Marius Schwarz wrote:
> "Figure out intersection with current work to use the TPM to allow
> booting to GDM without entering the password."
>
> Means, if someone steals the device, he can boot a system.
And conversely, if you move the hard disk to another computer, you can no
longer read it. And if your motherboard breaks down, instant data loss.
In addition, I do not trust the TPM or any other Treacherous Computing
component.
If you want to rely on a hardware key, it should at least be on a removable
USB token (a keyfile on a plain mass-storage USB stick is enough!), not
hard-wired into the computer like the TPM.
Kevin Kofler
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
