85
Speaking about Windows PC.
- Not everybody thinks they need such security because it's their home computer.
- Enabling device encryption necessitates the backup of the encryption key (and backup of the data files); otherwise, you may lose all the contents when things go wrong (like the key disappears after an update). People who don't understand the tech may not know where their backup keys are.
- Windows Home encryption is a hassle since you don't have finer-grain control over the encryption, unlike Bitlocker on Windows Pro. This is the lamest scheme for Windows. You only get practical basic security with Windows Pro.
- Enabling system drive encryption may make your system backup/recovery harder or impossible in some configurations. Figuring this out may require some technical expertise.
You can save your bitlocker key to your Microsoft account, which makes it easier for non-techies.
Phones are computers.
If you're talking about desktop PCs, we don't put those in our pockets and carry them literally everywhere and drop them and lose them in random places.
we don’t put those in our pockets and carry them literally everywhere and drop them and lose them in random places
Ahh, interesting. I've never thought about that aspect. But what about laptops tho? Aren't they just as vulnerable as mobile devices?
No, because again, you're not carrying your laptop around literally everywhere.
Because Microsoft locked these features to Pro and Enterprise tiers of Windows for profitability reasons.
Also, people with actually modular PCs sometimes move drives between devices.
I use Linux and my hard drive us encrypted.
Some Linux distributions make the option available on install, although I don't know if there are any that do it by default.
Pop_OS! does.
Very good question.
All the business laptops that I had during the last 15 years or so had encryption enabled (these devices were provided to me by employers).
For my private PC, I simply would not trust Microsoft. Windows itself has become spyware. My private PC isn't mobile, so the risk is low.
But if I'd buy a laptop for my private use, I would probably use encryption.
if you don't trust microsoft, why would you use windows at all?
Good point. I will have to think about it.
For my private PC, I simply would not trust Microsoft.
Look for something like Win 10 LTSC. It's entirely stripped down, and usually not readily available to consumers. The updates are only security and stability, no feature.
Alternately, you can try using Linux, but my experiments with Tails are that it's a challenge and that there's no documentation to speak of.
Alternately, you can try using Linux, but my experiments with Tails are that it’s a challenge and that there’s no documentation to speak of.
Well, Tails isn't exactly a "daily driver" Linux distro so documentation will be lacking compared to the alternatives. Something along the lines of Pop OS, Mint, or Ubuntu would be better for most people.
They do.
Windows now enables bitlocker by default when you use a Microsoft account, and it saves the keys to onedrive.
Mainstream Linux distros don't do it by default but it's an option on install, as Linux usually goes.
MacOS is macOS, I'd be surprised if they didn't encrypt it before everyone else.
encryption not fun when you lose the key.
Newer versions of OS'es have that option, but I guess most computers are pretty stationary, while most phones leave the house very regularly.
One is mobile the other isnt unless its a laptop. Plus I think win 11 now defaults to that and the same with macos afaik but I didnt really do thorough research.
The search for "security" is just started. Whether is makes sense or not i let you choose. Your point stands, but laptops have usually "unlocked" boootloaders and so it would not make sense as in a phone.
You need vendor locked in devices to achieve true security (and lose your freedom of course)
(Just a bit more clarification. A truly secure and locked device takes your freedom to modify and really own the device. It would be only a matter of time you will be renting your own device)
TPM is a thing and changing settings such as the boot device trips it.
You need vendor locked in devices to achieve true security
This is bullshit.
this post was submitted on 17 Aug 2023
85 points (95.7% liked)
No Stupid Questions
35806 readers
189 users here now
No such thing. Ask away!
!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
Rules (interactive)
Rule 1- All posts must be legitimate questions. All post titles must include a question.
All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.
Rule 2- Your question subject cannot be illegal or NSFW material.
Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.
Rule 3- Do not seek mental, medical and professional help here.
Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.
Rule 4- No self promotion or upvote-farming of any kind.
That's it.
Rule 5- No baiting or sealioning or promoting an agenda.
Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.
Rule 6- Regarding META posts and joke questions.
Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.
On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.
If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.
Rule 7- You can't intentionally annoy, mock, or harass other members.
If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.
Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.
Rule 8- All comments should try to stay relevant to their parent content.
Rule 9- Reposts from other platforms are not allowed.
Let everyone have their own content.
Rule 10- Majority of bots aren't allowed to participate here.
Credits
Our breathtaking icon was bestowed upon us by @Cevilia!
The greatest banner of all time: by @TheOneWithTheHair!
founded 1 year ago
MODERATORS