Windows does it since 11, macOS has done it for a while now, and Linux has provided the option on most distros for a few years as well.
If you’ve upgraded Windows to Windows 11 and don’t have encryption enabled, you can enable it after the fact without reinstalling your OS. On Linux this is harder to accomplish.
Windows 10 locked encryption behind a pro license, but computers haven’t been sold with Windows 10 installations for a few years now.
The encryption can be used for bad things too. Windows 11 itself has so many things just straight up bad. Spyware, Telemetry and instability of some “older” apps aka apps from windows 10.
I don’t understand. How do you use full-disk encryption for bad things? Are you talking about the pedophile/terrorist angle that governments take on it?
Rather to encrypt other non windows conform drives.
Speaking about Windows PC.
- Not everybody thinks they need such security because it’s their home computer.
- Enabling device encryption necessitates the backup of the encryption key (and backup of the data files); otherwise, you may lose all the contents when things go wrong (like the key disappears after an update). People who don’t understand the tech may not know where their backup keys are.
- Windows Home encryption is a hassle since you don’t have finer-grain control over the encryption, unlike Bitlocker on Windows Pro. This is the lamest scheme for Windows. You only get practical basic security with Windows Pro.
- Enabling system drive encryption may make your system backup/recovery harder or impossible in some configurations. Figuring this out may require some technical expertise.
You can save your bitlocker key to your Microsoft account, which makes it easier for non-techies.
Phones are computers.
If you’re talking about desktop PCs, we don’t put those in our pockets and carry them literally everywhere and drop them and lose them in random places.
we don’t put those in our pockets and carry them literally everywhere and drop them and lose them in random places
Ahh, interesting. I’ve never thought about that aspect. But what about laptops tho? Aren’t they just as vulnerable as mobile devices?
No, because again, you’re not carrying your laptop around literally everywhere.
Very good question.
All the business laptops that I had during the last 15 years or so had encryption enabled (these devices were provided to me by employers).
For my private PC, I simply would not trust Microsoft. Windows itself has become spyware. My private PC isn’t mobile, so the risk is low.
But if I’d buy a laptop for my private use, I would probably use encryption.
if you don’t trust microsoft, why would you use windows at all?
For my private PC, I simply would not trust Microsoft.
Look for something like Win 10 LTSC. It’s entirely stripped down, and usually not readily available to consumers. The updates are only security and stability, no feature.
Alternately, you can try using Linux, but my experiments with Tails are that it’s a challenge and that there’s no documentation to speak of.
Alternately, you can try using Linux, but my experiments with Tails are that it’s a challenge and that there’s no documentation to speak of.
Well, Tails isn’t exactly a “daily driver” Linux distro so documentation will be lacking compared to the alternatives. Something along the lines of Pop OS, Mint, or Ubuntu would be better for most people.
Some Linux distributions make the option available on install, although I don’t know if there are any that do it by default.
Pop_OS! does.
Because Microsoft locked these features to Pro and Enterprise tiers of Windows for profitability reasons.
Also, people with actually modular PCs sometimes move drives between devices.
They do.
Windows now enables bitlocker by default when you use a Microsoft account, and it saves the keys to onedrive.
Mainstream Linux distros don’t do it by default but it’s an option on install, as Linux usually goes.
MacOS is macOS, I’d be surprised if they didn’t encrypt it before everyone else.
Newer versions of OS’es have that option, but I guess most computers are pretty stationary, while most phones leave the house very regularly.
encryption not fun when you lose the key.
The search for “security” is just started. Whether is makes sense or not i let you choose. Your point stands, but laptops have usually “unlocked” boootloaders and so it would not make sense as in a phone.
You need vendor locked in devices to achieve true security (and lose your freedom of course)
(Just a bit more clarification. A truly secure and locked device takes your freedom to modify and really own the device. It would be only a matter of time you will be renting your own device)
TPM is a thing and changing settings such as the boot device trips it.
One is mobile the other isnt unless its a laptop. Plus I think win 11 now defaults to that and the same with macos afaik but I didnt really do thorough research.