I thought I was safe from this if I installed windows on a completely separate harddrive… I clearly overestimated Microsoft’s ability to make on operating system that does not act like literal malware. Oh well! I guess I’m 100% linux now.
I thought I was safe from this if I installed windows on a completely separate harddrive… I clearly overestimated Microsoft’s ability to make on operating system that does not act like literal malware. Oh well! I guess I’m 100% linux now.
Basically, they all seem to either communicate over plaintext or have bugs that make them effectively communicate over plaintext. I think https://www.secura.com/nl/blog/tpm-sniffing-attacks-against-non-bitlocker-targets has a nice, short overview of the problems. fTPMs have had their troubles but firmware updates can usually resolve those.
So far, all attacks can be fended off by setting up a secure TPM PIN, but after so many issues, I’m not confident in hardware TPMs anymore.
Thanks, much appreciated!
It’s worth noting that this isn’t a bug in the tpm uhh 1.1(?) specification. It’s working as intended.
The system was designed to prevent compromises from software attacks and people yanking the hard drives, not keep an enterprising uart-haver at bay.
State level attackers were never the target of the tpm and neither were downwardly mobile highly educated individuals.