• Guest, The rules for the P & N subforum have been updated to prohibit "ad hominem" or personal attacks against other posters. See the full details in the post "Politics and News Rules & Guidelines."

Info Microsoft demo showing why Windows 11 requires TPM 2.0

mikeymikec

Lifer
May 19, 2011
14,851
5,041
136
Windows 11 Security — Our Hacker-in-Chief Runs Attacks and Shows Solutions - YouTube

Pretty informative, especially with the real attack demo. Pity the views are low.
Uh.... 6 minutes in and he's described an RDP attack and the mitigation for such an attack has nothing to with TPM. Who the hell cares what an attacker does when they already have admin privs at what essentially is the console? It's game over at that point.

Later, it's funny to hear this guy tell us what then "can't happen" because <new security tech here>. No, that tech helps raise the bar against such attacks. Who's deluded enough to think that Microsoft + TPM has just made a flawless security model?

It seemed to me that the only attack described that Win11 may help protect against was the fingerprint one. I'm curious to know how Secure Boot on its own doesn't help protect against the boot loader attacks.
 
Last edited:

quikah

Diamond Member
Apr 7, 2003
3,479
326
126
Uh.... 6 minutes in and he's described an RDP attack and the mitigation for such an attack has nothing to with TPM. Who the hell cares what an attacker does when they already have admin privs at what essentially is the console? It's game over at that point.

Later, it's funny to hear this guy tell us what then "can't happen" because <new security tech here>. No, that tech helps raise the bar against such attacks. Who's deluded enough to think that Microsoft + TPM has just made a flawless security model?

It seemed to me that the only attack described that Win11 may help protect against was the fingerprint one. I'm curious to know how Secure Boot on its own doesn't help protect against the boot loader attacks.
You are not seeing the forest for the trees. Using RDP in the demo was a bad idea as it muddied the waters. That demo was about protecting against boot loader attack. None of this is specific to Windows 11, it is all available in 10, but 11 makes it mandatory. Regardless it is a good demo about how those features protect against the 2 attacks.
 

mikeymikec

Lifer
May 19, 2011
14,851
5,041
136
You are not seeing the forest for the trees. Using RDP in the demo was a bad idea as it muddied the waters. That demo was about protecting against boot loader attack.
Yes and no. Stopping privilege escalation is far more important than mitigating damage as a result of privilege escalation, because you can't trust the system if the attacker managed to get admin privs.

Side note - I was a tad concerned that a Win11 system apparently does not notify the user that an attempt to mess with the boot loader failed. Surely that's big red writing on the screen territory. Hopefully they'll fix that.
 

quikah

Diamond Member
Apr 7, 2003
3,479
326
126
Yes and no. Stopping privilege escalation is far more important than mitigating damage as a result of privilege escalation, because you can't trust the system if the attacker managed to get admin privs.
That is not what the demo was about, it was specifically about the boot loader protection.
 

ASK THE COMMUNITY