RIP

"requires several hours of physical access". Move along folks ^^

TheDeeGee:

"requires several hours of physical access". Move along folks ^^

Well, if someone steals your laptop and you rely on TPM encryption for your storage...

RealNC:

Well, if someone steals your laptop and you rely on TPM encryption for your storage...

Unless you are someone particularly important, your laptop isn't being stolen to be hacked in to. They are either wiping it to use or selling it to someone that will. There have been multiple general TPM vulnerabilities like this over the years. The most realistic problematic scenario is trying to avoid prosecution by relying on TPM security against evidence gathering.

blkspade:

Unless you are someone particularly important, your laptop isn't being stolen to be hacked in to. They are either wiping it to use or selling it to someone that will. There have been multiple general TPM vulnerabilities like this over the years. The most realistic problematic scenario is trying to avoid prosecution by relying on TPM security against evidence gathering.

I'm more worried about all my account credentials for my email, my bank, servers I maintain, proprietary source code, etc.

The attack requires several hours of physical access, making remote vulnerabilities unlikely.

If anyone gets their hands on your computer, you have bigger problems.

RealNC:

I'm more worried about all my account credentials for my email, my bank, servers I maintain, proprietary source code, etc.

Now we know ... 😉

RealNC:

I'm more worried about all my account credentials for my email, my bank, servers I maintain, proprietary source code, etc.

We know where you live o_O

RealNC:

I'm more worried about all my account credentials for my email, my bank, servers I maintain, proprietary source code, etc.

Which is my point. Someone stealing your laptop would have to be specifically targeting you and your data, and pre-planning such an attack. It's an unrealistic concern for the average person. Any and all things could eventually be hacked given the time and resources, but I doubt you'd be worth the effort. It would be easier to socially engineer some malware on to your device to extract info from your device more covertly. Intel had a vulnerability that with repeated polling TPM keys could be leaked over a network. Far worse, since in that scenario the TPM might be on a server protecting multiple clients data. Still short of trying to exfiltrate encrypted virtual disk images, you'd have to be planning to break in a data center and just steal the drives.

anticupidon:

If anyone gets their hands on your computer, you have bigger problems.

browser history https://i2-prod.dailystar.co.uk/incoming/article26216656.ece/ALTERNATES/s1200b/0_PROD-GettyImages-73510827.jpg

I personally don't think that 99.99% of the computing public would be worried about this one. No one gets near my computer but me and I think that would be the case for a lot of people.