68
Linux Now Disabling TPM Bus Encryption By Default For Performance Reasons (www.phoronix.com)
submitted 1 month ago by cm0002@lemmy.zip to c/linux@programming.dev
20 comments fedilink hide all child comments
top 20 comments
sorted by: hot top controversial new old
[-] thingsiplay@beehaw.org 19 points 1 month ago

The intent was on better TPM security after a prior security demonstration showed TPM key recovery from Microsoft Windows BitLocker as well as TPM sniffing attacks.

I am not sure if this is a good change. Isn't this "dangerous"?

The hope is that now it's disabled by default, the Linux kernel developers can spend more time evaluating the security benefits and performance optimizations to make it worthwhile to re-enabled by default in a future Linux kernel version.

I'm confused. They disable security feature and then want spend time on the benefits and performance optimizations, to possible enable it again?

[-] Truscape 37 points 1 month ago* (last edited 1 month ago)

The TPM 2.0 implementation (mandated by Microsoft) is flawed. That much is certain.

If you'd like to know more details about the "benefits" and vulnerabilities of the standard, feel free to read the relevant wikipedia article: https://en.wikipedia.org/wiki/Trusted_Platform_Module

In my personal opinion, the TPM as a whole seems like a "solution in search of a problem", and developments that were able to foil its protection as early as 2010 from state and non-state actors should be a massive red flag.

[-] possiblylinux127@lemmy.zip 4 points 1 month ago* (last edited 1 month ago)

Physical security is very hard

TPM is a useful to help ensure physical security. TPM isn't perfect but it is decent for what it is.

[-] eleitl@lemmy.zip 5 points 1 month ago

That assumes you can trust the unauditable. I can only accept open hardware, with verification of random samples.

[-] Nomad@infosec.pub 6 points 1 month ago

If you use TPM for signing, that is not an issue most of the time. But if you store decryption keys for a storage device there that's not a good idea.

[-] Mihies@programming.dev 5 points 1 month ago

Where would you store it then?

[-] somerandomperson@lemmy.dbzer0.com 5 points 1 month ago

another encrypted medium

[-] Nomad@infosec.pub 5 points 1 month ago

Preferably in your brain and maybe partially in a smart card protected by a pin?

[-] Mihies@programming.dev 4 points 1 month ago* (last edited 1 month ago)

Yes, currently I'm using my brain for that and was thinking a security key such as Yubikey with touch requirement + PIN. But at least on Linux there is no support for that, or is it?

Edit: Ha, there actually is - https://mhdez.com/posts/unlocking-encrypted-linux-with-a-yubikey/

[-] Nomad@infosec.pub 2 points 1 month ago

AFAIK there is. But even if not, it simulates a keyboard which can input your passphrase. Also modification of the initrd is a matter of providing a bash script or binary to launch which returns the passphrase in the crypttab file and adding it to the correct directory.

[-] Mihies@programming.dev 2 points 1 month ago

From what I read so far, hardware key is just another way to decrypting, not the required. So it's just a convenient method to avoid typing a (long) password and instead just few PIN chars. So, if somebody gets hold of password, can still decrypt the disk even without the hardware key. Not perfect, but still better than only password.

[-] chaospatterns@lemmy.world 1 points 1 month ago

That probably makes sense. Most people don't have the risk of a malicious actor sniffing their TPM bus and those that do can opt in. Everybody else can still benefit from a TPM

[-] sapousername@mastodon.uno 0 points 1 month ago

@cm0002 Never understood why one should use tpm when there are good old passwords. It would be better to enforce a long password. To me TPM always looked like a marketing strategy masked by security tools: in the end it's a device that makes it mandatory to use your hard-drive on a specific machine. It's even weaker than a good password. Am I wrong?

[-] possiblylinux127@lemmy.zip 2 points 1 month ago

TPMs protect against evil maid attacks

Android has a nice solution with the system vs user encryption

[-] sapousername@mastodon.uno 0 points 1 month ago

@possiblylinux127 And allows to decrypt the disk if someone steals your laptop: it can just turn it on to read it...

[-] possiblylinux127@lemmy.zip 1 points 1 month ago

That isn't how TPMs work

The TPM checks the signature of the software with the signature it has internally. If that signature changes it will refuse to release the keys.

[-] sapousername@mastodon.uno 0 points 1 month ago* (last edited 1 month ago)

@possiblylinux127 Exactly. So if someone steals your laptop it can just press the power on button to read your disk. Security my ass.

[-] possiblylinux127@lemmy.zip 1 points 1 month ago

...if they can log in

[-] sapousername@mastodon.uno 0 points 1 month ago

@possiblylinux127

  1. Password is not mandatory
  2. Some organizations require ultra-simple password formats (e.g. 6 digits)
  3. Afaik password is not enabled by default in windows

Call this security... It's just a marketing lock-in strategy. A good old password is all you need for encrypting a disk.

[-] possiblylinux127@lemmy.zip 2 points 1 month ago

...Except none of that is true

this post was submitted on 10 Oct 2025
68 points (100.0% liked)

Linux

10440 readers
385 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev