undefined | Better HN

0 pointsp_ing1y ago0 comments

I'm not groking what you're saying. Replace what "entire device"?

0 comments

You're at an industry conference. I want the data on your laptop's hard drive. You leave your laptop in the hotel room. Which one is easier:

1. Go into your room and screw around with the boot loader to somehow give me unencrypted access to your laptop after you login next time.

2. Go into your room. Take your laptop. Put an identical looking laptop in place that runs software that boots and looks identical. Have it send me all of your password attempts over WiFi to my van in the parking lot.

I'm going with option 2 every time. I have your original device. I have your password. TPM, SecureBoot, or whatever is irrelevant at this point.

buran771y ago

The attacker must be able to fake any pre-boot drive unlock screen and OS login screen to look exactly as the user's real screens but accept any password.

Legend goes that security oriented people will visually customize their machines with stickers (and their associated aging patina) and all kinds of digital cues on the different screens just to recognize if anything was changed.

MS chose to impose TPM because it allows encryption without interactive password typing (BitLocker without PIN or password which is what most machines are running). That's it. The users get all the convenience of not having to type extra passwords when the machine starts, and some (not all) of the security offered by encryption. Some curious thief can't just pop your drive into their machine and check for nudes. The TPM is not there to protect against NSA, or proverbial $5 wrench attacks but as a thick layer of convenience over the thinner layer of security.

Topfi1y ago

> Legend goes that security oriented people will visually customize their machines with stickers (and their associated aging patina) and all kinds of digital cues on the different screens just to recognize if anything was changed.

Maybe I am mistaken, but I feel that the people going to such lengths to ward off an attacker and the people who’d want to rely on fTPM with Bitlocker over FOSS full disk encryption with a dedicated passphrase are two entirely separate circles.

> The TPM is not there to protect against NSA, or proverbial $5 wrench attacks but as a thick layer of convenience over the thinner layer of security.

I agree with you there, it is convenience, not security, but as such, should it be any more mandatory than any other convenience feature such as Windows Hello via fingerprint or IR? I’d argue only for newly released hardware, but don’t make that mandatory for existing systems.

Especially since I had one case where fTPM was not recognized, no matter what I did, despite it being enabled in the UEFI and showing up in Windows 10 and on Linux, I could not install 11.

1 more reply

mjg591y ago

Joanna Rutkowska described a way to avoid this back in 2011 (https://theinvisiblethings.blogspot.com/2011/09/anti-evil-ma...), I extended it to be more usable in 2015 (https://mjg59.dreamwidth.org/35742.html). Both solutions make use of a TPM.

happymellon1y ago

Passwords are generally defeated by a hammer to the fingers.

Repeat until password is extracted.

ta12431y ago

Knees probably better -- break my fingers and I can't give you my password

1 more reply

devops991y ago

Your hammer is preempted by a teethed hollow point bullet to the face (in the hypothetical scenario, of course).

hiatus1y ago

Have you been to an industry conference? So many laptops are covered in stickers, good luck recreating that.

hathawsh1y ago

I don't mean to disagree, but I think it's worth pointing out that with today's tech, it wouldn't be difficult for an attacker to also scan the stickers and print them out on sticker paper using a color printer, all in minutes. And the technology for doing that is only getting better. Just a thought.

1 more reply

j / k navigate · click thread line to collapse

0 comments

sidewndr461y ago

You're at an industry conference. I want the data on your laptop's hard drive. You leave your laptop in the hotel room. Which one is easier:

1. Go into your room and screw around with the boot loader to somehow give me unencrypted access to your laptop after you login next time.

I'm going with option 2 every time. I have your original device. I have your password. TPM, SecureBoot, or whatever is irrelevant at this point.

buran771y ago

The attacker must be able to fake any pre-boot drive unlock screen and OS login screen to look exactly as the user's real screens but accept any password.

Topfi1y ago

> The TPM is not there to protect against NSA, or proverbial $5 wrench attacks but as a thick layer of convenience over the thinner layer of security.

Especially since I had one case where fTPM was not recognized, no matter what I did, despite it being enabled in the UEFI and showing up in Windows 10 and on Linux, I could not install 11.

1 more reply

mjg591y ago

happymellon1y ago

Passwords are generally defeated by a hammer to the fingers.

Repeat until password is extracted.

ta12431y ago

Knees probably better -- break my fingers and I can't give you my password

1 more reply

devops991y ago

Your hammer is preempted by a teethed hollow point bullet to the face (in the hypothetical scenario, of course).

hiatus1y ago

Have you been to an industry conference? So many laptops are covered in stickers, good luck recreating that.

hathawsh1y ago

1 more reply

j / k navigate · click thread line to collapse