this post was submitted on 07 Feb 2024
738 points (97.7% liked)

Technology

59187 readers
1991 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 30 points 9 months ago (4 children)

Question: if I have an bitlocker encrypted SSD in a modern computer with embedded TPM, can I move this SSD to an old computer with external TPM to sniff the cod this way? Be gentle. I am dumb. Thanks.

[–] [email protected] 22 points 9 months ago (1 children)

"Sniff the cod" This is a typo right? I don't know any better, but I had a good laugh.

[–] [email protected] 10 points 9 months ago

What about the salmon and the halibut? :-D

[–] [email protected] 19 points 9 months ago

Not unless you entered your recovery code to unlock it on the old computer with the external tpm.

[–] [email protected] 6 points 9 months ago (1 children)

Nope. As soon as you move the disk to your second system/TPM, you lose any ability to decrypt it at all.

[–] [email protected] 9 points 9 months ago (1 children)
[–] [email protected] 1 points 9 months ago (1 children)
[–] [email protected] 2 points 9 months ago (1 children)

For LUKS user set the key; for bitlocker, I believe the key is automatically uploaded to either your Microsoft account or you system admin's account.

[–] [email protected] 2 points 9 months ago

Sure LUKS will do what you tell it. Bitlocker will do what it wants and just use the TPM unless you jump through a bunch of group policy edits and such. But you are correct, I had forgotten it does give you the option to backup the key to a txt file during the installation or initial encryption process :)

[–] [email protected] 4 points 9 months ago

The Key is stored on the Internal TPM. Only it can unlock the SSD.