XPost: alt.comp.os.windows-10   
   From: mariasophia@comprehension.com   
      
   Frank Slootweg wrote:   
   >> What is your recommendation for privacy on a computer, Frank?   
   >   
   >   Non-response to my arguments, etc. duly noted.   
      
   I am focusing only on technical points relevant to providing advice to   
   computer users who wish to benefit from the knowledge we are sharing in   
   this thread.   
      
   >   To answer your question: You probably mean measures to limit the   
   > consequences of bad actors having physical access to your (Windows)   
   > computer or stealing it, as that's the context of this thread. "privacy   
   > on a computer" is *way* too wide/unspecific/ambiguous/.   
      
   You are correct. We're assuming a daily boot of a Windows PC with a local   
   account (whether Windows 11 or Windows 10) and people you trust in the home   
   and we're assuming the rare happenstance of a burglar with physical access.   
      
   Note: Windows FDE is Bitlocker, so that is the default interpretation.   
      
   >   That said, my - rather obvious - recommendations are: A boot password,   
   > sign-in protection (password or/and other) and - if needed/practical -   
   > Windows' FDE or similar.   
      
   Thank you for outlining your model to contrast with mine, where we each   
   optimized the threat protection in reasonably different manners.   
      
   I. Frank's proposed security model is system centric & labor intensive.   
   II. The model I suggest is data centric & optimized for convenience.   
      
   Since the goal is for others to learn from our technical conversation   
   here is a point-by-point summary of the two threat models we proposed.   
      
   A. Threat model   
      1. FS assumes OS level FDE (Bitlocker) protection is required.   
      2. MS assume only specific data stores need protection.   
      
   B. Boot process   
      1. FS uses a boot password and sign in protection.   
      2. MS uses no boot password and no sign in password.   
      
   C. Disk protection   
      1. FS uses Windows FDE so the entire volume is encrypted at rest.   
      2. MS uses Veracrypt for financial data & KeePassDX for passwords.   
      
   D. Forensic residue   
      1. FS's model encrypts swap, temp files, hibernation files & caches.   
      2. MS's model protects encrypted containers leaving OS residue readable.   
      
   E. Convenience   
      1. FS accepts daily friction at boot & sign in.   
      2. MS eliminates friction at boot & sign in by only unlocking   
         containers when needed (which the user may unlock only occasionally).   
      
   F. Cloud identity   
      1. FS's model can run without a Microsoft account but if Windows FDE   
         is used then recovery material must be stored offline by the user.   
      2. MS's model uses no OS level encryption so no recovery keys exist   
         and no cloud identity is ever needed at any time (by design).   
      
   G. Physical theft   
      1. FS's model forces the attacker to defeat FDE for all access.   
      2. MS's model exposes OS data but protects financial & passwd data.   
      
   H. Family access   
      1. FS's model blocks family members without credentials.   
      2. MS's model allows family access but keeps sensitive data encrypted.   
      
   Summary   
      1. FS's model maximizes system level protection & minimizes leakage.   
         But at the cost of daily convenience.   
      2. Ms's model maximizes daily convenience by protecting data chosen   
         to encrypt (which the user may unlock only occasionally).   
   --   
   On Usenet, old men discuss topics that they've thought about for decades.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)