Info Microsoft demo showing why Windows 11 requires TPM 2.0

Toggle sidebar Toggle sidebar
Sort by date Sort by votes
mikeymikec

mikeymikec

Lifer
May 19, 2011
17,714
9,593
136
igor_kavinski said:
Windows 11 Security — Our Hacker-in-Chief Runs Attacks and Shows Solutions - YouTube

Pretty informative, especially with the real attack demo. Pity the views are low.
Click to expand...

Uh.... 6 minutes in and he's described an RDP attack and the mitigation for such an attack has nothing to with TPM. Who the hell cares what an attacker does when they already have admin privs at what essentially is the console? It's game over at that point.

Later, it's funny to hear this guy tell us what then "can't happen" because <new security tech here>. No, that tech helps raise the bar against such attacks. Who's deluded enough to think that Microsoft + TPM has just made a flawless security model?

It seemed to me that the only attack described that Win11 may help protect against was the fingerprint one. I'm curious to know how Secure Boot on its own doesn't help protect against the boot loader attacks.
 
Last edited:
Upvote 0 Downvote
Q

quikah

Diamond Member
Apr 7, 2003
4,074
657
126
mikeymikec said:
Uh.... 6 minutes in and he's described an RDP attack and the mitigation for such an attack has nothing to with TPM. Who the hell cares what an attacker does when they already have admin privs at what essentially is the console? It's game over at that point.

Later, it's funny to hear this guy tell us what then "can't happen" because <new security tech here>. No, that tech helps raise the bar against such attacks. Who's deluded enough to think that Microsoft + TPM has just made a flawless security model?

It seemed to me that the only attack described that Win11 may help protect against was the fingerprint one. I'm curious to know how Secure Boot on its own doesn't help protect against the boot loader attacks.
Click to expand...

You are not seeing the forest for the trees. Using RDP in the demo was a bad idea as it muddied the waters. That demo was about protecting against boot loader attack. None of this is specific to Windows 11, it is all available in 10, but 11 makes it mandatory. Regardless it is a good demo about how those features protect against the 2 attacks.
 
Upvote 0 Downvote
mikeymikec

mikeymikec

Lifer
May 19, 2011
17,714
9,593
136
quikah said:
You are not seeing the forest for the trees. Using RDP in the demo was a bad idea as it muddied the waters. That demo was about protecting against boot loader attack.
Click to expand...

Yes and no. Stopping privilege escalation is far more important than mitigating damage as a result of privilege escalation, because you can't trust the system if the attacker managed to get admin privs.

Side note - I was a tad concerned that a Win11 system apparently does not notify the user that an attempt to mess with the boot loader failed. Surely that's big red writing on the screen territory. Hopefully they'll fix that.
 
Upvote 0 Downvote
Q

quikah

Diamond Member
Apr 7, 2003
4,074
657
126
mikeymikec said:
Yes and no. Stopping privilege escalation is far more important than mitigating damage as a result of privilege escalation, because you can't trust the system if the attacker managed to get admin privs.
Click to expand...

That is not what the demo was about, it was specifically about the boot loader protection.
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom