I’d guess it’s because encryption adds overhead and slows things down. It’s also overkill for most people’s needs, since the chance to get their PC stolen isn’t worth the performance impact
Comment on Hacker shows how a cigarette lighter can grant you root access
BrikoX@lemmy.zip 2 months agoYeah, it’s wild to me that desktop operating systems doesn’t encrypt storage by default. Both iOS and Android do.
AceSLS@ani.social 2 months ago
Anivia@feddit.org 2 months ago
The overhead is negligible since modern desktop CPUs have included AES hardware acceleration for a long time by now
kautau@lemmy.world 2 months ago
For Apple computers with a T2 chip encryption actually is on by default and is always enabled at the hardware level. However, enabling filevault adds additional security around the master encryption key.
Perhaps a future TPM standard will support dedicated encryption throughput in the future instead of just RNG and key generation, but until that happens I can’t see computer manufacturers turning encryption on by default (especially because the bitlocker user experience for non-power users is still pretty awful)
On that note, being able to use TPM / UEFI features is getting more difficult for open source users, so actually taking advantage of the security hardware on your machine requires more work: github.com/Foxboron/sbctl/issues/85
Spiralvortexisalie@lemmy.world 2 months ago
JackGreenEarth@lemm.ee 2 months ago
I chose to not encrypt my SSDs as I don’t want to forget the password and lose all my data. But now I have an external backup I’m fine encrypting them.
8Bitz0@discuss.tchncs.de 2 months ago
I would love to see something like macOS’s FileVault encryption. It completely blends in with the login screen and your decryption password is your user password.
BrikoX@lemmy.zip 2 months ago
Use a password manager. And create a passphrase type password for it so it’s easier to remember. Then you will have a unique password for everything, while only needing to remember one of them. And since you will use it daily, it’s impossible to forget.
JackGreenEarth@lemm.ee 2 months ago
I do use a password manager, but I can’t use it for signing into a machine, just signing into other things once I’m already logged in. I usually do remember my password, but there was an incident when I changed my password because I thought someone had guessed it, and then forgot what I had changed it to and was only able to recover my data because my SSDs were not encrypted
CosmicTurtle0@lemmy.dbzer0.com 2 months ago
The threat profile for a desktop is different than a phone.
You carry your phone with you everywhere.
Desktops typically stay in one location that likely has locks.
If you’re truly paranoid, you’ll encrypt your drive regardless. For regular joes like me, it’s not enough for me to enable it and enter a password at boot up.