undefined | Better HN

0 pointsburan772y ago0 comments

> Except you can use good old password

But one could not do that and be just as vulnerable. Same as you can use a PIN on BitLocker and be safe in this case. Which answers my question that this is not something BitLocker specific, just a bit of name dropping to garner more attention. Which is fine from the original author, not so fine from the journalists that picked it up.

> So yes, it's kind of a big deal.

You're not wrong but also this is not new. On close read this is indeed the same attack detailed as far back as 2019, says the internet. Presumably a few dollars cheaper now.

Use an additional factor if you care about that data staying encrypted, it only takes a few seconds and could save you quite the headache.

0 comments

yellowapple2y ago

> But one could not do that and be just as vulnerable. Same as you can use a PIN on BitLocker and be safe in this case.

Right, but BitLocker is vulnerable by default whereas LUKS is not, because BitLocker relies on a TPM without a PIN by default whereas LUKS relies on a password by default. Yeah, technically this attack ain't BitLocker-specific, but I don't know of any other FDE implementation that defaults to using a TPM without a PIN/password.

j / k navigate · click thread line to collapse