|
|
|
|
|
|
by XorNot
1743 days ago
|
|
|
Well the data is going to get wiped after you unlock without enough passphrases anyway, so it's kind of pointless - you need a backup. The point of not having recovery codes for the TPM is to ensure the disk is completely unusable if the machine is tampered with - i.e. you have to be forced to unlock that machine, and not a copy, to ensure the data is destroyed. I do wonder if TPM's would detect the use of SATA/PCI-E write blockers (or some elaborate shim system - but again, nation-state level). Of course this is the real fiction: in reality I'm somewhat too lazy to set all that up for the much more likely scenario of a preventable glitch hosing my system. |
|
|