logoalt Hacker News

metalcrowtoday at 2:35 AM3 repliesview on HN

That's fair, although aren't most TPMs nowadays fTPMs? No interceptable communication that way.

Replies

Retr0idtoday at 2:48 AM

Until they require fTPMs, an attacker can just choose to use a regular TPM.

A more sophisticated attacker could plausibly extract key material from the TPM itself via sidechannels, and sign their own attestations.

show 1 reply
nextaccountictoday at 4:59 AM

what about faulTPM? https://arxiv.org/abs/2304.14717

edoceotoday at 3:06 AM

Can a TPM be faked in a QEMU VM?

show 3 replies