> or (the better solution) just enroll your own certificate in your TPM and sign the driver with ...

malfist • today at 3:39 PM • 3 replies • view on HN

> or (the better solution) just enroll your own certificate in your TPM and sign the driver with that...

I'll tell Grandma that's what she needs to do.

Make sure that she setup a PKI infrastructure to manage certificate revocation as well, wouldn't want a bad grandson to mess with it.

p_ing • today at 5:15 PM

Why would you put Grandma on VeriCrypt in the first place? It's the more 'difficult' option for FDE.

➕ show 1 reply

dark-star • today at 5:26 PM

your grandma is probably fine with BitLocker....

alt Hacker News