Blind user friendly full disk encryption

aidan_walsh

Does anyone know of a good full disk encryption solution that is screen reader friendly, or gives an audio cue when it needs its passcode entered?

We usually use Bitlocker to close down any laptops that would be leaving the premises, but we have a blind user who uses her laptop for note taking in meetings. If possible, we would like to have the same level of protection for the system and the data on it, but with the ability to let her know when she needs to enter her PIN/password to unlock the disk.

We could give her a USB key, but if for any reason its not accepted we still have the same issue of being able to communicate that to her.

scottalanmiller

Not aware of any solution for that. If any does, I would expect it to be Bitlocker.

aidan_walsh

@scottalanmiller Me too. Unfortunately, it doesn't look like its an option provided. I had also been recommended to let it encrypt using just the TPM for authorisation (authentication?), but it doesn't have a TPM

scottalanmiller

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller Me too. Unfortunately, it doesn't look like its an option provided. I had also been recommended to let it encrypt using just the TPM for authorisation (authentication?), but it doesn't have a TPM

Oh, that's a problem How do you get a machine without TPM today?

aidan_walsh

@scottalanmiller Buy Lenovo, it seems.

scottalanmiller

So this isn't great BUT... what if you run their desktop in a VM that is encrypted? Have an unencrypted system boot up, then fire up VirtualBox with an encrypted VHD, and fire up their real desktop from there?

scottalanmiller

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller Buy Lenovo, it seems.

Oh, well that makes sense, you don't pay for TPM when you get Lenovo. You don't use Lenovo when security is important. Why are you buying Lenovo AND worrying about full disk encryption? That seems like cross purposes.

travisdh1

@scottalanmiller said in Blind user friendly full disk encryption:

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller Buy Lenovo, it seems.

Oh, well that makes sense, you don't pay for TPM when you get Lenovo. You don't use Lenovo when security is important. Why are you buying Lenovo AND worrying about full disk encryption? That seems like cross purposes.

@scottalanmiller I don't think anybody besides a few people here have paid any attention to how badly Lenovo actually acts, they just take them at their word even still.

For those of you not "In the know" Lenovo STILL has superfish and uses a custom wifi card to force the use of the drives that contain superfish. So asking how to enable encryption on a Lenovo is just silly.

Found out about SuperFish while my X220 was being shipped to me

scottalanmiller

@travisdh1 said in Blind user friendly full disk encryption:

@scottalanmiller I don't think anybody besides a few people here have paid any attention to how badly Lenovo actually acts, they just take them at their word even still.

Im pretty sure tons of people paid attention. Just not many care because it isn't their data.

aidan_walsh

@scottalanmiller I work at a government education board, the laptop was one we had in reserve.

scottalanmiller

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller I work at a government education board, the laptop was one we had in reserve.

Government is buying Chinese products with software to violate their basic security on them instead of American ones without? That makes me very sad

aidan_walsh

@scottalanmiller said in Blind user friendly full disk encryption:

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller I work at a government education board, the laptop was one we had in reserve.

Government is buying Chinese products with software to violate their basic security on them instead of American ones without? That makes me very sad

I'm not in the US, and I've read about the NSA Cisco backdoors

scottalanmiller

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller said in Blind user friendly full disk encryption:

@aidan_walsh said in Blind user friendly full disk encryption:

@scottalanmiller I work at a government education board, the laptop was one we had in reserve.

Government is buying Chinese products with software to violate their basic security on them instead of American ones without? That makes me very sad

I'm not in the US, and I've read about the NSA Cisco backdoors

Unless you are in China, it's still the same problem... but definitely don't buy American either. Same problem, different solution, buy Taiwanese. Only machines you can trust. In the US, anything passing through customs may be modified to spy on us, so it doesn't matter the source. The problem with Lenovo is that it isn't China spying on us, but a single company. I "trust" China with my data (because it's worthless to them), but I don't trust Lenovo because, well, they are bad people.