• refalo@programming.dev
    link
    fedilink
    arrow-up
    2
    ·
    7 months ago

    They could add some kind of message that warns about this, but I think it’s a better idea to encrypt by default (warning or not) rather than not… at least for privacy reasons.

    • cm0002@lemmy.world
      link
      fedilink
      arrow-up
      5
      ·
      7 months ago

      It really doesn’t matter what message they show during setup, you haven’t worked tech support or computer repair have you?

      The non-savvy users rarely pay attention to shit, a message during setup will be nothing but a blip at best in their memory by the time something happens to the computer 2-4 years later.

      We’ve been telling non-savvy users to make sure they backup their shit for literally decades now, they still don’t. Not even macOS encrypts the user data partition by default, this is gonna be a shit show and hell desks and computer repair shops everywhere are on the front line.

      • refalo@programming.dev
        link
        fedilink
        arrow-up
        2
        ·
        7 months ago

        I consider that a separate issue.

        IMO OS vendors pushing for full disk encryption is light years better than simply shrugging and saying “well people might be dumb so we shouldn’t do it at all”.

        • cm0002@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          7 months ago

          Just turning it on for everyone like they’re planning is what I have issues with.

          macOS does prompt the user to enable FileVault during initial setup, but it defaults to disabled. The other thing users do, is default to the default when they don’t understand something.

          So by defaulting to disabled, not many people enable FileVault without actually knowing what it’s talking about. If they do know what it’s talking about then all’s good because they’ll probably actually write down the recovery key.

          MS’s plan so far is “On the next update we’ll just turn it on for everyone everywhere and (maybe) display a fast message with a recovery key, YOLO”

          • refalo@programming.dev
            link
            fedilink
            arrow-up
            1
            ·
            7 months ago

            Maybe educating people about backups (in general) is a better approach than being averse to increasing security/privacy.

            I still prefer MS pushing updates to people that never update vs the alternative of them getting viruses and such all the time. I just wish there was an easier way for advanced users to turn it off permanently, but it’s still not impossible so I still prefer this to people not updating at all.

            • cm0002@lemmy.world
              link
              fedilink
              arrow-up
              2
              ·
              7 months ago

              Maybe educating people about backups (in general) is a better approach than being averse to increasing security/privacy.

              Like I said, there’s been various backup your shit campaigns for decades now, why do you think the next time is going to be different? One of my windows PCs literally just sent a notification about backing things up (it’s what reminded me of this lmao), I wonder how many non-savvy users got that and completely ignored it?

              I still prefer MS pushing updates to people that never update vs the alternative of them getting viruses and such all the time. I just wish there was an easier way for advanced users to turn it off permanently, but it’s still not impossible so I still prefer this to people not updating at all.

              Agreed, but this is not a matter of updates, it’s a matter of how they’re handling this specific update. I personally just don’t see the benefits of forcing FDE on for everyone outweighing the risks.

              Your average home user is going to primarily get their data stolen via malware or social engineering, both of which FDE does nothing to protect against.

              • refalo@programming.dev
                link
                fedilink
                arrow-up
                1
                ·
                edit-2
                7 months ago

                All we can do is try. If we warned them and they still don’t do it, well you just can’t fix stupid and it’s not our problem anymore, plus they have bigger issues if they can’t read. That’s still better than doing nothing. And still better than not having device encryption IMO.