BitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPM - eviltoast
  • Lee Duna@lemmy.nzOP
    link
    fedilink
    English
    arrow-up
    32
    arrow-down
    1
    ·
    9 months ago

    fTPM has a bug, don’t know if it’s fixed

    https://www.techspot.com/news/93684-amd-promises-fix-ftpm-issue-causes-stuttering-freezes.html

    Veracrypt also doesn’t recommend using encryption that relies on TPMs

    Some encryption programs use TPM to prevent attacks. Will VeraCrypt use it too? No. Those programs use TPM to protect against attacks that require the attacker to have administrator privileges, or physical access to the computer, and the attacker needs you to use the computer after such an access. However, if any of these conditions is met, it is actually impossible to secure the computer (see below) and, therefore, you must stop using it (instead of relying on TPM).

    If the attacker has administrator privileges, he can, for example, reset the TPM, capture the content of RAM (containing master keys) or content of files stored on mounted VeraCrypt volumes (decrypted on the fly), which can then be sent to the attacker over the Internet or saved to an unencrypted local drive (from which the attacker might be able to read it later, when he gains physical access to the computer).

    https://veracrypt.eu/en/FAQ.html

    Let’s assume the attackers were law enforcers