|
|
|
|
|
|
by WhyNotHugo
1800 days ago
|
|
|
Honestly, I think providing the disk decryption password during early boot is a lot safer. If the TPM yields the decryption key, then the disk is mounted without the user being present, so any RUNTIME security hole can be exploited by the attacker (e.g.: USB exploits, etc). The Mac/Windows model just seems less-safe (though more friendly for shared devices). I would like a shared system though: where I provide half the key, and the TPM has the other half, so BOTH are necessary to decrypt the disk. |
|
|
But if you want full disk encryption for a server without the need to attend it in person to enter the password every time it restarts, you might feel the middling security a TPM provides is an improvement over not encrypting the disk at all.
Or if you issue a big fleet of laptops to forgetful users, and remote password reset is a must-have feature, the TPM is more secure than the user writing the password on a post-it note stuck to the laptop.
Or if you're making something like a TiVo where you want it to work without a password - while also locking down the device, even against the owner.
So TPMs are great if you're a big corporation!