Microsoft’s Bitlocker & TPM encryption combo defeated with a $10 Raspberry Pi::The point of Microsoft’s Bitlocker security feature is to protect personal data stored locally on devices and particularly when those devices are lost or otherwise physically compromised. With Bi

  • ryannathans
    link
    fedilink
    English
    arrow-up
    2
    ·
    9 months ago

    Veracrypt drive encryption does not have the same problem, it would be secure even with physical access

      • ryannathans
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        9 months ago

        Yeah, it’s safe because of no TPM usage. You can boot from an encrypted drive, it’ll prompt for the key instead of auto loading from vulnerable hardware

        • Natanael@slrpnk.net
          link
          fedilink
          English
          arrow-up
          3
          ·
          9 months ago

          Bitlocker supports the same usecase, but everybody wants that automatic boot feature so…

          It also lets you store a secondary key on a server and require the computer to be on trusted networks to be able to retrieve it to boot, but I’ve never ever heard of anybody using that

          • ryannathans
            link
            fedilink
            English
            arrow-up
            2
            ·
            9 months ago

            Pretty sure it uploads the key to microsoft servers when you do that

            • Natanael@slrpnk.net
              link
              fedilink
              English
              arrow-up
              2
              ·
              9 months ago

              That’s the default, but you can block it in the command line configuration tool