[alerighi]

There are two issues. One is a false sense of security. You think that you have the same level of security of a full disk encryption, but you don't. On a full disk encryption only who knows the password can access your data. On this system the disk is automatically decrypted at boot, so any flaw in Windows that permits a privilege escalation done by that PC can give access to your data.

If somebody that wants your data steals your PC he will be likely to find a way to access your personal data. It's a protection against a casual thief that is probably not interested in your data and can't probably even figure out how to bypass the Windows password screen.

But if this doesn't make harm, why not have it? Because having disk encryption enabled by default to a user that doesn't know that is enabled by default is not necessary a good thing. Let's face it: users don't do backups. I know even companies that have all their data on a single server with no backups.

Now if the motherboard breaks and you don't have backup... you can't just take the disk out of that computer, connect to another PC and recover the data. You have lost your data!

But wait, you say Microsoft tought about that, indeed if you signed in with a Microsoft account you can recover your Bitlocker encryption key from the Microsoft portal... wait what? Exactly. No security at all! Microsoft knows your encryption keys and it stores it on their servers... again: false sense of security is worse than no security at all!

Finally, even if this system was 100% secure: do you trust the hardware? The same hardware produced by the same manufacturer of the products where nearly once in a year a big security flaw is discovered? The same hardware where we know that the NSA, and probably other government agencies, placed backdoors?

Whatever, typing a password when booting up the computer (that is once in a day) is such a big deal?

[lxgr]

> But wait, you say Microsoft tought about that, indeed if you signed in with a Microsoft account you can recover your Bitlocker encryption key from the Microsoft portal... wait what?

Can't you alternatively also export a copy of the actual disk encryption key and write that on a piece of paper? The last time I used Windows, that was possible, at least (but I think I didn't use the TPM back then).

On macOS, you can do either, for example, and it uses a similar construction (although using Apple's proprietary secure element and hardware encryption engine rather than a TPM and secure boot).

[Nextgrid]

My argument isn't that the TPM provides bulletproof security equivalent to a strong FDE passphrase, but that the TPM allows effortless, passwordless FDE with reasonable levels of security to users who otherwise wouldn't use FDE at all.

[adrr]

What type of password are users going to choose if they can't use a password manager at boot time? Its no more secure to a DMA attack then a TPM protected drive. Attackers are getting the both types passwords from memory.

[dist-epoch]

> indeed if you signed in with a Microsoft account you can recover your Bitlocker encryption key from the Microsoft portal. ... No security at all! Microsoft knows your encryption keys and it stores it on their servers.

This is complete disinformation. Microsoft gives you the OPT-IN OPTION to save your Bitlocker encryption key to your account.

It's clearly labeled and you need to click on it to activate it:

https://allthings.how/content/images/wordpress/2021/11/allth...