Buchanan walks through his process of experimenting with low-cost fault-injection attacks as an alternative when typical software bugs aren’t available to exploit.

  • Ace! _SL/S
    link
    fedilink
    English
    arrow-up
    6
    ·
    edit-2
    1 month ago

    I’d guess it’s because encryption adds overhead and slows things down. It’s also overkill for most people’s needs, since the chance to get their PC stolen isn’t worth the performance impact

    Should definitely be default on Laptops though

    • Anivia@feddit.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 month ago

      The overhead is negligible since modern desktop CPUs have included AES hardware acceleration for a long time by now

    • kautau@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 month ago

      For Apple computers with a T2 chip encryption actually is on by default and is always enabled at the hardware level. However, enabling filevault adds additional security around the master encryption key.

      Perhaps a future TPM standard will support dedicated encryption throughput in the future instead of just RNG and key generation, but until that happens I can’t see computer manufacturers turning encryption on by default (especially because the bitlocker user experience for non-power users is still pretty awful)

      On that note, being able to use TPM / UEFI features is getting more difficult for open source users, so actually taking advantage of the security hardware on your machine requires more work: https://github.com/Foxboron/sbctl/issues/85