this post was submitted on 07 Feb 2024
690 points (97.8% liked)

Technology

59086 readers
3617 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
690
BitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPM (www.tomshardware.com)
submitted 9 months ago by throws_lemy@lemmy.nz to c/technology@lemmy.world
70 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] CyberSeeker@discuss.tchncs.de 128 points 9 months ago (7 children)

When using an external TPM. Which next to no one does.

[–] Shadow@lemmy.ca 108 points 9 months ago* (last edited 9 months ago) (4 children)

Watch the video. It just means external to the CPU, not an external device.

They demo the attack on a Lenovo laptop in the first minute of the video.

Edit: nm I just realized that was a 10 year old laptop and they're in all the modern procs. I'm a lot less impressed now.

Sounds like intel has external and amd internal with their ftpm?

[–] throws_lemy@lemmy.nz 27 points 9 months ago (1 children)

fTPM has a bug, don't know if it's fixed

https://www.techspot.com/news/93684-amd-promises-fix-ftpm-issue-causes-stuttering-freezes.html

Veracrypt also doesn't recommend using encryption that relies on TPMs

Some encryption programs use TPM to prevent attacks. Will VeraCrypt use it too? No. Those programs use TPM to protect against attacks that require the attacker to have administrator privileges, or physical access to the computer, and the attacker needs you to use the computer after such an access. However, if any of these conditions is met, it is actually impossible to secure the computer (see below) and, therefore, you must stop using it (instead of relying on TPM).

If the attacker has administrator privileges, he can, for example, reset the TPM, capture the content of RAM (containing master keys) or content of files stored on mounted VeraCrypt volumes (decrypted on the fly), which can then be sent to the attacker over the Internet or saved to an unencrypted local drive (from which the attacker might be able to read it later, when he gains physical access to the computer).

https://veracrypt.eu/en/FAQ.html

Let's assume the attackers were law enforcers

[–] __ghost__@lemmy.ml 9 points 9 months ago

This has been fixed for a while now

load more comments (2 replies)
load more comments (4 replies)