[cma]

> The vast majority of users aren't going to have their laptop stolen at all, if they do it will 99% of the time be by someone who only wants to wipe it and fence it, and attempts to access data are most likely to be by unsophisticated family members who would be defeated by a simple password without any TPM.

I've only met one person who's phone was stolen. They grabbed it while it was unlocked and within minutes after began scamming all the person's Instagram and other contacts asking for quick money for an emergency.

[mike_hearn]

That's how it works now exactly because hardware security ("DRM") on phones is so good that grabbing phones whilst unlocked is the only way to beat it. For most of the history of phones, they would be pickpocketed or taken from bags, luggage, hotel rooms etc without you ever seeing the thief.

This is a huge upgrade, and nothing to sniff at. I also had someone try to grab my phone out of my hand and run off whilst walking on the streets in France. Unfortunately for him I can run extremely fast. Once he saw I was catching up and about to beat the crap out of him, he gently placed the phone on the road whilst running and gave it back to me. Before phone security got really good a guy like that would have been using the sneaky approach and then visiting a back room in a phone shop to reflash all the hardware IDs, but secure boots and the mobile security chips have got good enough that this is no longer feasible.

[cma]

Depends which is more valuable, the phone or the potential scams. With no hardware security you'd just have a standard USB stick to root it and get the same access to the logins and contacts, or you'd take it right to an underground shop that did. And you could sell the hardware on top of that, making theft that much better.

[razakel]

At least they weren't logged into their banking apps.