Blind user friendly full disk encryption

aidan_walsh

@scottalanmiller Me too. Unfortunately, it doesn't look like its an option provided. I had also been recommended to let it encrypt using just the TPM for authorisation (authentication?), but it doesn't have a TPM

scottalanmiller

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller Me too. Unfortunately, it doesn't look like its an option provided. I had also been recommended to let it encrypt using just the TPM for authorisation (authentication?), but it doesn't have a TPM

Oh, that's a problem How do you get a machine without TPM today?

aidan_walsh

@scottalanmiller Buy Lenovo, it seems.

scottalanmiller

So this isn't great BUT... what if you run their desktop in a VM that is encrypted? Have an unencrypted system boot up, then fire up VirtualBox with an encrypted VHD, and fire up their real desktop from there?

scottalanmiller

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller Buy Lenovo, it seems.

Oh, well that makes sense, you don't pay for TPM when you get Lenovo. You don't use Lenovo when security is important. Why are you buying Lenovo AND worrying about full disk encryption? That seems like cross purposes.

travisdh1

@scottalanmiller said in Blind user friendly full disk encryption:

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller Buy Lenovo, it seems.

Oh, well that makes sense, you don't pay for TPM when you get Lenovo. You don't use Lenovo when security is important. Why are you buying Lenovo AND worrying about full disk encryption? That seems like cross purposes.

@scottalanmiller I don't think anybody besides a few people here have paid any attention to how badly Lenovo actually acts, they just take them at their word even still.

For those of you not "In the know" Lenovo STILL has superfish and uses a custom wifi card to force the use of the drives that contain superfish. So asking how to enable encryption on a Lenovo is just silly.

Found out about SuperFish while my X220 was being shipped to me

scottalanmiller

@travisdh1 said in Blind user friendly full disk encryption:

@scottalanmiller I don't think anybody besides a few people here have paid any attention to how badly Lenovo actually acts, they just take them at their word even still.

Im pretty sure tons of people paid attention. Just not many care because it isn't their data.

aidan_walsh

@scottalanmiller I work at a government education board, the laptop was one we had in reserve.

scottalanmiller

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller I work at a government education board, the laptop was one we had in reserve.

Government is buying Chinese products with software to violate their basic security on them instead of American ones without? That makes me very sad

aidan_walsh

@scottalanmiller said in Blind user friendly full disk encryption:

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller I work at a government education board, the laptop was one we had in reserve.

Government is buying Chinese products with software to violate their basic security on them instead of American ones without? That makes me very sad

I'm not in the US, and I've read about the NSA Cisco backdoors

scottalanmiller

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller said in Blind user friendly full disk encryption:

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller I work at a government education board, the laptop was one we had in reserve.

Government is buying Chinese products with software to violate their basic security on them instead of American ones without? That makes me very sad

I'm not in the US, and I've read about the NSA Cisco backdoors

Unless you are in China, it's still the same problem... but definitely don't buy American either. Same problem, different solution, buy Taiwanese. Only machines you can trust. In the US, anything passing through customs may be modified to spy on us, so it doesn't matter the source. The problem with Lenovo is that it isn't China spying on us, but a single company. I "trust" China with my data (because it's worthless to them), but I don't trust Lenovo because, well, they are bad people.