TPM Sucks
-
Talk about a flawed system. It works great in the scenario of laptop being stolen and protecting data but not much to protect a system from intentional data theft. Imagine the following scenario: China wants access to the secrets contained on your bit locker secured laptop with TPM. Attacker secretly snatches laptop and replaces with identical machine whose boot simulates TPM start-up stealing pin, start-up key and optionally keys on TPM. The original machine is now compromised. Blah.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest Hemingway -
Talk about a flawed system. It works great in the scenario of laptop being stolen and protecting data but not much to protect a system from intentional data theft. Imagine the following scenario: China wants access to the secrets contained on your bit locker secured laptop with TPM. Attacker secretly snatches laptop and replaces with identical machine whose boot simulates TPM start-up stealing pin, start-up key and optionally keys on TPM. The original machine is now compromised. Blah.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest HemingwayEnnis Ray Lynch, Jr. wrote:
the secrets contained on your bit locker secured laptop
Isn't putting data that sensitive on a laptop flawed anyway?
-
Ennis Ray Lynch, Jr. wrote:
the secrets contained on your bit locker secured laptop
Isn't putting data that sensitive on a laptop flawed anyway?
Graham Bradshaw wrote:
Isn't putting data that sensitive on a laptop flawed anyway?
Yes, but it's often necessary. I favor handcuffing the laptop to your wrist if you're carrying my data. ;)
-
Ennis Ray Lynch, Jr. wrote:
the secrets contained on your bit locker secured laptop
Isn't putting data that sensitive on a laptop flawed anyway?
The reality is that TPM is marketed as a way to protect sensitive data from theft. Most government agencies I have worked for make all their users use laptops so they can take their work home, leading of course to sensitive data off site. With the illusion of security TPM and bitlocker provides it is more likely that users, who often do not understand security, will make take the data off site. While my example is extreme it was used to illustrate a point, there are many more scenarios less extreme but still justifiable if some hacker ever provided the toolkit for a script kiddie to utilize.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest Hemingway -
The reality is that TPM is marketed as a way to protect sensitive data from theft. Most government agencies I have worked for make all their users use laptops so they can take their work home, leading of course to sensitive data off site. With the illusion of security TPM and bitlocker provides it is more likely that users, who often do not understand security, will make take the data off site. While my example is extreme it was used to illustrate a point, there are many more scenarios less extreme but still justifiable if some hacker ever provided the toolkit for a script kiddie to utilize.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest HemingwayEnnis Ray Lynch, Jr. wrote:
Most government agencies I have worked for make all their users use laptops so they can take their work home, leading of course to sensitive data off site.
Surely an encrypted USB stick would be better? Cheaper, and much easier to keep on your person, and hence less likely to be stolen. Smaller, so much more likely to get lost, of course.
-
Ennis Ray Lynch, Jr. wrote:
Most government agencies I have worked for make all their users use laptops so they can take their work home, leading of course to sensitive data off site.
Surely an encrypted USB stick would be better? Cheaper, and much easier to keep on your person, and hence less likely to be stolen. Smaller, so much more likely to get lost, of course.
Graham Bradshaw wrote:
Surely an encrypted USB stick would be better? Cheaper, and much easier to keep on your person, and hence less likely to be stolen. Smaller, so much more likely to get lost, of course.
not allowed, only TPM encrypted folders on usb. You use another encryption scheme and you'll answer to the guys who can no longer read what you store there.... ;)
_________________________ Asu no koto o ieba, tenjo de nezumi ga warau. Talk about things of tomorrow and the mice in the ceiling laugh. (Japanese Proverb) John Andrew Holmes "It is well to remember that the entire universe, with one trifling exception, is composed of others."
-
Talk about a flawed system. It works great in the scenario of laptop being stolen and protecting data but not much to protect a system from intentional data theft. Imagine the following scenario: China wants access to the secrets contained on your bit locker secured laptop with TPM. Attacker secretly snatches laptop and replaces with identical machine whose boot simulates TPM start-up stealing pin, start-up key and optionally keys on TPM. The original machine is now compromised. Blah.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest HemingwayI see a flaw, unless you are in the habit of carrying around pristine factory fresh laptops. I'd love to see them put together an "identical machine" to my laptop. The patterns of wear are pretty unmistakeable (e.g. the springs on the monitor clips have gone, along with some of the labels - others are faded). Worse, I've a habit of putting stickers on the thing, and I doubt they'd bother to do that... Paranoia can only take you so far, after all. :-\
Anna :rose: Having a bad bug day? Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
I see a flaw, unless you are in the habit of carrying around pristine factory fresh laptops. I'd love to see them put together an "identical machine" to my laptop. The patterns of wear are pretty unmistakeable (e.g. the springs on the monitor clips have gone, along with some of the labels - others are faded). Worse, I've a habit of putting stickers on the thing, and I doubt they'd bother to do that... Paranoia can only take you so far, after all. :-\
Anna :rose: Having a bad bug day? Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
Really, you have seen your laptops motherboard or any modern spy movie? A couple of screws is all it would take. As a practical matter it is a serious flaw that should not be pushed aside.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest Hemingway -
Really, you have seen your laptops motherboard or any modern spy movie? A couple of screws is all it would take. As a practical matter it is a serious flaw that should not be pushed aside.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest HemingwayI take special care to only buy those laptops which spring apart in the most confusing manner when you try to dissemble them (ever try to reassemble a toaster? Clue: don't). Oh, and the thing is never out of my sight. That probably helps, too. As does the use of military grade encryption. ;P Seriously, the worst thing that will happen to 99% of people out there is that the machineis stolen. Unless you work on defence projects or handle financial information for banks a decent encryption policy is more than adequate in virtually all cases. Of course, if you carry restricted information on a laptop and leave it unattended, any consequences are your own fault, really.
