/pico-tpmsniffer

https://github.com/stacksmashing/LPCClocklessAnalyzer

Microsoft NEVER cares about your security. They just do the absolute bare minimum for compliance with stupid standards, and then advertise it as some crazy security improvement. Corporations lie to you all the time. If you want some actual security, you need to start using FOSS software. Most importantly a FOSS, Linux-based OS, and set it up with LUKS passphrase-based encryption.