this post was submitted on 07 Feb 2024
739 points (97.7% liked)
Technology
59123 readers
2310 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
When using an external TPM. Which next to no one does.
Watch the video. It just means external to the CPU, not an external device.
They demo the attack on a Lenovo laptop in the first minute of the video.
Edit: nm I just realized that was a 10 year old laptop and they're in all the modern procs. I'm a lot less impressed now.
Sounds like intel has external and amd internal with their ftpm?
Many systems still use discrete tpms. Just because the CPU has a virtual tpm function doesn’t mean it’s used
fTPM has a bug, don't know if it's fixed
https://www.techspot.com/news/93684-amd-promises-fix-ftpm-issue-causes-stuttering-freezes.html
Veracrypt also doesn't recommend using encryption that relies on TPMs
https://veracrypt.eu/en/FAQ.html
Let's assume the attackers were law enforcers
This has been fixed for a while now
It's fairly common in business devices before 8th gen Intel.
The MSI mini-PC-s for office/business use have separate TPM modules on their mobos. I wouldn't be surprised if other mfg-s do this too.