Anna :rose: Having a bad bug day? Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
I take special care to only buy those laptops which spring apart in the most confusing manner when you try to dissemble them (ever try to reassemble a toaster? Clue: don't). Oh, and the thing is never out of my sight. That probably helps, too. As does the use of military grade encryption. ;P Seriously, the worst thing that will happen to 99% of people out there is that the machineis stolen. Unless you work on defence projects or handle financial information for banks a decent encryption policy is more than adequate in virtually all cases. Of course, if you carry restricted information on a laptop and leave it unattended, any consequences are your own fault, really.
Anna :rose: Having a bad bug day? Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
1% of the people is not necessarily the brightest and is approximately 60 million people left vulnerable. Exploits that are systematic should be discussed and explored and not brushed under the table as edge cases that will never happen.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest Hemingway -
1% of the people is not necessarily the brightest and is approximately 60 million people left vulnerable. Exploits that are systematic should be discussed and explored and not brushed under the table as edge cases that will never happen.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest HemingwaySensitive information is like sex. Anyone who is not intelligent enough to take the right precautions shouldn't dabble unsupervised. Military security protocols are written with that in mind, which explains why (in the UK at least) most data leaks come from politicians and civil servants. I've been working with classified material for most of my career, and the way you handle it is not a matter of personal choice if you want to keep your job and reputation. At the end of the day there is no point in being paranoid. Take the right precautions, stay up to date and always be ready to change the way you do things in the light of new threats. That way you are very unlikely to be caught out by your own omissions or stupidity.
Anna :rose: Having a bad bug day? Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
Sensitive information is like sex. Anyone who is not intelligent enough to take the right precautions shouldn't dabble unsupervised. Military security protocols are written with that in mind, which explains why (in the UK at least) most data leaks come from politicians and civil servants. I've been working with classified material for most of my career, and the way you handle it is not a matter of personal choice if you want to keep your job and reputation. At the end of the day there is no point in being paranoid. Take the right precautions, stay up to date and always be ready to change the way you do things in the light of new threats. That way you are very unlikely to be caught out by your own omissions or stupidity.
Anna :rose: Having a bad bug day? Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
Sometimes I don't know why I bother.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest Hemingway -
Talk about a flawed system. It works great in the scenario of laptop being stolen and protecting data but not much to protect a system from intentional data theft. Imagine the following scenario: China wants access to the secrets contained on your bit locker secured laptop with TPM. Attacker secretly snatches laptop and replaces with identical machine whose boot simulates TPM start-up stealing pin, start-up key and optionally keys on TPM. The original machine is now compromised. Blah.
Need a C# Consultant? I'm available.
Happiness in intelligent people is the rarest thing I know. -- Ernest HemingwayDon't give them any ideas! As if they didn't think about it already. I don't know much about it, but when I googled it, I found nothing about destroying data. For instance, if you enter the wrong pin in 5 times, the chip self destructs (I retain patent rights if someone follows through ;) ). What I don't get is why go to a cert based system where you prompt for a pin. You know the pin is numeric only and much easier to brute force than a username and strong alphanumeric character based password with biometric. Just my two cents.
-
I see a flaw, unless you are in the habit of carrying around pristine factory fresh laptops. I'd love to see them put together an "identical machine" to my laptop. The patterns of wear are pretty unmistakeable (e.g. the springs on the monitor clips have gone, along with some of the labels - others are faded). Worse, I've a habit of putting stickers on the thing, and I doubt they'd bother to do that... Paranoia can only take you so far, after all. :-\
Anna :rose: Having a bad bug day? Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
Anna-Jayne Metcalfe wrote:
Worse, I've a habit of putting stickers on the thing, and I doubt they'd bother to do that
Wait wait wait... my mom putting all those cute lady bug stickers EVERYWHERE isn't just a mommy thing, but paranoia! :omg:
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP
blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighist -
Anna-Jayne Metcalfe wrote:
Worse, I've a habit of putting stickers on the thing, and I doubt they'd bother to do that
Wait wait wait... my mom putting all those cute lady bug stickers EVERYWHERE isn't just a mommy thing, but paranoia! :omg:
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP
blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighistSomething like that. Plus, it's rather cute. :-O
Anna :rose: Having a bad bug day? Anna's Place | Tears and Laughter "If mushy peas are the food of the devil, the stotty cake is the frisbee of God"
-
Don't give them any ideas! As if they didn't think about it already. I don't know much about it, but when I googled it, I found nothing about destroying data. For instance, if you enter the wrong pin in 5 times, the chip self destructs (I retain patent rights if someone follows through ;) ). What I don't get is why go to a cert based system where you prompt for a pin. You know the pin is numeric only and much easier to brute force than a username and strong alphanumeric character based password with biometric. Just my two cents.
I use an in-house app called AESPad for all of my sensitive documents - a clone of WordPad with automatic 256-bit AES encryption. Keys are stored on a hardware token that's on me nearly 24/7, and as a second authentication factor, the key is hashed with a password before use. Cracking a system like that is pretty much impossible if you steal the laptop, because I'm not around to give you the password at that point. The only realistic options are: * get a spyware app onto the laptop to steal the key from RAM after I've unlocked the hardware device, or * steal the hardware token and somehow figure out the password. I'm experimenting with ways to make the first option impractical by performing on-chip crypto rather than doing it on the CPU.