this post was submitted on 02 May 2024
1108 points (98.5% liked)
Technology
59197 readers
2933 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I try to speak the gospel of backing up your bitlocker recovery key to anyone who will listen without their eyes glazing over.
You can turn it off, if you're okay with going without encryption; if it's a mobile computer, like a laptop or something, encryption is a good idea, so just back up the key in a safe place, even just emailing it to yourself and you're all set.
The bullshit is that the bitlocker dialog won't save a file that contains your recovery key, to the drive that's encrypted; my recommendation is to "print" it to a PDF, which you can save anywhere you want. Once you have it, attach it to an email and send it to yourself, or toss it in your Google drive or whatever.
Full disk encryption is, IMO, a great thing to have, but to rugpull people by just enabling it and not giving them the information to secure access to their data, or even really inform them that it's on, is complete fucking horse shit.
I don't know how much I'll need it on a desktop that's strictly used by me, but I see your point nevertheless. The fact that its turned on by default without user knowledge and that the key is not automatically safely accessible is... That is a whole other level of dogshit, that's just insane honestly. I'd definitely save it to drive and a stick to be sure, that's a good one.
I agree, there's pretty limited usefulness to keep it enabled on a desktop. Unless you're at risk of someone walking off with it, like your desktop is in a fairly public area, or you live in an area where robberies/burglaries are not rare, I don't know that there's much value in it. You also have to think about what data you're realistically keeping on your PC. Is it something that if that were to become public information, would that be a problem?
Like, if you have pictures of yourself in blackface or nudes or something, maybe think about it... But if you're just using your PC to play games and browse the web, it's probably not very important to encrypt it. Even if someone takes it and looks through all your data, they probably won't find anything of value (to someone else) beyond whatever money they can get for the hardware.
It's a very personal choice, and with higher risk devices like laptops, I would say, just turn on the FDE, back up the recovery keys and forget about it. Desktops, meh. Up to you.