Comment by lproven
1 day ago
This is all true, but the price was too high for me.
> WDM made graphics driver crashes not take down the OS plus no more window tearing
It made it more stable, I don't care about tearing and stuff, but it robbed me of full-screen DOS windows and the ability to toggle a window to/from full-screen with Alt+Enter. I used that a lot.
> Shadow copies gave you file history (time machine without another drive)
But it's no use if the OS isn't stable enough to trust. So I kept my important stuff on servers, so lost this.
The same applies to openSUSE today.
> No more running with full admin privileges all the time.
A small win, for standalone machines.
> Bitlocker was introduced
Life is too short.
> yes it required good hardware to run well.
Never mind that. Nothing except the highest-end premium kit had the specs to run it well. You needed 2GB of RAM for half decent performance but new kit was shipping with 512MB.
> With good hardware Vista was peak Windows.
Nah. Not as bad as generally held, but not great.
> I could go back to Vista but I couldn't go back to XP, there's too much we take for granted now
I did:
https://www.theregister.com/2023/07/24/dangerous_pleasures_w...
It was glorious.
> Never mind that. Nothing except the highest-end premium kit had the specs to run it well. You needed 2GB of RAM for half decent performance but new kit was shipping with 512MB.
That's an exaggeration. I didn't have the highest-end premium kit. I had good hardware (I was a gamer after all), but I doubt very much if I had more than 2 GB memory and I ran Vista with zero performance issues whatsoever.
I want to point out about Bitlocker, it makes it easier to get rid of old drives safely and less problematic to lose a laptop. $5 wrench doesn't apply
So does ABAN and it's a lot quicker and easier and has zero effect on performance.
https://aban.derobert.net/
ABAN is the modern free replacement for DBAN once that went payware.
> https://xkcd.com/538/
I’m a big fan of XKCD but, in reality, what most people (and employers) worry about is unauthorised third-party access to private data in the event a laptop is lost or stolen (most often by opportunist theft). Bitlocker — and other Full Disk Encryption technology — provide an effective mitigation for this situation.
Well, yes, we know that. I mean, that is the reason for doing it.
But what is much more rarely discussed are the costs. There are multiple penalties.
It hurts performance.
It impedes dual-boot.
It impedes setup in general; you lose most of the nice friendly GUI tools, replaced by clunky harder CLI tools.
It makes data recovery vastly harder, which is one of those things people discount until they need it and then realise how critical it is.
It makes troubleshooting OS problems vastly harder. Many it simply prevents: the answer becomes, reinstall your OS and restore from backup. If you have no backups, tough.
It's inconvenient, unless you use modern TPM-backed systems, in which case it dramatically reduces the security benefits, while also severely reducing OS compatibility.
It adds a new vital credential people don't know they have and don't know they need to keep secure backups of.
It generally makes everything worse, to fix a threat that most people simply do not have.
The 2 employers I personally had who insisted on it published all the company info on my machines to Github anyway, making it not even security theatre. More like security pantomime: an act of pretending to pretend to do something.
The answer to all this is, in my experience as tech support type: don't do it. Conduct a proper analysis of who has what secrets and what they need to keep, and use other better-targeted tools just for them.
Because without that, it causes problems for no good reason. It's treated as a panacea but it isn't -- it fixes nothing for 99% of users -- and the very real problems and issues it causes are ignored.
This _may_ be worth it for some companies and organisations but it's not for anyone else. I can see its worth for governments and military forces but few others.
Fair points. Thankfully, I haven't had any of those issues.
I run GNU/Linux on all my personal computers but the Windows 10 laptop from work came with Bitlocker installed and other than entering the PIN on start-up, it stays out of my way. Granted, I'm not dual-booting, saving important documents or running any backup tools; I mostly use it for browsing, Teams calls and SSHing into my Fedora workstation and other servers after connecting via VPN.
Also, in my case, performance was only noticeably affected when the IT contractors installed Symantec anti-virus which resulted in the laptop becoming a noisy heater every so often.
For what it's worth, I bought my wife a laptop for her birthday when she needed a new one and I never considered enabling Bitlocker on it. She wouldn't have any sensitive data on it so I figured there's no need.