You are not logged in.
The wiki page on TPM says:
Warning: If you use this method on your root volume, this means that, as long as the previously mentioned certain conditions are met, your computer will unlock automatically at boot without needing to enter an encryption password.
That's fine, but I'm confused by this:
This means that access to data is not protected in case the hardware gets stolen.
What kinds of attack could access this data?
Offline
What kinds of attack could access this data?
If an attacker is able to gain possession of your device then the disk may as well be unencrypted.
Offline
That part of the warning is quite strait forward ... to the point of being blatantly obvious. So I'm not sure what you're asking.
If you configure your system to decrypt automatically on power on without any password, then all the theif would need to do to have complete access to all of your data is power on the system. What's not clear about that?
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
If you configure your system to decrypt automatically on power on without any password, then all the theif would need to do to have complete access to all of your data is power on the system. What's not clear about that?
There is still the login prompt/lock screen protecting access to the user session. Assuming that there is no way to bypass login (eg mashing keys for button overflow a la cinnamon lock screen), what can the thief do to extract the disk's contents?
Offline
There is absolutely no need to log in to access all the data on the disk once it is decrypted. There are likely countless many ways to do so, even if only a few I might be able to enumerate.
But in any case, the data is not protected by the encryption scheme which is pretty clearly what the quoted wiki page is referring to. This does not mean that there may not be other protections on your data. But I'd never considered a user-session / gui lock screen to be a form of real data protection.
Last edited by Trilby (2022-08-04 18:04:14)
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline