• Ghast@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      I don’t know why I keep hearing of security measures to stop someone sleuthing into bootloaders.

      Am I the only person using Linux who isn’t James Bond?

      • Eager Eagle@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        so you never caught a team of government officials in your living room brute forcing your bootloader at 4am as you got up to use the bathroom, huh. Lucky guy.

      • hansl@lemmy.ml
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        I’m an engineer with trade secrets on his laptop. I’ve heard of dozens of people getting laptops stolen from their cars that they left for like ten or fifteen minutes.

        The chances are slims, but if it happens I’m in deep trouble whether those secrets leak of not. I’m not taking the risk. I’m encrypting my disk.

        It’s not like there’s a difference in performance nowadays.

        • duncesplayed@lemmy.one
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          TPM’s not going to help with that situation, though, right? Either you’re typing in your encryption password on boot (in which case you don’t need TPM to keep your password), or you’re not, in which case the thief has your TPM module with the password in it.

      • The_Mixer_Dude@lemmus.org
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        I’m still on the hunt for a desktop Linux distro that has no security features or passwords. My usage for this may not be common but it can’t be rare enough that there are zero options

    • interdimensionalmeme@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      TPM bad, put your secrets on a proper encryption peripheral, like a smartcard running javacardOS

      TPM will turn into cpu-bound DRM, the more you use it, the more this cancer will grow