Windows 11 users reportedly losing data due to Microsoft's forcedWindows 11 users reportedly losing data due to Microsoft's forced BitLocker encryption : technology

[–] Object@sh.itjust.works 22 points 1 day ago (1 children)

One major difference is that it is so much easier to lock yourself out of the desktop TPM chip compared to mobile device security chips because they're not tightly coupled.

[–] acosmichippo@lemmy.world 2 points 1 day ago (1 children)

and phones make you use your unlock pin often, so people are forced to remember it. on the other hand windows lets you use a short pin instead of your full account password pretty much forever which results in people forgetting the password completely.

[–] Rooki@lemmy.world 1 points 1 day ago

That isnt even the part it is encrypted, the TPM encryption is either "Automatic" or over a password (any length) on startup so far i know it from my work with Bitlocker (tpm 2.0) on windows 10. Idk if this is different on windows 11.

[–] surewhynotlem@lemmy.world 9 points 1 day ago (1 children)

Huh .. I never noticed. Probably because my phone OS never failed to boot, requiring me to pull data off the HDD directly.

[–] Landless2029@lemmy.world 6 points 1 day ago

Samsung is notorious for this.

[–] OfficerBribe@lemm.ee 3 points 1 day ago* (last edited 1 day ago)

Android I think just uses same credentials you use to unlock account, at least I am not aware of any recovery key. And you are prompted for credentials from time to time so it is harder to forget. I use fingerprint as main unlock + pattern and I have to enter pattern roughly once a week I think.

On Windows if you set up Windows Hello (fingerprint or PIN usually), you are not reminded to enter password afterwards so eventually you can forget it. And if you do not know your password and cannot recover account, you will not be able to retrieve BitLocker recovery key. So fix to this problem could be another annoyance to users if it would be implemented as Android does it.

[–] Rooki@lemmy.world 1 points 1 day ago (1 children)

The only phone manufacture that does that is Google with pixel. Any other phone is for my knowledge either "weakly" encrypted or not at all.

Still your Mobile OS isnt just upgrading and encrypting your SD card and main drive. Thats the point.

[–] InnerScientist@lemmy.world 1 points 1 day ago

All devices launching with Android 10 and higher are required to use file-based encryption.

To use the AOSP implementation of FBE securely, a device needs to meet the following dependencies:
Kernel Support for Ext4 encryption or F2FS encryption.
Keymaster Support with HAL version 1.0 or higher. There is no support for Keymaster 0.3 as that does not provide the necessary capabilities or assure sufficient protection for encryption keys.   
Keymaster/Keystore and Gatekeeper must be implemented in a Trusted Execution Environment (TEE) to provide protection for the DE keys so that an unauthorized OS (custom OS flashed onto the device) cannot simply request the DE keys.   
Hardware Root of Trust and Verified Boot bound to the Keymaster initialization is required to ensure that DE keys are not accessible by an unauthorized operating system.

https://source.android.com/docs/security/features/encryption/file-based?hl=en

[–] MonkderVierte@lemmy.ml 1 points 1 day ago* (last edited 1 day ago)

Different threat model and usage scenario. See the spilled milk comment.

[+] Lembot_0002@lemm.ee -20 points 1 day ago (3 children)

Most people don't have anything of importance on their phones. And the tuning options are almost absent on phones, so it is less problematic bug-wise.

[–] thesystemisdown@lemmy.world 21 points 1 day ago (2 children)

For many, a mobile device is their sole computer, and things of importance to them are stored on it.

[–] user224@lemmy.sdf.org 2 points 1 day ago (1 children)

Le banking app.

[–] Rooki@lemmy.world 1 points 1 day ago (1 children)

But THAT is recoverable EASILY, not like lost forever if you dont recover data from that phones storage.

Something like OTP are rather more important.

[–] user224@lemmy.sdf.org 1 points 1 day ago (1 children)

Well, I wasn't talking about recovery, but need for encryption.

[–] Rooki@lemmy.world 1 points 1 day ago

I guess thats true.

[–] pressanykeynow@lemmy.world 2 points 1 day ago

Yeah, nothing important. Just your banking apps, personal documents, photos, government apps, emails, all the services linked to your phone via mobile number, personal chats, work chats, 2fa codes, some other not important stuff. But at least it doesn't have your games. Unless you play games on your phone, then you are fucked.

[–] ieatpillowtags@lemm.ee 8 points 1 day ago (1 children)

No you’re right, nobody has precious photos or videos on their phone 🙄

[–] Lembot_0002@lemm.ee -5 points 1 day ago (4 children)

If they don't save those photos somewhere else from time to time, it means those photos aren't that important.

[–] oo1@lemmings.world 1 points 1 day ago

I backup my precious dick pics at several offsite locations by sending them to as many people as possible as often as possible.

8-

[–] spooky2092@lemmy.blahaj.zone 11 points 1 day ago* (last edited 1 day ago)

You're assuming they actually understand proper data protection procedures. You have a very misplaced amount of faith in the knowledge of the average person. Plenty of people just expect stuff to work and are horrified when they realize they're not.

I saw that all the time when I worked in mobile phone sales/support.

[–] Takumidesh@lemmy.world 5 points 1 day ago

This is a post about people who don't understand encryption.

[–] JWBananas@lemmy.world 2 points 1 day ago

https://en.m.wikipedia.org/wiki/False_equivalence

Technology

Our Rules

Approved Bots