Announcement AMD TPM exploit discovered

[A///]

. . . maybe? I haven't read up on the exploit enough to know exactly how it works, but it was stated that it takes ~$200 worth of hardware and several hours of access to the hardware to crack the TPM.

if it requires several intimate hours with the physical device the only scenario this would work if the device is stolen. the goal of good attack is to come and go unseen or unnoticed. this is not an issue with small scale facilities with zero to no security but not possible at the other end of the scale. these hack methods are realistic like you growing wings to fly after a can of red bull.

 

[Hitman928]

Need to demonstrate an exploit against Intel's TPM, before it is vulnerable?

The completely safe option is to use separate security device like USB key that stores key for decryption of storage and present it each time ( and not loose it together with device).
Or use something like smart card with TPM and PIN that provides said key to OS when pin is entered?
Or place said smart card with PIN on AMDs SoC and secure it against brute force of PIN ?

I’m pretty sure Intel’s solution has been found to be vulnerable on multiple fronts but maybe I’m remembering wrong. . .

Edit: quick google search came up with this https://www.cpomagazine.com/cyber-s...yption-keys-and-bypass-tpm-bitlocker-and-drm/

 

[A///]

Nice find, doug. Will have a read later.

 

[coercitiv]

Let's pile up some more stuff in here, shall we?

Intel BootGuard keys leaked through MSI data breach​

According to Mark Ermolov, a security researcher focusing on Intel platforms, the leak might also impact Intel CSME (Converged Security and Management Engine), OEM unlock, ISH (Integrated Sensor Hub) firmware, SMIP (Signed Master Image Profile) and other tools.

The scope of this data breach is still uncertain as the code is still being investigated by security experts. Intel almost certainly have to reassign new keys to all affected partners, however what does this mean for end-user is still unknown. Intel did not publish a statement on the leak, while MSI only acknowledged the data breach.

The Videocardz article is based on this Twitter post:

https://twitter.com/x/status/1654560343295934464

 

[DrMrLordX]

If I'm reading this right, it means that someone could bypass SecureBoot on affected systems and load a malicious EFI/UEFI payload?

 

[A///]

if the attacks require physical access the attack possibility is low. the people doing these attacks would be after secure systems in highly guarded industries. theft is possible but the computers aren't passwordless. @ amd ftpm.