[lofaszvanitt]

What do average people do when something happens with their secure boot? Search the web, and apply whatever they find, hoping that their system boots again. They want a solution under 1 minute, and don't care whether they expose their system. Secure boot is utterly complicated, a mess, and badly documented and people doesn't know shit about it.

And we want this to be default for users? I like lennart's work, but this further complicates things A LOT. What happens in case of hardware failure? If parts of the drive becomes unreadable and you need to retrieve as much data as possible? Oops you forgot to enroll your recovery key...

What will people do to avoid data loss and to avoid learning how the system as a whole works? Create backups and those will be stolen by nefarious entities instead.

Linux is mostly not so complicated. But this latest post... if this becomes the norm, oh god, unnecessarily complicated way to protect against imaginary threat. How widespread these hard disk removals are in the wild? I know maybe 1 case in the last 10 years that was publicised.

People are paranoid about things they can't control and don't understand at all, and these measures calm their nerves. Whew, I'm so important, my data is so important, now I'm protecced. While the ones who really want your data already waltz in anytime they want into your system and you can't do shit against it, because you are expert at max in one domain. The threat modelling already tells you that the compromise you have to take is that there are peepz you can't defend against.

[XorNot]

In a data loss situation you image the drive and decrypt it with your recovery key.

That has nothing to do with secure boot. You won't lose access to the drive, the issue is that you want to mostly not use that recovery key all the time.

[michaelt]

With normal full disk encryption, every user has memorised the secret needed to recover the disk, because you get reminded of it every time you boot.

The TPM is intentionally designed to make sure this is no longer the case.

Seems like a downgrade to me, from a disk recovery perspective.

[XorNot]

Storing infrequently used private documents safely is something everyone in the modern world has familiarity with.

Very few people have any familiarity with the risk model of encryption, even if they need or should have encryption (with should have including: providing cover for people who need encryption by making encryption common). And even more people write down passwords rather then remember them.

For example: disk encryption keys basically never change, even if you change the password. So intercepting an image of the encrypted disk at time point A, and then intercepting the user typing the same password in at time point A+N gives you the password to decrypt the disk. You can also reverse the order of this.

If you boot your laptop up from a cold boot in any public area and enter your encryption password, then it's high probability a local security camera has just taken the password. So the attack model can be "get a shot of someone typing on the keyboard in public" and then later "image the drive and crack at your leisure".

If someone gets a copy of your drive image at an earlier point in time, then you change the password, then you mention what your old password was (because it's now "safe" right?), then you've just given them the ability to decrypt the old disk image, and probably the current one too (since they still have a copy of the encryption headers and thus the master keys, which didn't change).

With TPM based factors, these attacks become worthless: the drive separated from the computer, even if you know the user's password, can't be decrypted. The user changing their day-to-day password on the drive is a secure event because the password only works with the computer it's attached too, not independently.