Chris Murphy wrote:
> Summary: Windows 10/11 increasingly enables Bitlocker (full disk
> encryption) out of the box with the encryption key sealed in the TPM.
[…]
> The Bitlocker encryption key is unsealed only if the boot chain
> measurement by the TPM matches the expected values in a TPM PCR.
So, basically, they set up things without the user's knowledge so that the
user's data can only be decrypted from Windows, only when booted directly,
and only with Restricted Boot enabled. Does that not fit the definition of
ransomware? Treacherous Computing at its finest… Does anyone still believe
that all this is about security?
Kevin Kofler
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
