undefined | Better HN

0 pointsFoxboron1y ago0 comments

It's never unsealed. `tpm2-totp` does an encrypted session to the TPM and runs `TPM2_HMAC` on the TPM shielded key, you can also include PCRs to add further authentication to this entire exchange.

What do you mean with "relay"?

(All of this is trivially solved with glitter nail polish anyway.)

0 comments

blueflow1y ago

Yes and you can relay that authentication, too.

The same way the fake laptop can relay your password to me, i could also relay the generated TOTP code from the stolen laptop to the fake in front of you. As tried to convey, the fake laptop is basically a full MITM on your screen/keyboard.

Making a machine visuals non-reproducible helps that, but only if the attacker cannot easily switch the exterior parts (chassis, keyboard) between the two machines.

FoxboronOP1y ago

> The same way the fake laptop can relay your password to me, i could also relay the generated TOTP code from the stolen laptop to the fake in front of you. Also any authentication to generate that TOTP in the first place. As tried to convey, the fake laptop is basically a full MITM on your screen/keyboard.

This is a hollywood level threat scenario.

It involves the attacker having intimate familiarity with the operating system, and having to break inn twice to even get this attack done.

If you do put inn the effort then I deserve to be hacked and can pick up sheep farming in the country side.

blueflow1y ago

Why twice? You can keep the fake laptop.

The OS does not matter? Grab the video output via HDMI/DisplayPort and insert the keypresses via USB. Thats likely gonna work. Basically what modern KVM switches do. And setup the fake laptop as VNC client. Same tech that companies can use to remotely manage servers.

FoxboronOP1y ago

> The OS does not matter?

Of course it does. You are replaying the logos and screens.

> Grab the video output via HDMI/DisplayPort and insert the keypresses via USB. Thats likely gonna work. Basically what modern KVM switches do. And setup the fake laptop as VNC client. Same tech that companies can use to remotely manage servers.

You believe you can boot up an entire VNC client to display something that would take most machines under a second to display?

2 more replies

tiberious7261y ago

There are like three operating systems in common use. An attacker being familiar with the one you use certainly isn't a "Hollywood level threat scenarios".

Buying the same model laptop and swapping it with your targets is an elementary level targeted attack

j / k navigate · click thread line to collapse

0 comments

blueflow1y ago

Yes and you can relay that authentication, too.

Making a machine visuals non-reproducible helps that, but only if the attacker cannot easily switch the exterior parts (chassis, keyboard) between the two machines.

FoxboronOP1y ago

This is a hollywood level threat scenario.

It involves the attacker having intimate familiarity with the operating system, and having to break inn twice to even get this attack done.

If you do put inn the effort then I deserve to be hacked and can pick up sheep farming in the country side.

blueflow1y ago

Why twice? You can keep the fake laptop.

FoxboronOP1y ago

> The OS does not matter?

Of course it does. You are replaying the logos and screens.

You believe you can boot up an entire VNC client to display something that would take most machines under a second to display?

2 more replies

tiberious7261y ago

There are like three operating systems in common use. An attacker being familiar with the one you use certainly isn't a "Hollywood level threat scenarios".

Buying the same model laptop and swapping it with your targets is an elementary level targeted attack

j / k navigate · click thread line to collapse