Wait, the Dread Pirate Roberts got pardoned? How does that fix anything???

Its kinda useful for devices where userland is also protected against exfil, like a kiosk or windows lock screen.

If the bios is hardened, secure boot on, bitlocker on, and windows is locked with a password, you can’t simply take the disk out and manipulate it cause bitlocker with TPM means only that specific hardware profile will decrypt the disk automatically.

You can’t get to explorer cause the system is locked with windows auth, and you can’t reset the PW cause bitlocker is on, and you cant remove the disk cause the TPM protects against that with bitlocker.

Its really not perfect, and I’m not advocating for it, but its a decent protection in systems where adding another pin/password isn’t practical.

Even Microsoft recommends at least also using a pin with bitlocker.

And if you have lots of windows machines at home, running enterprise for whatever reason, dont look up vlmcsd and definitely dont look up the kms srv records to put on your home domain

Unfortunately a lot of rentals dont have their own laundry, or have to use a shared building laundry.

At my last place we had to pay 3$ for a wash and 6$ for a dry. Had to use a credit/debit machine to load a card, and the machine was frequently broken, so I’d have to go to another building in the area to reload it, but I’d have to wait for someone to let me tailgate in the lobby.

Just own it is like saying people should just buy homes or move to a better apt.