undefined | Better HN

0 pointsajross2mo ago0 comments

> The advantage of this approach is that malware can't just send off your private key file to its servers.

The use case is ssh keys! If malware can run an ssh command on the remote host, it doesn't need to steal your key, it can just install itself there. Or add its own keys to the access, etc... At best, you'd have to detect and fix that sort of thing with auditing and control, something that's isomorphic to the "third party" requirements I was mentioning.

To repeat the third time: this is all terrible threat model analysis. TPMs do not have value for individuals managing access between trusted devices. TPMs are for third-party validation.

0 comments

1 comments · 1 top-level

palata2mo ago

> TPMs do not have value for individuals managing access between trusted devices.

But you just admitted that it prevents the key from being stolen, right? So the value is that the key cannot be stolen. Doesn't mean that a malware cannot use it of course. Just that it cannot extract it. Which is better than a malware extracting it.

1 more reply

j / k navigate · click thread line to collapse