Billbremer
- 0 Followers
- 1 Following
- 5 Posts
For now, I'm calling BS on his claim that he has a working exploit against TPM+PIN.
Why are you so quick to assume that BitLocker + PIN will be proven insecure?
Show me the money!
At this point (absent a PoC) we must assume that TPM + PIN is also an effective mitigation against YellowKey.
I haven't seen anything from MS that explicitly states this fact. The CVE only mentions it as if it were an afterthought.
Also, do we understand why Win10 systems are not vulnerable to YellowKey?
"The use case is that, with physical access, you can access the filesystem with root privileges. Which even TPM-only bitlocker would prevent."
At the risk of sounding stupid: Does this statement mean that plaintext data can be extracted from the drive via YellowKey or simply that the integrity of the drive can be tampered with by using YellowKey?
@wdormann I find his claim that a variant of this attack works with TPM + PIN a bit hard to believe. If a TPM can be coaxed to give up secrets without the user needing to enter the PIN, wouldn't that constitute a vulnerability that extends far beyond BitLocker?
@wdormann Could he have just thrown that bit about holding ctrl key into his instructions so as to make the whole thing sound more nefarious and "hidden"?