Announcement AMD TPM exploit discovered

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
A

A///

Diamond Member
Feb 24, 2017
4,352
3,154
136
DrMrLordX said:
. . . maybe? I haven't read up on the exploit enough to know exactly how it works, but it was stated that it takes ~$200 worth of hardware and several hours of access to the hardware to crack the TPM.
Click to expand...
if it requires several intimate hours with the physical device the only scenario this would work if the device is stolen. the goal of good attack is to come and go unseen or unnoticed. this is not an issue with small scale facilities with zero to no security but not possible at the other end of the scale. these hack methods are realistic like you growing wings to fly after a can of red bull.
 
H

Hitman928

Diamond Member
Apr 15, 2012
5,316
7,983
136
JoeRambo said:
Need to demonstrate an exploit against Intel's TPM, before it is vulnerable?

The completely safe option is to use separate security device like USB key that stores key for decryption of storage and present it each time ( and not loose it together with device).
Or use something like smart card with TPM and PIN that provides said key to OS when pin is entered?
Or place said smart card with PIN on AMDs SoC and secure it against brute force of PIN ?
Click to expand...

I’m pretty sure Intel’s solution has been found to be vulnerable on multiple fronts but maybe I’m remembering wrong. . .

Edit: quick google search came up with this https://www.cpomagazine.com/cyber-s...yption-keys-and-bypass-tpm-bitlocker-and-drm/
 
  • Like
Reactions: moinmoin
coercitiv

coercitiv

Diamond Member
Jan 24, 2014
6,211
11,936
136
Let's pile up some more stuff in here, shall we?

Intel BootGuard keys leaked through MSI data breach

According to Mark Ermolov, a security researcher focusing on Intel platforms, the leak might also impact Intel CSME (Converged Security and Management Engine), OEM unlock, ISH (Integrated Sensor Hub) firmware, SMIP (Signed Master Image Profile) and other tools.

The scope of this data breach is still uncertain as the code is still being investigated by security experts. Intel almost certainly have to reassign new keys to all affected partners, however what does this mean for end-user is still unknown. Intel did not publish a statement on the leak, while MSI only acknowledged the data breach.
Click to expand...

The Videocardz article is based on this Twitter post:
https://twitter.com/x/status/1654560343295934464

FvUyOqHaQAAI4cY.jpg
 
Last edited:
  • Like
Reactions: lightmanek
DrMrLordX

DrMrLordX

Lifer
Apr 27, 2000
21,637
10,855
136
If I'm reading this right, it means that someone could bypass SecureBoot on affected systems and load a malicious EFI/UEFI payload?
 
A

A///

Diamond Member
Feb 24, 2017
4,352
3,154
136
if the attacks require physical access the attack possibility is low. the people doing these attacks would be after secure systems in highly guarded industries. theft is possible but the computers aren't passwordless. @ amd ftpm.
 
  • Like
Reactions: lightmanek
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom