• ArcticAmphibian@lemmus.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Sure, but does a grandmother’s Solitaire & Facebook PC really need quick encrypting and decrypting? Anyone not dealing with sensitive info doesn’t need one.

        • JuxtaposedJaguar@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          How would at-rest encryption make it less likely that your computer joins a botnet, or more likely that you’d notice if it did?

      • Solar Bear@slrpnk.net
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        There’s no downside to having it. There’s many downsides to not having it. This seems pretty cut and dry to me.

        • argv_minus_one@beehaw.org
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          1 year ago

          There’s no downside to having it.

          Sure there are. If it gets compromised with malicious code, I have no way of removing it.

          I can protect ring 0. I can keep crap out of ring 0. If all else fails, I can nuke everything in ring 0 and boot a fresh OS installation. But I can’t do a single bleeping thing except throw out the whole machine if malware takes over ring -1.

          • Solar Bear@slrpnk.net
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            This is already the case with your motherboard firmware, which fTPM is a part of. You are correct in that you have no real way to handle malware in it except throw it away. This doesn’t change in any way if you get rid of TPM.