this post was submitted on 22 Oct 2023
384 points (95.5% liked)
Technology
59578 readers
2943 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm using windows pro, because of hyperv, and gpu virtualisation. And I don't need that security feature.
And windows pro still have some benefits. The group policy, tho most of the changes can still be made in the registry.
Yep. And the average user doesn't know what a bios update is.
Oh and the average user doesn't know that windows update has bios updates from manufacturers.
What happens when the bios is flashed? Poof the key disappeared...
Nice move Microsoft. Not sure if they have something to prevent the loss of the encryption key or some security, but for those people I hope they don't loose their data due to updates.
I use windows pro for personal because home doesn't have bitlocker. You could totally upgrade using MAS too.
Windows 11 Home does have BitLocker, it's just a very simplified version of BitLocker without most of the options. Like it's basically just on or off in the settings, no way to manually backup the key or anything else. But changing certain things will trigger the enter BitLocker key screen at boot.
From your article:
I'm pretty sure it just uses BitLocker under the hood and doesn't let you configure some things:
https://support.microsoft.com/en-us/windows/device-encryption-in-windows-ad5dcf4b-dbe0-2331-228f-7925c2a3012d
https://learn.microsoft.com/en-us/windows-hardware/drivers/bringup/secure-boot-and-device-encryption-overview#device-encryption
Just checked an 11 Home computer that has Device Encryption turned on:
Get-BitLockerVolume reports that it is on for the main drive with RecoveryPassword and Tpm protectors.
It's definitely just a rebranded, less featured BitLocker.
I’m using Enterprise, because it has less overall bloatware.
Wait… I’ve never been a windows user, so forgive my ignorance… is full disk encryption really not available to all windows users? And most people buy the home version that lacks it?
Ah okay! Whew! I’d be super disappointed if full disk encryption wasn’t available to users.